Microsoft has published a Security Bulletin Advance Notification indicating that its September release will contain two bulletins. These bulletins will have the severity ratings of important and will be for Microsoft Developer Tools and Microsoft Server Software. Release of these bulletins is…
Malware is malicious software that a user unwittingly installs on their computer. Malware can disrupt computer operations, capture every keystroke, destroy data, gather usernames and passwords, acquire your address book and email addresses, or gain access to private networks. “McAfee has…
Do not allow Internet Explorer to store passwords for you Stored passwords allow anyone who can access your machine to log in to your web accounts as you. In addition, there are numerous utilities that can expose that hidden information and actually reveal the password. If you’ve reused that…
US-CERT is aware of multiple malware campaigns impersonating multiple U.S. government agencies, including the United States Cyber Command (USCYBERCOM) and the Federal Bureau of Investigation (FBI). Once installed on a system, the malware displays a screen claiming that a Federal Government agency…
US-CERT has released Vulnerability Note VU#636312 to address a vulnerability in Oracle Java Runtime Environment (JRE) 1.7. This vulnerability may allow an attacker to execute arbitrary code on a vulnerable system.US-CERT encourages users and administrators to review Vulnerability Note VU#636312.…
Microsoft has released updates to address vulnerabilities in Microsoft Windows, Internet Explorer, Office, SQL Server, Server Software, Developer Tools, and Exchange Server as part of the Microsoft Security Bulletin summary for August 2012. These vulnerabilities may allow an attacker to execute…
Google Will Pay $22.5 Million to Settle FTC Charges it Misrepresented Privacy Assurances to Users of Apple’s Safari Internet Browser Privacy Settlement is the Largest FTC Penalty Ever for Violation of a Commission Order Google Inc. has agreed to pay a record $22.5 million civil penalty to settle…
The Mozilla Foundation has released updates for the following products to address multiple vulnerabilities:Firefox 14Firefox ESR 10.0.6Thunderbird 14Thunderbird ESR 10.0.6SeaMonkey 2.11These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition,…
Oracle has released its Critical Patch Update for July 2012 to address 87 vulnerabilities across multiple products. This update contains the following security fixes:4 for Oracle Database Server1 for Oracle Application Express Listener2 for Oracle Secure Backup22 for Oracle Fusion Middleware1 for…
A common fraud, called “phishing”, sends messages that appear to be from a bank, shop or auction, giving a link to a fake website and asking you to follow that link and confirm your account details. The fraudsters then use your account details to buy stuff or transfer money out of the account.…
Google has released Google Chrome 20.0.1132.57 for Linux, Mac, Windows, and Chrome Frame to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition.US-CERT encourages users and administrators to review the Google…
Microsoft has released security advisory 2719662 to address a vulnerability in Microsoft Windows Sidebar and Gadgets. This vulnerability may allow an attacker to execute arbitrary code, take control of an affected system, or disclose sensitive information.US-CERT encourages users and administrators…
Microsoft has released security advisory 2728973 to replace a number of certificates that did not meet Microsoft's high standard of Public-Key Infrastructure (PKI) management. This update places the intermediate certificate authority (CA) certificates in the Untrusted Certificate Store and…