Ryan Naraine

Security researchers on Tuesday issued a warning for multiple vulnerabilities in the open-source CVS, a popular program that allows developers to keep track of different development versions of source code. The most serious of the flaws could allow a remote compromise of unpatched servers, the open-source Concurrent Versions System Project confirmed in an advisory. The […]

Apple Computer Inc. has shipped an update for its flagship Mac OS X operating system to address a range of security holes, including a code execution flaw in the Safari Web browser. The Cupertino, Calif.-based computer maker said the vulnerabilities could be exploited to put users at risk of security Bypass, privilege escalation, denial-of-service and […]

Symantec on Monday became the last of the big-name anti-virus vendors to hop aboard the anti-spyware gravy train. Taking a page out of rival Microsoft Corp.s playbook, Symantec Corp. rolled out a free public beta of the new Norton Internet Security 2005 AntiSpyware Edition, adding spyware-detection capabilities to a product suite that already features virus […]

Microsoft over the weekend pushed out an update for its flagship Windows Media Player to provide protection from a well-known spyware infection threat. The update comes more than three months after Microsoft Corp. promised a fix and brings an end to an episode that raised questions about the companys handling of a legitimate security threat […]

IBMs Lotus Software has shipped patches for several high-risk security holes in its popular Notes and Domino product lines. In an advisory, IBM Corp. said the most serious flaw was a buffer-overrun condition that could be exploited by a malicious user to cause the Lotus Domino server to crash, resulting in a denial-of-service attack. However, […]

Three months after promising to update its flagship Windows Media Player software to block a well-known spyware infection vector, Microsoft has still not provided security for the majority of its users. The software giants inability to ship a timely update for users of its Windows Media 9 Series has triggered new questions about Microsoft Corp.s […]

Microsofts worm-cleansing tool has been updated to detect and remove Hacker Defender, a notorious rootkit program used by malicious virus writers. It is the first time Redmond has added rootkit detection capabilities to the free Malicious Software Removal Tool, a move that underscores the increased prevalence of stealth rootkits on Windows machines. Stephen Toulouse, program […]

The Microsoft security train made its scheduled monthly stop on Tuesday, dropping off eight updates to cover 18 vulnerabilities in a range of widely deployed products. Five of the eight advisories are rated “critical” and Redmond officials are urging customers to apply at least three immediately as high-priority updates. The top three include fixes for […]

The OpenOffice.org community on Tuesday confirmed the existence of a potentially serious heap-overflow vulnerability in its freely distributed office productivity suite. The flaw affects OpenOffice Version 1.1.4 and prior and OpenOffice Version 2.0-dev and prior and could put users at risk of code execution attacks. OpenOffice.org community manager Louis Suarez-Potts confirmed that the vulnerability was […]

A private security research outfit on Tuesday warned that a “highly critical” vulnerability in the Microsoft Jet Database Engine could be exploited by malicious hackers to hijack a compromised system. The flaw, which was discovered by HexView Security Research and Assessment, affects fully patched systems with Microsoft Access 2003 and Microsoft Windows XP, including Service […]