Ryan Naraine

Network security vendor Symantec has released a patch to fix a security flaw in its enterprise-facing Brightmail AntiSpam software. In a published advisory, Symantec Corp. warned that the flaw can be exploited by malicious hackers to bypass security restrictions. Affected software includes Symantec Brightmail AntiSpam 4.x through 6.x. Security alerts aggregator Secunia rates the bug […]

Microsofts Dr. Watson error-reporting tool will undergo a significant makeover in Longhorn, but changes in the way program crash data is collected and transmitted have raised eyebrows among privacy rights advocates. The Dr. Watson program error debugger, aka Windows error reporting, will be revamped to collect more than just the dump of the memory image […]

Network security powerhouse Cisco has rolled out a new enterprise-focused threat advisory service with full support for CVSS, aka the Common Vulnerability Scoring System, the fledgling industry attempt to standardize the way security flaws are rated. Cisco Systems Inc.s MySDN (My Self-Defending Network) marks the first public appearance of CVSS in a flaw-warning service. The […]

E-mail list management vendor L-Soft on Thursday released a new version of its popular LISTSERV software to fix a range of “highly critical” security vulnerabilities. In a security advisory, L-Soft International Inc. said the hole was discovered and patched in the LISTSERV Web interface. Affected products include LISTSERV Maestro, LISTSERV HPO, LISTSERV Lite and the […]

America Online on Thursday confirmed that a bug in its new Netscape 8 Web browser was breaking certain XML configurations in Microsofts IE. The issue first surfaced on Microsoft Corp.s Internet Explorer Weblog, where chief IE developer Dave Massy recommended that users completely uninstall Netscape as a possible workaround. AOL spokesman Andrew Weinstein insists the […]

The confusion over Wi-Fi security certification and interoperability has moved into a new gear, with Microsoft shipping a Windows XP update that is not fully compliant with the latest wireless security specification. Microsoft Corp.s update, released earlier this month, promised support for WPA2, aka Wi-Fi Protected Access 2, the newest wireless security specification approved by […]

David LeBlanc, Security Architect in Microsofts Office division, is leaving Redmond to join enterprise anti-spyware specialist Webroot, the company announced on Wednesday. LeBlanc, who was charged with improving the security of some of the most widely deployed software products at Microsoft Corp., will become Chief Software Architect at Boulder, Colo.-based Webroot Software Inc. During his […]

Microsoft has applied an update to its Xbox360.com Web site to address a cross-site scripting vulnerability that could have been exploited by phishers to snag sensitive personal information from online gamers. The flaw was discovered by San Jose, Calif.-based IT security services firm Finjan Software Ltd. and fixed within 12 hours. Finjan did not publicly […]

A high-risk buffer overflow vulnerability in Computer Associates International Inc.s eTrust Vet anti-virus engine could put users at risk of PC takeover attacks, the company warned in an advisory. The Islandia, N.Y., software giant issued an alert for the flaw late Monday with a chilling warning that a successful attacker using a specially crafted Microsoft […]

America Online on Tuesday confirmed the inadvertent suspension of an undisclosed number of Trojan-infected AIM screen names. The company said its internal anti-SPIM (spam over IM) mechanism flagged the infected screen names for terms-of-service abuse and led to the account cancellations. The suspension is directly related to the virulent “Oscarbot” Trojan Horse that targets AOLs […]