Ryan Naraine

Enterprise software giant Oracle has released a fix for an incomplete database server patch after a private security research outfit discovered that the underlying vulnerability was never addressed. Oracle Corp.s patch fix comes almost a month to the day after David Litchfield, managing director at United Kingdom-based Next Generation Security Software Ltd., brought the faulty […]

Microsoft has provided advance notice that three “critical” security bulletins will be released in this months patch batch. The bulletins will include patches for flaws in Microsoft Corp.s flagship Windows operating system and the Microsoft Office desktop productivity suite. As is customary, the software giant isnt providing any details until July 12, when the bulletins […]

More that 90 percent of Internet users in the United States have altered their online behavior significantly to counter the threat of spyware programs, according to a study released by the Pew Internet & American Life Project. The Pew report (PDF file), written by associate director Susannah Fox, highlights the increased awareness of privacy and […]

Microsofts Windows AntiSpyware application is no longer flagging adware products from Claria Corp. as a threat to PC users. Less than a week after published reports of acquisition talks between Microsoft Corp. and the Redwood City, Calif.-based distributor of the controversial Gator ad-serving software, security researchers have discovered that Microsoft has quietly downgraded its Claria […]

One week after confirming a code execution flaw in its flagship Internet Explorer browser, Microsoft has shipped a “killbit” package to disable the affected control, javaprxy.dll. The killbit, also known as a registry key update, is one of seven pre-patch workarounds in a revised security bulletin released by software engineers at the Microsoft Security Response […]

As volunteer director of the SANS Institutes Internet Storm Center, Marcus Sachs has an eagle-eyed view of Internet security, tracking cyber-threats in real time and raising awareness when malicious hackers launch attacks. Sachs also directs the Washington operations of the Cyber Security Research and Development Center, which is operated by SRI Internationals Computer Science Laboratory […]

Microsoft late Thursday confirmed a security flaw in its dominant Internet Explorer browser could be potentially exploited by malicious hackers to take “take complete control of the affected system.” The software giant released a security advisory acknowledging the vulnerability and recommended that IE users set Internet and local intranet security zone settings to “High” before […]

Less than a month after Microsoft Corp.s Windows Server Update Services enterprise patch-management platform was released to manufacturing, Microsoft has turned off downloads of the previous version. Beginning Thursday, Microsoft will no longer be offering the predecessor SUS 1.0 (Software Update Services) for download, but some IT administrators are grumbling that the software giant did […]

Microsoft Corp.s ambitious plan to bake RSS deep into the belly of Longhorn will open new attack vectors for spammers, phishers and malicious hackers, security experts say. “It is inevitable, without a doubt. When Longhorn comes out, attackers will pounce on every new thing to see if Microsoft did it correctly. You can bet RSS […]

With just two days to go before the expiration of mainstream support for Microsofts Windows 2000 operating system, the software giant has provided an update rollup with more than 50 security patches and system reliability fixes. /zimages/1/28571.gifRead more here about the clock ticking for Windows 2000 users. The update rollup, which replaces Windows 2000 SP5 […]