Ryan Naraine

Officials at the Mozilla Foundation on Friday acknowledged that a potentially dangerous code execution hole exists in fully patched versions of its flagship Firefox Web browser. The open-source foundations confirmation comes on the same day it shipped Firefox 1.5 Beta 1 (code-named Deer Park) and highlights the delicate balancing act faced by Mozilla to market […]

Internet security software vendor Symantec Corp. has shipped a patch for a pair of security flaws affecting users of its enterprise-facing Brightmail AntiSpam product. According to a security advisory from Symantec, the vulnerabilities can be exploited by malicious hackers to launch denial-of-service attacks. The company warned users of the Symantec Brightmail AntiSpam 6.x to upgrade […]

Microsoft on Thursday announced plans to ship one security bulletin on Tuesday, Sept. 13, to provide patches for a “critical” flaw in its Windows operating system. As part of its advance notice mechanism, the Redmond, Wash.-based software giant said the security update will require a restart and can be detected with the MBSA (Microsoft Baseline […]

Two men in Turkey and Morocco have been arrested in connection with the creation and distribution of the malicious code that triggered the Zotob worm attacks. The duo—Moroccan 18-year-old Farid Essebar and Turkish 21-year-old Atilla Ekici—will be charged and prosecuted in their respective homelands for their alleged roles in launching the worm that hammered Microsoft […]

When Microsoft Corp. shipped the MS05-039 bulletin on Aug. 9 to patch a “critical” flaw in the Windows Plug and Play service, there was general feeling of trepidation within the Microsoft Security Response Center. Software engineers at the Redmond, Wash., company smelled trouble right off the bat. It had been more than a year since […]

The names roll of the tongue like characters in an episode of “American Gladiators.” Klez. Blaster. Slammer. Sasser. Zotob. Computer viruses and worms, all targeting users of Microsoft Corp.s Windows operating system. The first sign of computer worm activity dates back to 1982, when a program called Elk Cloner squirmed through Apple II systems. The […]

Microsoft late Tuesday warned that the Zotob worm could start squirming through certain configurations of Windows XP SP1 (Service Pack 1). The worm, which squirms through a flaw in the Windows PnP (Plug and Play) service, has wreaked havoc on unpatched Windows 2000 machines, but new information suggests some Windows XP users could also be […]

The open-source OpenVPN project has pushed out a “moderately critical” update to correct four security flaws that could cause remote denial-of-service attacks. OpenVPN, the free package available on the Linux, xBSD, Mac OS X and Windows operating systems, has been upgraded to version 2.0.1 to plug the security vulnerabilities. According to an advisory posted online, […]

Security flaws in CAs Message Queuing software could put users at risk of denial-of-service and system access attacks, the company warned in an advisory. The Islandia, N.Y.-based software vendor flagged the vulnerabilities in all versions of the CAM (CA Message Queuing) software prior to v1.07 Build 220_13 and v1.11 Build 29_13 on multiple platforms. In […]

The SANS Internet Storm Center has released a “killbit” package as a temporary workaround to help Internet Explorer users thwart malicious hacker attacks. The utility, available here, sets the “killbit” for Msddds.dll (Microsoft DDS Library Shape Control), the COM object that can cause browser crashes—and remote code execution—via specially crafted Web pages. The tool was […]