Security News


Microsoft Joins Group To Stop Conficker Worm, Offers Reward

Microsoft is putting up $250,000 for information leading to the arrest of the Conficker worm's author.

February's Patch Contains 'Critical' IE and Exchange Fixes

Microsoft issued its monthly security patch, addressing four critical fixes and two important ones.

Microsoft Plans To Fix UAC Security in Windows 7 RC

Execs said that two security changes will be implemented in the Release Candidate version of the OS.

Four Security Fixes Planned for Patch Tuesday

Microsoft expects to fix Internet Explorer, SQL Server and Visio in its upcoming February security patch.

First Look: FreeBSD 7

The UNIX-like server solution adds some extra security features beyond what you'd find with typical Linux OSes.

Clickjacking Flaw Hits Chrome and Firefox

Though Microsoft may have gotten ahead of the browser-security curve with RC1 of IE 8, which includes a feature that helps protect against clickjacking attacks, recent developments suggest that other browsers haven't quite caught up yet.

Testing Begins for Vista SP2 Release Candidate, Reports Say

Microsoft has advanced to the next testing phase by issuing Release Candidate "Escrow"-build versions of Service Pack 2.

Monster.com Gets Hacked Again, Data Stolen

The jobs portal company reported that personal information was stolen from its customer database.

Windows 7 Beta Availability Extended to Feb. 9

Microsoft is giving the general public more time to get and test its latest operating system.

Microsoft Battles Worm, Rebuts CERT Claim

Redmond tells security group how to disable AutoRun in Windows.

Microsoft Security Director Steps Down

Redmond's security team is undergoing a revamp with the announcement that Andrew Cushman, director of Microsoft's Security Response Center, will be stepping down to be replaced by group manager Mike Reavey.

Conficker Worm Still Wreaking Havoc on Windows Systems

Microsoft advises applying a patch issued in October.

January's Patch Addresses Bug in Server Message Block

Microsoft's January security update contains one patch to stave off potential remote code execution attacks.

Coalition Agrees on Top 25 Software Security Errors

A government-led coalition identified common errors in software development with an eye toward improving security.

Microsoft Releases Beta of Windows Server 2008 R2

A public beta of Microsoft's latest Windows Server solution was released this month.

One Fix Expected for Patch Tuesday

Microsoft's first security update rollout of 2009 may be a quiet one, according to an advance notification released Thursday.

Enterprise Data Breaches on the Rise, Report Finds

Organizations need a commitment to security and better implementation of security tools, experts say.

Security Researchers Find Hole in Intel's vPro

A pair of researchers are claiming to have sussed out how to circumnavigate the security protections in Intel's vPro remote management technology.

SSL Certs Busted

Weaknesses found in the MD5 hash algorithm could be used as a basis to generate fraudulent X.509 Certification Authority certificates.

SQL Injection Hits Amid the Holidays

Redmond continues to investigate a new zero-day bug affecting popular database application SQL Server.