Ryan Naraine

Microsoft is giving security administrators a day off next Tuesday. One month after releasing a whopping dozen bulletins to cover 17 security flaws in a range of products, Microsoft Corp. announced that there would be no new advisories this month. While IT administrators will get a reprieve from patching, a company spokesman said it is […]

RealNetworks Inc. on Wednesday rolled out new versions of its flagship RealPlayer software to zap a pair of potentially dangerous security bugs. In an advisory, the digital media company, based in Seattle, confirmed that the security holes could cause buffer overflows and allow an attacker to run malicious code on vulnerable machines. Affected products include […]

Anti-virus vendors are raising the alarm over another batch of Bagle worm mutants crawling through e-mail networks. The latest variants have been equipped with Trojan horse downloaders and new propagation techniques that have led to wide distribution, according to a warning from Lynnfield, Mass.-based Sophos Inc. Anti-virus research company F-Secure Inc. has so far counted […]

Nearly two months after promising to update its media player software to block the threat of malware infection, Microsoft Corp. on Tuesday admitted that users of its Windows Media Player 9 Series remain at risk. Redmond has hemmed and hawed on its response to the threat and the circumstances of the latest admission isnt sitting […]

America Onlines yellow Running Man wants to leave his footprints all over Microsoft Outlooks turf. In partnership with Intellisync Corp., based in San Jose, Calif., America Online Inc. on Monday rolled out a beta of AIM Sync, a tool that effectively turns the Outlook e-mail client into a massive Buddy List. With AIM Sync, AOL […]

If evidence were needed that the new browser war will be won or lost on the security message, along comes the Mozilla Foundation with public confirmation. Unfazed by Microsoft Corp.s plan to roll out a security-centric Internet Explorer refresh later this year, the open-source Foundation says it will hire more staff to work full time […]

The Mozilla Foundation late Thursday rolled out a major security update to fix several known cross-site scripting and domain-spoofing vulnerabilities in the upstart Firefox browser. The nonprofit foundation said the new Firefox 1.0.1 was rushed out to provide a temporary fix for the IDN (International Domain Name) bug that was first flagged earlier this month. […]

Multiple vulnerabilities in two popular open-source projects—phpMyAdmin and phpBB—could put users at risk of cross-site scripting and information disclosure attacks, security researchers warned Thursday. According to an alert from research firm Secunia, users of the phpMyAdmin application should apply the latest versions of the application to avoid malicious hacking attacks. The phpMyAdmin Project recommends that […]

The Carnegie Mellon University has released a new version of its widely deployed Cyrus IMAP Server to fix a series of potentially dangerous code execution vulnerabilities. The flaws affect Cyrus IMAP Server 2.2.10 and prior and carry a “moderately critical” rating from independent security research company Secunia. Users are strongly urged to upgrade to Cyrus […]

Software engineers at Microsoft Corp.s security research team have confirmed the existence of a bug in the Internet Explorer browser that opens the door to URL spoofing attacks. The flaw, which has been widely reported on public mailing lists, can be exploited by a malicious attacker to spoof the URL of a pop-up advertisement and […]