browser security

In the ever-evolving world of cybersecurity, timely updates and awareness of vulnerabilities are crucial for protecting both individual and organizational assets. Recently, a notable security concern emerged within the Chromium web engine, specifically linked to an issue identified as...

On July 25, 2024, a significant security vulnerability designated as CVE-2024-6995 was publicized regarding an inappropriate implementation of fullscreen functionality within the Chromium codebase. This vulnerability not only affects Google Chrome but also has implications for Microsoft Edge...

In the ever-evolving landscape of cybersecurity, vulnerabilities can pose significant risks to users and organizations alike. One such vulnerability, designated as CVE-2024-6997, has recently come to light, garnering attention due to its implications for Chromium-based browsers, such as...

Overview of CVE-2024-6988 On July 25, 2024, a significant security vulnerability was identified in Chromium, specifically labeled as CVE-2024-6988. This issue involves a "use after free" condition that affects the handling of downloads within the Chromium source code. The potential ramifications...

Overview On August 8, 2024, Microsoft announced a critical security vulnerability designated as CVE-2024-7534, which is associated with a heap buffer overflow in the Chromium-based layout engine. This significant vulnerability has been recognized and addressed within the Chromium project, which...

On August 22, 2024, a critical vulnerability identified as CVE-2024-7975 was reported and subsequently assigned by the Chrome team. This security flaw falls under the category of inappropriate implementation in permissions, and it has ramifications for numerous browsers that are based on the...

In the ever-evolving landscape of cybersecurity, vulnerabilities in widely-used software can pose significant risks to users. A recent vulnerability identified in Chromium, labelled as CVE-2024-8035, highlights the importance of regular security updates and diligent software maintenance. This...

A recently identified vulnerability, designated as CVE-2024-7981, has captured the attention of security experts due to its potential impacts on users of Microsoft Edge and other Chromium-based browsers. This article delves into the nature of this threat, its implications for Windows users, and...

On August 22, 2024, a salient security vulnerability identified as CVE-2024-7966 was assigned by Chrome, marking a pivotal moment for users of Chromium-based browsers, including Microsoft Edge. This vulnerability primarily concerns an out-of-bounds memory access issue within the Skia graphics...

For our readers in Japan and Korea, please use these links: 한국어 블로그와 FAQ는, 여기를 참조하세요. 本ブログの日本語版はこちらです。 Over the last year, you may have noticed our movement away from Internet Explorer (“IE”) support, such as an announcement of the end of IE support by Microsoft 365 online services. Today, we...

October is National Cybersecurity Awareness month (NCSAM) and it couldn’t be more timely. Vulnerability to online threats is literally top of mind for everybody. In a Link Removed, 90% of respondents (yes, you read that right) indicated that phishing attacks have impacted their organizations...

Today, Google Project Zero published details of a class of vulnerabilities which can be exploited by speculative execution side-channel attacks. These techniques can be used via JavaScript code running in the browser, which may allow attackers to gain access to memory in the attacker’s process...

We’re determined to make Microsoft Edge the safest and most secure browser. Over the past two years, we have been continuously innovating, and we’re proud of the progress we’ve made. This is reflected by Microsoft Edge having the fewest vulnerabilities of any major browser on Windows since our...

In September 2015, Microsoft announced the end-of-support for the RC4 cipher in Microsoft Edge and Internet Explorer 11 in 2016, as there is consensus across the industry that RC4 is no longer cryptographically secure. Today, we are releasing KB3151631 with the August 9, 2016 cumulative updates...

Revision Note: V1.0 (January 12, 2016): Advisory published. Summary: Microsoft is releasing a new set of ActiveX kill bits with this advisory. These ActiveX kill bits are included in the Internet Explorer cumulative update released on January 12, 2016. Continue reading...

Severity Rating: Critical Revision Note: V1.0 (November 10, 2015): Click here to enter text. Summary: This security update resolves vulnerabilities in Internet Explorer. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using...

Severity Rating: Critical Revision Note: V1.0 (July 14, 2015): Bulletin published. Summary: This security update resolves vulnerabilities in Internet Explorer. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet...

Severity Rating: Critical Revision Note: V1.0 (June 9, 2015): Bulletin published. Summary: This security update resolves vulnerabilities in Internet Explorer. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet...

In February, we Link Removed the first preview of HTTP Strict Transport Security in Internet Explorer 11 in the Windows 10 Insider Preview. The HTTP Strict Transport Security (HSTS) policy protects against variants of man-in-the-middle attacks that can strip TLS out of communications with a...

Would you help, please? every time I run AdwCleaner, v9.com is always being found. this is very persistent.. I even run Mbam, Windows Defender, MSERT.. only AdwCleaner find this. I always clean it as suggested by AdwCleaner... Below is the detail...