Ryan Naraine

Faced with arguably its biggest security crisis since the 2003 network worm attacks, Microsoft is throwing its support behind a high-level powwow to discuss the escalating threat from zombie botnets and zero-day malware attacks. The software maker is rolling out the red carpet for the worlds top security research professionals attending a closed-doors workshop at […]

Microsoft has re-released an update issued in its January 2007 patch batch to correct a glitch in the way Excel 2000 processes information. The company announced that the “targeted re-release” was necessary to correct the bug, which occurs in the way Excel 2000 processes the phonetic information embedded in files created using Excel in the […]

Oracle has released its first critical patch update for 2007, with fixes for a total of 51 security vulnerabilities in a wide range of enterprise products. The Redwood City, Calif., database server giants patch batch covers serious holes in Oracle Database, Oracle Application Server, Oracle Collaboration Suite, Oracle E-Business Suite and Applications, Oracle Enterprise Manager […]

VeriSigns iDefense Labs has placed an $8,000 bounty on remote code execution holes in Microsofts Windows Vista and Internet Explorer 7. The Reston, Va., security intelligence outfit offered the monetary reward to hackers Jan. 10 as part of a challenge program aimed at luring researchers to its controversial pay-for-flaw Vulnerability Contributor Program. The launch of […]

Borrowing a page directly from Microsofts playbook, Oracle has implemented an advance notice mechanism for its quarterly release of security patches. Beginning with the first CPU (Critical Patch Update) for 2007, due on Jan. 16, the database server giant is implementing a CPU Pre-Release Announcement that includes the name of version numbers of Oracle products […]

A fully working exploit for a high-risk vulnerability fixed by Microsoft two days ago has been put into limited release, prompting new “patch now” warnings from computer security experts. The exploit, which allows PC takeover attacks on Windows XP SP2, has been published to Immunitys partners program, which offers up-to-the minute information on new vulnerabilities […]

VeriSigns iDefense Labs has placed an $8,000 bounty on remote code execution holes in Windows Vista and Internet Explorer 7. The Reston, Va., security intelligence outfit threw out the monetary reward to hackers as part of a challenge program aimed at luring researchers to its controversial pay-for-flaw VCP (Vulnerability Contributor Program). The launch of the […]

A security advisory for a “critical” Microsoft Excel vulnerability has been posted on Fortinet’s Web site, but the absence of adequate documentation puts the issue under a cloud of mystery.

Microsoft has released high-priority fixes for serious vulnerabilities in its Outlook and Excel applications, but there are no patches in the January batch for known Microsoft Word flaws that are currently under attack. The Redmond, Wash., software maker released four bulletins with patches for a total of 10 vulnerabilities, most rated “critical,” but there is […]

A pair of renegade hackers has launched a project aimed at embarrassing Apple Computer into fixing software vulnerabilities in a timelier manner, prompting new calls for the company to hire a security czar to head off a growing crisis. The MOAB (Month of Apple Bugs) project was launched Jan. 1 with technical details and attack […]