Ryan Naraine

America Online Inc. late Wednesday shipped a new version of its Netscape browser to correct multiple critical code execution vulnerabilities inherited from the Firefox code base. In a brief advisory, AOL said the Netscape v8.0.4 upgrade includes all Firefox security patches through 1.0.7. In all, nine vulnerabilities are patched, including a critical heap overrun in […]

For the second time in as many weeks, the MSRC has revised one of its “critical” security bulletins after some users complained of problems figuring out which patch to apply. It appears that Windows 2000 users running Microsoft DirectX 8.0 or DirectX 9.0 had problems sorting through the bulletin to find the appropriate patches. In […]

Microsoft Corp. has quietly backported one of the security improvements slated for the new Internet Explorer 7 browser into IE 6.0, but the giveaway comes with a small catch. The Microsoft Phishing Filter, which is being embedded into IE 7, will now be available in IE 6 but only via an add-on to the MSN […]

Just call it SplogSpot. Google Inc.s free BlogSpot service has become a happy hunting ground for spammers cashing in on the easy integration of AdSense advertisements into the “push-button” publishing tool. Over the past few days, the situation has spiraled out of control, prompting outrage from bloggers and third-party blog search providers and an acknowledgement […]

The list of unpatched security vulnerabilities in products embedded in the Microsoft Windows operating system just got longer. Researchers at eEye Digital Security have flagged another high-severity flaw affecting users of two widely used Microsoft Corp. products—the Internet Explorer browser and the Windows Media Player application. The company released an advisory with basic details of […]

Microsoft has confirmed plans to bundle anti-spyware protection into Windows Vista, a move that is sure to raise eyebrows among competitors and possibly antitrust regulators. The Windows AntiSpyware product, which currently ships to consumers as a free standalone application, will be integrated into Vista, as is indicated in the newest beta build of Vista distributed […]

Microsoft Corp.s patch for a worm-vulnerable security flaw in the Windows 2000 operating system is causing problems for some users. The software giant late Friday confirmed several “isolated deployment issues” with the MS05-051 update, but insisted that the problems should not stop anyone from applying the critical patch. Word of problems with the patch comes […]

Network computing giant Sun Microsystems Inc. has released patches for an information disclosure security flaw in certain releases of the Sun Java System Application Server. In an advisory posted online, Sun warned that the vulnerability may allow a remote unprivileged user the ability to view the source code of Java Server pages. Security alerts aggregator […]

Fears of a network worm attack targeting unpatched Windows 2000 systems heightened on Thursday with news that private security researchers have already reverse-engineered Microsofts critical MS05-051 update to create proof-of-concept exploits. The MS05-051 bulletin, which shipped as part of Microsoft Corp.s October batch of patches, includes fixes for four different Windows flaws, one of which […]

Microsoft Corp.s October batch of security patches comes with a terse warning for Windows 2000 users: Pay special attention to MS05-051, a critical bulletin that covers a worm hole in the operating system. The bulletin, which addresses four different Windows vulnerabilities, creates a “remote, unauthenticated attack vector” on Windows 2000 systems, triggering fears that a […]