Items tagged with Patch

Stretch those network pipes, because on Tuesday, a big workout is coming. That's when Microsoft's monthly "Patch Tuesday" hits, and this is one particular roll-out where the word "mammoth" definitely fits. In total, there are 57 flaws to be patched, 12 of which are either considered to be "Critical" or "Important". On account of some of the fixes, Internet Explorer users should be on high-alert and waste no time in updating, because a bulk of these important fixes are directly related to five versions of the browser, ranging from 6 - 10. The bugs are related to remote code execution, which means simply running the browser or visiting a page that has code designed to trigger them could result... Read more...
Software vulnerabilities are common, but it’s not every day that the Computer Readiness Team (CERT) at the U.S. Department of Homeland Security steps in and starts warning the public. Not surprisingly, Oracle jumped on the security hole and released an update (Java Update 7u11) that resolves the problem. If you’re running Java (even the Java plug-in in your browser), update now.   That said, not everyone is convinced that Java users are completely in the clear after updating to the latest version. Experts agree that the updated version of Java now blocks the zero day exploit (in part by making you click a button to run Java technology present on most websites). But... Read more...
Diablo III's launch and first few weeks were a complete disappointment. Even once these problems were ironed out, a number of players complained about major balance problems at the Inferno difficulty level and the static, boring nature of the item hunt once you hit level 60. Blizzard previously acknowledged that the game, as it currently exists, wasn't living up to player expectations. Now the company has gone a step further and begun discussing what it plans to offer to rejuvenate gameplay and make the game more fun. Updated Features, Fresh Design Diablo III's attempt to balance MMO features with its classic gameplay created mixed expectations that the game has had trouble satisfying. The game... Read more...
We don't know if Electronics Arts' upcoming update for Battlefield 3 qualifies as the mother of all game patches, but it's certainly in contention for the update crown. EA said the update, which will roll out on June 4-5, is "a big one," an understatement of epic proportion, considering the multitude of tweaks, changes, enhancements, and fixes included within. "The next Battlefield 3 update goes live June 4-5 on all formats. As usual, the period between the last update and this upcoming one has been spent listening to our community, tweaking parameters, balancing performance, and eliminating issues that we have found with your help," EA announced in a blog post. "In short, the June update will... Read more...
Microsoft came ever-so-close to ending the year without a single unscheduled patch outside of its monthly Patch Tuesday routine, but in the end, three "Critical" vulnerabilities found in its .NET Framework prompted the Redmond software giant to take action immediately. Left unpatched, the flaws could allow for the elevation of privileges if an unauthenticated attacker sends a specially crafted Web request to the target site, Microsoft said. "An attacker who successfully exploited this vulnerability could take any action in the context of an existing account on the ASP.NET site, including executing arbitrary commands. In order to exploit this vulnerability, an attacker must be able to register... Read more...
It's been ~10 months since we first covered AOL's desperate plan to reinvent itself and reclaim a strong position in the online industry, but the company's efforts aren't yielding the results it promised. The company announced a major reorganization earlier this month, while recently leaked documents indicate just how bad the situation has become. Much of the company's financial woes are attributable to Patch. Patch is AOL's attempt to create web communities and advertising focused on specific real-world towns and communities. In theory, users in such areas are hungry for online sources that cover their own local news and events. In practice, things don't seem to be working out that way. That... Read more...
If you have the misfortune of living in an area where dial-up is still the only option, you have our condolences. Not just because dial-up sucks, but also because you're not going to doing much of anything online next Tuesday other than downloading security updates. Microsoft is putting together its biggest patch ever, a record 16 security updates to address 49 vulnerabilities in Windows, Internet Explorer, Office, and Sharepoint. Out of the 16 updates, Microsoft has labeled 4 of them as "Critical," 10 of them "Important," and 2 of them "Moderate." Most of the updates address threats related to Remote Code Execution, and several of them require a restart. "I have a theory about the large October... Read more...
