Ryan Naraine

Anti-virus powerhouse Symantec has released patches for three “moderately critical” security vulnerabilities that could put users at risk of security bypass and information exposure attacks. In an alert posted online, the vendor, based in Cupertino, Calif., urged users to upgrade to Symantec Scan Engine 5.1 to protect against the threat of improper authentication for Web-based […]

Barely two weeks after shipping an Internet Explorer security makeover to cover a wave of drive-by malware downloads, Microsoft is scrambling to address the public disclosure of a new zero-day vulnerability that could be used in code execution attacks. The Redmond, Wash. software maker confirmed it was investigating a warning posted on the Full-disclosure mailing […]

Two patches released in Microsofts April batch of security updates are causing system hangs, Windows crashes and the appearance of strange dialog boxes. The problems stem from a nonsecurity modification to Internet Explorer and a critical fix for a code execution hole in Windows Explorer. The changes affect third-party programs from Google and Siebel Systems, […]

Microsoft has fessed up to hiding details on software vulnerabilities discovered internally, insisting that full disclosure of every security-related product change only aids attackers. The admission follows criticisms from a security researcher that the policy of silently fixing software flaws is “misleading” and not in the spirit of Microsofts push for transparency. Mike Reavey, operations […]

A startup funded by the U.S. governments Defense Advanced Research Projects Agency is ready to emerge from stealth mode with hardware and software-based technologies to fight the rapid spread of malicious rootkits. Komoku, of College Park, Md., plans to ship in the summer a beta of Gamma, a new rootkit detection tool that builds on […]

A startup funded by the U.S. governments Defense Advanced Research Projects Agency is ready to emerge from stealth mode with hardware and software-based technologies to fight the rapid spread of malicious rootkits. Komoku, of College Park, Md., plans to ship in the summer a beta of Gamma, a new rootkit detection tool that builds on […]

For some Windows users, there will be two Patch Tuesdays in April. The Redmond, Wash. software maker plans to rerelease the problematic MS06-015 update on April 25 to correct an issue that has caused system hangs, Windows crashes and the appearance of strange dialog boxes after the original patch was installed. “[We have] re-engineered the […]

Microsoft has fessed up to hiding details on software vulnerabilities that are discovered internally, insisting that full disclosure of every security-related product change only serves to aid attackers. The companys admission follows criticisms from a security researcher that its policy of silently fixing software flaws is “misleading” and not in the spirit of Microsofts push […]

Database server giant Oracle on April 18 shipped its scheduled quarterly critical patch update with fixes for 36 security vulnerabilities in several enterprise-facing products. The mega update includes a fix for a gaping flaw in the Oracle PL/SQL Gateway that was reported to Oracle more than six months ago and was the subject of a […]

Two patches released in Microsofts April batch of security updates are causing system hangs, Windows crashes and the appearance of strange dialog boxes. The problems stem from a nonsecurity modification to Internet Explorer and a critical fix for a code execution hole in Windows Explorer and affect third-party programs from Google, Siebel and Microsofts own […]