Navigation section

web security

  1. News

    MS14-007 - Critical : Vulnerability in Direct2D Could Allow Remote Code Execution (2912390) -...

    Severity Rating: Critical Revision Note: V1.0 (February 11, 2014): Bulletin published. Summary: This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user views a specially crafted webpage using Internet...
    • News
    • Thread
    • attack bug fix critical cybersecurity email internet explorer malware microsoft patch remote code execution revision risk security software update threat update vulnerability web security webpage windows
    • Replies: 0
    • Forum: Security Alerts
  2. News

    MS11-007 - Critical : Vulnerability in the OpenType Compact Font Format (CFF) Driver Could...

    Severity Rating: Critical Revision Note: V2.1 (July 9, 2013): Bulletin revised to announce a detection change that excludes Windows 7 language packs from the 2485376 update for Windows XP Professional x64 Edition Service Pack 2. This is a detection change only. Customers who have already...
    • News
    • Thread
    • attack cff driver code execution critical detection e-mail execution font instant messenger ms11-007 opentype patch remote security update user action vulnerability web security windows 7 windows xp
    • Replies: 0
    • Forum: Security Alerts
  3. News

    Administrative Templates for Windows Internet Explorer 10

    This page provides the Group Policy Administrative Template files for Windows Internet Explorer 10. Source: Link Removed
    • News
    • Thread
    • administrative browser settings configuration group policy ie 10 internet explorer policy files templates web security windows
    • Replies: 0
    • Forum: Live RSS Feeds
  4. News

    TA13-024A: Content Management Systems Security and Associated Risks

    Original release date: January 24, 2013 | Last revised: February 06, 2013 Systems Affected Web-based Content Management Systems, specifically Joomla! installations. Overview This Alert was developed as a collaborative effort between Public Safety Canada and the U.S. Link...
    • News
    • Thread
    • automated attacks best practices content management critical infrastructure cyber security ddos attacks installation joomla nist open source owasp password policy patching security monitoring server security ssl certificates user accounts user permissions vulnerabilities web security
    • Replies: 0
    • Forum: Security Alerts
  5. News

    MS11-009 - Important : Vulnerability in JScript and VBScript Scripting Engines Could Allow Informati

    Severity Rating: Important Revision Note: V2.1 (August 14, 2012): Clarified that users with Internet Explorer 9 installed on their systems do not need to install this update. See the section, Frequently Asked Questions (FAQ) Related to This Security Update, for more information...
    • News
    • Thread
    • information disclosure internet explorer jscript patch privacy security update vbscript vulnerability web security
    • Replies: 0
    • Forum: Security Alerts
  6. News

    MS10-082: Vulnerability in Windows Media Player could allow remote code execution

    Resolves a vulnerability in Windows Media Player that could allow remote code execution if Windows Media Player opened specially crafted media content hosted on a malicious Web site. More...
    • News
    • Thread
    • exploit malware media player patch remote code execution security update vulnerability web security windows
    • Replies: 0
    • Forum: Knowledge Base (KB)
  7. whoosh

    VIDEO Web security expert: change your LinkedIn password immediately

    :(
    • whoosh
    • Thread
    • change password expert linkedin password web security
    • Replies: 1
    • Forum: Windows Security
  8. A

    Windows 7 Microsoft Kills Hotmail Hijack Threat

    It took Redmond 1 day to kill a threat that allowed users with a Firefox add-on (Tamper Data) to remotely reset the password of a Hotmail account and allowing them to access the outgoing HTTP request, then modify the data. Microsoft was notified April 20, 2012, applied the fix April 21...
    • Adamsappleone
    • Thread
    • cybersecurity data modification exploitation firefox fix hacking hotmail microsoft password protection remote access security tamper data threat token protection unauthorized access update vulnerability web security
    • Replies: 1
    • Forum: Windows Security
  9. News

    Windows 8 Windows 8 aims to take pain out of managing passwords

    The upcoming new OS will offer users the ability to store and retrieve their Web site and application passwords through Internet Explorer 10. Link Removed
    • News
    • Thread
    • internet explorer password management user experience web security windows 8
    • Replies: 0
    • Forum: Live RSS Feeds
  10. News

    MS11-079 - Important : Vulnerabilities in Microsoft Forefront Unified Access Gateway Could Cause Rem

    Severity Rating: Important Revision Note: V1.0 (October 11, 2011): Bulletin published. Summary: This security update resolves five privately reported vulnerabilities in Forefront Unified Access Gateway (UAG). The most severe of these vulnerabilities could allow remote code...
    • News
    • Thread
    • email attack forefront important microsoft privacy remote code execution security update unified access gateway vulnerability web security
    • Replies: 0
    • Forum: Security Alerts
  11. News

    MS11-037 - Important : Vulnerability in MHTML Could Allow Information Disclosure (2544893) - Version

    Severity Rating: Important Revision Note: V1.0 (June 14, 2011): Bulletin published. Summary: This security update resolves a publicly disclosed vulnerability in the MHTML protocol handler in Microsoft Windows. The vulnerability could allow information disclosure if a user...
    • News
    • Thread
    • information disclosure mhtml microsoft ms11-037 publicly disclosed security update severity rating vulnerability web security windows
    • Replies: 0
    • Forum: Security Alerts
  12. News