It seems, sometimes, that a new phishing scam crops up every day, no matter how much security is improved.That's not just your imagination.IBM today released its annual IBM X-Force 2009 Trend and Risk Report, which showed threats that include phishing and document format vulnerabilities, among others, are on the rise.The areas are of most concern, the report showed:Malicious Web links, which result in malware or viruses being downloaded onto the clicker's computerPhishing scams, where messages from a seemingly legit organization or company fool users into turning over sensitive informationVulnerabilities in document readers and editors, particularly in PDFsIn 2009, the report showed, more than... Read more...
Research In Motion, the maker of the popular BlackBerry line of handheld devices, has issued a security patch for the popular handhelds, warning they are vulnerable to attacks by hackers. According to security experts, if this latest patch is not applied, there is a risk hackers could exploit the vulnerability and take over a company’s server. To date, no hacker has exploited the vulnerability. As RIM put it, “Multiple security vulnerabilities exist in the PDF distiller of some released versions of the BlackBerry Attachment Service.” This vulnerability could cause memory corruption and could also possibly lead to arbitrary code execution on the computer that hosts the BlackBerry Attachment Service.... Read more...
As we mentioned last week, Microsoft confirmed an unpatched bug in Internet Explorer that hackers are exploiting. Now, the company is issuing an emergency security patch for all versions of Internet Explorer. In an advance notification of the patch, Microsoft describes it as protection against a "remote code execution" vulnerability. Microsoft posted a security advisory last Wednesday and offered a few mitigations and workarounds for protection. This flaw makes it possible for attackers to steal personal data such as passwords if a user visits a compromised website. On Saturday, Microsoft warned that 1 in 500 Internet Explorer users worldwide may have been exposed to malware hosted at both legitimate... Read more...
As many T-Mobile G1 users are waiting for the RC29 update that started rolling out a few days ago to hit their phones, Google is already in the process of releasing another update.Generally speaking, people welcome updates with open arms, hoping that the update will improve their phone’s functionality. This update has a few people upset, however. You see, last week, a tinkerer realized that it was possible to “jailbreak” the phone and gain root access by using telnetd. This jailbreak gives you full admin abilities, right down to the core of the handset’s file system. This access allows for both good and bad modifications. Given that root access lets you do stuff you probably shouldn’t without... Read more...
The security vulnerabilities already discovered in Chrome appear to have been patched by Google. Of course, Google (much like Apple) hasn't provided any release notes, so discovering what's been fixed isn't that easy. Google said, in a group post: We're planning to do release notes. 149.29 is a security update and we released it as fast as we could. We would've liked more time to prepare things, but some of the vulnerabilities were made public without giving us a chance to respond, update, and protect our users first. Thanks for being patient as we work out the kinks in all of our processes, Mark Larson Program Manager for Google Chrome It seems that the "carpet bombing" flaw created by using... Read more...
Apple patched QuickTime not once, but an amazing eleven times on Wednesday. Some of the patches were to improve stability and compatibility, but there were also some exploits which were found and patched.“It's at least the sixth time Apple has patched QuickTime since October, as researchers and hackers have been closely examining media players for vulnerabilities. As operating systems have become more secure, vulnerabilities in applications have become a favored route to break into a PC.”Apple is notoriously coy with information regarding the specific exploits, but the running rumor is that most of the exploits patched were actually found by Apple themselves.... Read more...
With the recent sub-2 minute hack of the Air via a Safari exploit, a running string of iPhone hacks, and numerous people finding ways to put OS X on PCs they built themselves, you'd think Apple would have learned not to make security claims.  Of course, if you thought that you don't know a whole lot about Steve Jobs, who has been using every chance he's gotten to tout the new iPhone 2.0's unhackability.Where there's a will, there's a way.Not even 24 hours after the release of the latest update for the iPhone firmware 1.2.0 (or 2.0, as The Steve calls it,) they sent us this picture showing that they have pwned it again, getting it to work completely unlocked, and run all applications. As... Read more...
Prev 1 2 3 4 Next