Is it time to ban dangerous third-party apps?

Application Attacks (Buffer Overflows, Cross-Site Scripting)

Email Alerts

Register now to receive SearchSecurity.com-related news, tips and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Zero-day flaws target 'safe' programs

    The SANS Institute says many critical flaws are appearing in programs long considered to be safe alternatives to Windows. Apple's reputation, in particular, "is in tatters." 

  • IE 'object' tag flaw found

    Attackers could launch malicious code and corrupt system memory by exploiting the latest Internet Explorer flaw. Experts suggest avoiding untrusted Web sites. 

  • Windows patch problems to force out-of-cycle repair

    Microsoft on April 25 will re-release a critical update that fixes a Windows Explorer code-execution vulnerability. The patch has caused problems with certain third-party software. 

  • Report: IM, P2P threats on the rise

    Research shows a steady increase in threats that target unauthorized IM and peer-to-peer applications. Worse yet, most IT departments have no way of knowing the threats exist. 

  • Inside MSRC: Microsoft details IE ActiveX update

    In his debut column, Microsoft security specialist Christopher Budd talk about the vendor's April software update, including a fix for the createTextRange flaw and changes in IE ActiveX behavior. 

  • Microsoft releases five fixes for IE, Windows

    The software giant's monthly update fixes several IE flaws, including the createTextRange issue, and addresses vulnerabilities in a range of Windows programs. 

  • Oracle accidentally exposes flaw, exploit

    A database researcher says details about a high-risk privilege escalation vulnerability were mistakenly posted on Oracle's MetaLink site last week. There's no patch, but there are workarounds. 

  • Security Blog Log: Nash, still at helm, addresses IE fixes

    With big updates in store for Internet Explorer, outgoing security chief Mike Nash uses Microsoft's security blog to address concerns. 

  • Third-party fixes available for IE flaw

    The unofficial work-arounds for the createTextRange flaw suggest the security community doesn't like waiting for Microsoft to address potentially dangerous vulnerabilities. 

  • Microsoft investigates two IE flaws

    Attackers could use the latest security holes to cause a denial of service or launch malicious code. Proof-of-concept exploit code has been written for one flaw.