Ryan Naraine

Debby Fry Wilson has more than a few reasons—and sleepless nights—to remember Sasser, the last major network worm to clog Windows systems around the world. It was on her birthday, a year ago this month, when the first Sasser reports started filtering in and, for Wilson and her colleagues at the MSRC (Microsoft Security Response […]

A new variant of the Sober mass-mailing worm is being blamed for the deluge of German spam messages flooding inboxes this weekend, anti-virus experts warned on Sunday. The spam barrage arrives with politically themed messages in German and contains only links to news articles on German Web sites. Finnish anti-virus vendor F-Secure Corp. said the […]

For Microsoft, delivering high-quality security patches in a timely manner has always been a lose-lose predicament. If patches for major software vulnerabilities take too long, customers are at the mercy of zero-day threats. When patches are rushed out without proper quality assurance testing, they invariably become a system administrators worst nightmare. Earlier this week, when […]

For the second time in as many months, a private security research company has discovered high-risk vulnerabilities in two of Microsofts most widely used software programs. Security consultants at eEye Digital Security privately reported the newly discovered flaws to the software giant on May 5 and warned that users of the dominant Internet Explorer browser […]

Moving to keep pace in the red-hot software market for detecting and removing spyware, anti-virus vendor Trend Micro on Tuesday announced plans to shell out $15 million to acquire desktop-security startup InterMute. The deal allows Cupertino, Calif.-based Trend Micro Inc. to target the consumer and SMB (small and midsized business) markets with InterMute Inc.s SpySubtract […]

Microsoft shipped its 24th security bulletin for 2005 on Tuesday with a fix for a well-known—and potentially dangerous—flaw in the Windows 2000 operating system. The patch arrives three weeks after the public release of a proof-of-concept exploit by Israels GreyMagic Software and carries a maximum severity rating of “important.” According to Microsoft Corp.s MS05-024 bulletin, […]

An easy-to-exploit vulnerability in certain configurations of a widely used VPN protocol suite could allow malicious hackers to intercept network communications believed to be secure, according to a warning from a British security research outfit. A high-risk alert from the U.K.-based NISCC (National Infrastructure Security Co-ordination Centre) pinpointed the flaw in IP Security, the set […]

For the fourth time in three months, major security flaws in the upstart Firefox Web browser have pushed volunteers at the Mozilla Foundation into damage-control mode. The open-source group late Sunday rushed out a partial fix for a pair of “extremely critical” Firefox vulnerabilities after zero-day exploit code leaked onto the Internet and promised a […]

An undisclosed “DNS-related issue” late Saturday knocked several Google services offline, prompting widespread speculation that the Web search giant fell victim to the recent wave of DNS cache-poisoning attacks. The outage lasted for several hours and affected the Google.com home page, Gmail, Google News, Froogle, Google Images, Google Groups and Google Local. The outage also […]

Microsoft plans to unveil a new security advisories service next Tuesday as part of an aggressive long-term effort to revamp the way it reacts to publicly reported software vulnerabilities. The pilot project, which is independent of the scheduled monthly security bulletins, represents a major shift in the way the Redmond, Wash.-based software maker communicates with […]