Ryan Naraine

Microsoft late Thursday issued an advisory with pre-patch workarounds to counter the public release of a zero-day exploit targeting users of its Internet Explorer browser. The release of the advisory comes less than 24 hours after the FrSIRT (French Security Incident Response Team) published a proof-of-concept exploit that could be used by malicious hackers to […]

Microsoft Corp. late Wednesday shipped an update to its malware removal tool to detect and delete the fast-spreading “Zotob” worm family. Microsoft typically updates the free utility once a month—on Patch Tuesday—but with at least a dozen “Zotob” variants squirming through unpatched Windows 2000 systems, the company added detections for 10 mutants to help with […]

A buffer overflow vulnerability in the widely used Adobe Acrobat and Adobe Reader programs could put millions of computer users at risk of code execution attacks. According to an advisory from Adobe Systems Inc., a malicious hacker could exploit the flaw to crash the application or launch executable code on a vulnerable system. “The identified […]

Enterprise anti-virus vendor Sophos Plc. on Tuesday rolled out a new early-warning system for businesses struggling to cope with the sharp rise in phishing attacks. With Sophos PhishAlert, the U.K.-based company is offering a service that proactively informs organizations of new phishing scams that target their customers. PhishAlert comes just one month after Sophos rolled […]

Apple has shipped a monster security patch for Mac OS X to fix 34 flaws in the operating system and bundled third-party utilities. The 17MB security update, available through Software Update and Apple Downloads, corrects a wide range of flaws in Mac OS X 10.3.9 (client and server). Security alerts aggregator Secunia Inc. rated the […]

A design error in Symantecs Veritas Backup Exec and NetBackup data storage products could put businesses at risk of system access and file download attacks, the company said in an advisory. Immediately after releasing patches to correct the vulnerability, the Cupertino, Calif.-based network security vendor warned that a public exploit had been posted to the […]

Windows 2000 users, patch now or else… Thats the blunt warning from Microsoft Corp.s security response center after “detailed exploit code” for a wormable flaw started circulating on underground security Web sites. The software maker rushed out an advisory late Thursday night to warn that unpatched Windows 2000 users are at the biggest risk of […]

Anti-spyware vendor Sunbelt plans to release a free tool to zap a sophisticated keystroke logger being used by an organized ring of identity thieves. The spyware keylogger, named Srv.SSA-KeyLogger, was being used to hijack confidential data from millions of infected computers and send the information back to a remote server controlled by an identity theft […]

Less than 24 hours after pushing out patches for three critical Internet Explorer vulnerabilities, Microsoft has re-released the bulletin to correct a glitch that blocked some users from downloading the patches. Microsoft Corp. did not say how the corrupted files ended up on the Microsoft Download Center. A brief note appended to the re-released MS05-038 […]

Microsoft late Tuesday confirmed that its “critical” Internet Explorer patches had to be pulled after a hiccup caused some of the downloads to be corrupted. The glitch was detected by users attempting to install the IE patch from the Microsoft Download center. “Shortly after we released the updates this morning we found that several of […]