web security

Severity Rating: Critical Revision Note: V1.0 (February 11, 2014): Bulletin published. Summary: This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user views a specially crafted webpage using Internet...

Severity Rating: Critical Revision Note: V2.1 (July 9, 2013): Bulletin revised to announce a detection change that excludes Windows 7 language packs from the 2485376 update for Windows XP Professional x64 Edition Service Pack 2. This is a detection change only. Customers who have already...

This page provides the Group Policy Administrative Template files for Windows Internet Explorer 10. Source: Link Removed

Original release date: January 24, 2013 | Last revised: February 06, 2013 Systems Affected Web-based Content Management Systems, specifically Joomla! installations. Overview This Alert was developed as a collaborative effort between Public Safety Canada and the U.S. Link...

Severity Rating: Important Revision Note: V2.1 (August 14, 2012): Clarified that users with Internet Explorer 9 installed on their systems do not need to install this update. See the section, Frequently Asked Questions (FAQ) Related to This Security Update, for more information...

Resolves a vulnerability in Windows Media Player that could allow remote code execution if Windows Media Player opened specially crafted media content hosted on a malicious Web site. More...

:(

It took Redmond 1 day to kill a threat that allowed users with a Firefox add-on (Tamper Data) to remotely reset the password of a Hotmail account and allowing them to access the outgoing HTTP request, then modify the data. Microsoft was notified April 20, 2012, applied the fix April 21...

The upcoming new OS will offer users the ability to store and retrieve their Web site and application passwords through Internet Explorer 10. Link Removed

Severity Rating: Important Revision Note: V1.0 (October 11, 2011): Bulletin published. Summary: This security update resolves five privately reported vulnerabilities in Forefront Unified Access Gateway (UAG). The most severe of these vulnerabilities could allow remote code...

Severity Rating: Important Revision Note: V1.0 (June 14, 2011): Bulletin published. Summary: This security update resolves a publicly disclosed vulnerability in the MHTML protocol handler in Microsoft Windows. The vulnerability could allow information disclosure if a user...

Severity Rating: Critical Revision Note: V1.1 (July 12, 2011): Announced a change to detection logic and corrected bulletin replacement information for some affected configurations. There were no changes to the security update files. See the Update FAQ for details. Summary...

This morning all my browsers have crashed, IE 9, FF and Chrome on my desktop. When it happened to IE, I thought it was a bug of some kind then checked w/FF and Chrome and they all went done. After restarting each browser they all work fine. I'm in the process of cleaning my system as we speak...

Mozilla Releases BrowserID Web Authentication System | threatpost

Severity Rating: Critical - Revision Note: V1.0 (June 14, 2011): Bulletin published.Summary: This security update resolves a privately reported vulnerability in Microsoft Windows Object Linking and Embedding (OLE) Automation. The vulnerability could allow remote code execution if a user visits a...

Severity Rating: Important - Revision Note: V1.0 (June 14, 2011): Bulletin published.Summary: This security update resolves a publicly disclosed vulnerability in the MHTML protocol handler in Microsoft Windows. The vulnerability could allow information disclosure if a user opens a specially...

Bulletin Severity Rating:Critical - This security update resolves a privately reported vulnerability in Microsoft Windows Object Linking and Embedding (OLE) Automation. The vulnerability could allow remote code execution if a user visits a Web site containing a specially crafted Windows Metafile...

While Sony may have gotten its Playstation Network back online this week, other divisions of the Japanese business are still feeling hack attacks. The web site Naked Security reports that a hacker found his way into a data base at Sony Europe and took out "120 usernames, passwords (plain text)...

In computer science, session hijacking is the exploitation of a valid computer session (commonly known as a "session key") used to gain unauthorized access to information or services in a computer system. For example, when a user logs in to a web site, the user's PC is tagged with a session...

BOSTON (Reuters) – A computer security researcher has found a flaw in Microsoft Corp's widely used Internet Explorer browser that he said could let hackers steal credentials to access FaceBook, Twitter and other websites. He calls the technique "cookiejacking." "Any website. Any cookie...