Ryan Naraine

Microsoft Corp.s first software patch for 2005 does not adequately fix the critical vulnerability it was intended to address, according to a warning issued by IT security services firm GeCAD NET. After testing the patch released earlier this month in the MS05-001 advisory, GeCAD NET security engineer Valentin Avram said he found at least one […]

A new e-mail worm masquerading as news headlines from CNN has the ability to log keystrokes and open backdoors for new threats, anti-virus vendor Sophos Inc. said in an advisory. Researchers at Sophos said the worm, identified as W32/Crowt-A, takes its subject lines and message content from headlines gathered in real-time from Time Warners CNN […]

A pair of vulnerabilities in the Sun Java Plug-In technology could put users at risk of system bypass attacks, Sun Microsystems Inc. confirmed Thursday. The Santa Clara, Calif.-based company said the more serious of the two vulnerabilities could allow an untrusted applet to elevate privileges through JavaScript calling into Java code. For example, an untrusted […]

A new Internet worm is squirming through Microsoft Corp.s popular MSN Messenger chat network, anti-virus vendors warned on Thursday. The latest threat comes follows Octobers Funner worm attack and signals a growing trend to use instant messaging as a delivery mechanism for malicious activity. According to an advisory from F-Secure, the new W32/Bropia-A worm users […]

A security researcher has issued an alert for a “serious security flaw” in the way document encryption is implemented in Microsofts Word and Excel products, warning that a widely-used encryption algorithm is being misused by the software giant. However, Microsoft officials are downplaying the threat, insisting that the reported flaw poses a very low threat […]

Oracle Corp. late Tuesday issued a “critical patch update” to address 23 security holes in its database and application server products. The patches were released as part of Oracles first quarterly patching cycle and fix a series of undisclosed flaws ranging from manipulation of data, exposure of sensitive information, privilege escalation and denial-of-service attacks. The […]

Microsoft will patch its Windows Media Player after all. One week after saying it had no plans to change the way WMP (Windows Media Player) handles the download of DRM licenses, Microsoft now says it will release an update in the next 30 days to help thwart the threat of spyware infection. The about-face comes […]

A sudden power outage has knocked millions of Six Apart Ltd.s LiveJournal blogs offline. The power failure occurred on Friday evening at the Internap data center affected more than 100 servers that keep LiveJournals blogging network up and running. “LiveJournal is currently completely inaccessible, and were waiting on Internap for an estimate when power will […]

Theres a big target on Google Inc.s back. For the second time this week, security flaws in the companys Web-based products have been uncovered, and the latest—in the Froogle comparison-shopping service—could have serious ramifications for Googles attempt at identity management. In a statement sent to eWEEK.com, the search darling confirmed it was alerted to a […]

Online auctioneer eBay Inc. has dipped into its war chest to snap up the technology assets of e-business software specialist Kurant Corp. Financial terms of the cash transaction were not disclosed. The deal gives the San Jose, Calif.-based eBay a key player in the e-commerce business and signals a move by the auction giant to […]