Security News


January's Patch Addresses Bug in Server Message Block

Microsoft's January security update contains one patch to stave off potential remote code execution attacks.

Coalition Agrees on Top 25 Software Security Errors

A government-led coalition identified common errors in software development with an eye toward improving security.

Microsoft Releases Beta of Windows Server 2008 R2

A public beta of Microsoft's latest Windows Server solution was released this month.

One Fix Expected for Patch Tuesday

Microsoft's first security update rollout of 2009 may be a quiet one, according to an advance notification released Thursday.

Enterprise Data Breaches on the Rise, Report Finds

Organizations need a commitment to security and better implementation of security tools, experts say.

Security Researchers Find Hole in Intel's vPro

A pair of researchers are claiming to have sussed out how to circumnavigate the security protections in Intel's vPro remote management technology.

SSL Certs Busted

Weaknesses found in the MD5 hash algorithm could be used as a basis to generate fraudulent X.509 Certification Authority certificates.

SQL Injection Hits Amid the Holidays

Redmond continues to investigate a new zero-day bug affecting popular database application SQL Server.

Off-Cycle Internet Explorer Security Update Released

Microsoft reacted quickly to a vulnerability in Internet Explorer by issuing an out-of-cycle fix.

Microsoft Releases SQL Server Security Tools

Microsoft released a beta version of its Code Analysis Tool and Anti-Cross Site Scripting Library for developers.

Zero-Day IE Exploit To Get Out-of-Cycle Patch

Microsoft will end 2008 with a "critical" out-of-cycle patch for IE, according to an advance notification issued Tuesday for a new security update slated for release on Dec. 17.

Microsoft Delivers SQL Server 2005 SP3

Microsoft ratcheted up its product support for SQL Server 2005 by releasing Service Pack 3 (SP3) on Monday, along with SP3 Cumulative Update 1.

Cisco Warns of Increasing Attack Sophistication

Cisco's 2008 Annual Security Report report highlighted the increasing sophistication of Internet-based attacks, largely because cyber-criminals themselves are becoming increasingly sophisticated.

Microsoft Exec Urges IE8 Readiness

The head of Microsoft's Internet Explorer team described how developers can prepare for IE8's general release.

Microsoft Offers IE Security Workaround, But No Fix

A "critical" security hole in Internet Explorer will not be fixed until sometime in 2009.

IE8: 'Safe' but Scorned in Bug Battle Contest

A security contest found more bugs in Google Chrome and Firefox than in Microsoft's IE8 browser.

Google Addressing Web App Security With 'Native Client'

The search giant is testing the secure execution of Web code natively on x86-based machines.

Microsoft Exec Lays Out Enterprise Strategy at Barclays Event

Bob Kelly described Microsoft's pursuit of a "$400 billion plus" server and tools market.

Zero-Day IE 7 Flaw Discovered

Microsoft once again has to contend with "Exploit Wednesday." This time, the problem is a zero-day IE 7 flaw discovered soon after the Patch Tuesday release.

December's Patch Arrives, Addressing 28 Security Bugs

December's Patch Tuesday will be a historic security update release. But it won't be because of the size and scope of the eight patches.

Upcoming Events

AppTrends

Sign up for our newsletter.

I agree to this site's Privacy Policy.