    MS11-052 - Critical : Vulnerability in Vector Markup Language Could Allow Remote Code Execution (254

    Severity Rating: Critical Revision Note: V1.1 (July 12, 2011): Announced a change to detection logic and corrected bulletin replacement information for some affected configurations. There were no changes to the security update files. See the Update FAQ for details. Summary...
    • News
    • Thread
    • critical update internet explorer ms11-052 patch remote code execution security update user rights vector markup language vulnerability web security
    • Replies: 0
    • Forum: Security Alerts
  13. Jimbo22

    Windows 7 All Major Browsers Crashed Simultaneously: Seeking Similar Experiences or Solutions

    This morning all my browsers have crashed, IE 9, FF and Chrome on my desktop. When it happened to IE, I thought it was a bug of some kind then checked w/FF and Chrome and they all went done. After restarting each browser they all work fine. I'm in the process of cleaning my system as we speak...
    • Jimbo22
    • Thread
    • browsers bug chrome crash desktop firefox internet explorer system clean user experience web security
    • Replies: 2
    • Forum: Windows Help and Support
  14. JMH

    Windows 7 Mozilla Releases BrowserID Web Authentication System

    Mozilla Releases BrowserID Web Authentication System | threatpost
    • JMH
    • Thread
    • authentication browserid email protocol internet explorer javascript mozilla privacy user experience web security
    • Replies: 0
    • Forum: Windows Security
  15. News

    MS11-038 - Critical: Vulnerability in OLE Automation Could Allow Remote Code Execution (2476490) - V

    Severity Rating: Critical - Revision Note: V1.0 (June 14, 2011): Bulletin published.Summary: This security update resolves a privately reported vulnerability in Microsoft Windows Object Linking and Embedding (OLE) Automation. The vulnerability could allow remote code execution if a user visits a...
    • News
    • Thread
    • attack critical microsoft ole automation remote code execution security update vulnerability web security windows metafile
    • Replies: 0
    • Forum: Security Alerts
  16. News

    MS11-037 - Important: Vulnerability in MHTML Could Allow Information Disclosure (2544893) - Version:

    Severity Rating: Important - Revision Note: V1.0 (June 14, 2011): Bulletin published.Summary: This security update resolves a publicly disclosed vulnerability in the MHTML protocol handler in Microsoft Windows. The vulnerability could allow information disclosure if a user opens a specially...
    • News
    • Thread
    • cybersecurity important information disclosure mhtml microsoft ms11-037 protocol security update vulnerability web security windows
    • Replies: 0
    • Forum: Security Alerts
  17. News

    MS11-038 - Critical: Vulnerability in OLE Automation Could Allow Remote Code Execution (2476490)

    Bulletin Severity Rating:Critical - This security update resolves a privately reported vulnerability in Microsoft Windows Object Linking and Embedding (OLE) Automation. The vulnerability could allow remote code execution if a user visits a Web site containing a specially crafted Windows Metafile...
    • News
    • Thread
    • critical execution metafile ms11-038 ole automation remote code security update vulnerability web security windows
    • Replies: 0
    • Forum: Security Alerts
  18. reghakr

    More Sony hack attacks; LulzSec goes after FBI affiliated site

    While Sony may have gotten its Playstation Network back online this week, other divisions of the Japanese business are still feeling hack attacks. The web site Naked Security reports that a hacker found his way into a data base at Sony Europe and took out "120 usernames, passwords (plain text)...
    • reghakr
    • Thread
    • atlanta cyber attacks cybersecurity data breach email addresses fbi forensic analysis hack hacking infragard lulzsec mobile numbers passwords personal info playstation privacy sony sql injection usernames web security
    • Replies: 1
    • Forum: The Water Cooler
  19. reghakr

    Session Hijacking

    In computer science, session hijacking is the exploitation of a valid computer session (commonly known as a "session key") used to gain unauthorized access to information or services in a computer system. For example, when a user logs in to a web site, the user's PC is tagged with a session...
    • reghakr
    • Thread
    • access control browser cookie computer security cookie theft cookiejacking cybersecurity data protection encryption information security intermediary attack internet threats magic cookie secure connection session hijacking session key tcp hijacking unauthorized access user authentication web development web security
    • Replies: 2
    • Forum: The Water Cooler
  20. reghakr

    Microsoft latest security risk: "Cookiejacking

    BOSTON (Reuters) – A computer security researcher has found a flaw in Microsoft Corp's widely used Internet Explorer browser that he said could let hackers steal credentials to access FaceBook, Twitter and other websites. He calls the technique "cookiejacking." "Any website. Any cookie...
    • reghakr
    • Thread
    • browser flaw cookiejacking credentials cybersecurity data theft explorer hacking internet explorer malware microsoft online safety privacy researcher security social engineering tech news user interaction vulnerability web security windows
    • Replies: 2
    • Forum: The Water Cooler
Back
Top