Microsoft Patch Tuesday rounds up IE flaws
For this month's "Patch Tuesday" round of bug fixes, Microsoft has focused on correcting multiple vulnerabilities in Internet Explorer (IE), including one that is already being used in targeted attacks.
For this month's "Patch Tuesday" round of bug fixes, Microsoft has focused on correcting multiple vulnerabilities in Internet Explorer (IE), including one that is already being used in targeted attacks.
The massive Target breach led to revelations that many companies use Internet-connected heating, ventilation, and air conditioning (HVAC) systems without adequate security, giving hackers a potential gateway to key corporate systems.
Microsoft is issuing critical patches for flaws found in Windows 7, 8 and RT desktops as well as for the spam and malware filter for Microsoft Exchange server.
The software used by many wireless IP cameras manufactured by Foscam Digital Technologies have a vulnerability that allows remote users to access their video streams and take snapshots without proper authentication.
Yahoo has started to automatically encrypt connections between users and its email service, adding an important security layer that rival Gmail has had for almost four years, but its implementation needs work, according to at least one security expert.
A newly created working group within the Internet Engineering Task Force (IETF) has set out to develop best practices for deploying SSL encryption for Internet communications.
The latest round of monthly patches from Microsoft illustrates the need for organizations to move from older versions of Microsoft software if they haven't done so already.
An intermediate certificate authority (CA) registered to the French Ministry of Finance issued rogue certificates for several Google domains without authorization.
Google replaced the SSL certificates for its online services with new ones that use stronger, 2048-bit RSA keys, making encrypted connections to its sites safer against so-called brute-force attacks.
Oracle fixed on Tuesday 127 security issues in Java, its database and other products, patching some flaws that could let attackers take over systems.
Oracle added a feature in Java that lets companies control what specific Java applets are allowed to run on their endpoint computers, which could help them better manage Java security risks.
Microsoft will deliver eight security updates next week to patch dangerous vulnerabilities in Internet Explorer and the business-critical Exchange Server, as well as less-serious bugs in all versions of Windows.
Microsoft today said it will silently upgrade Internet Explorer (IE) starting next month, arguing that taking the responsibility out of the hands of users will keep the Web safer.
The attack that hacked RSA Security's network earlier this year succeeded because the company failed to take a basic security precaution, a researcher said Monday.
Hackers continue to launch attacks exploiting vulnerabilities in Oracle's Java software in record numbers, Microsoft said Monday.