Web Browser Security
- August 09, 2007
The next version of Firefox will include new anti-phishing and anti-malware capabilities. Mozilla also plans to release a pair of fuzzing tools to detect Java, FTP and HTTP flaws.
- July 31, 2007
Firefox version 188.8.131.52 addresses critical flaws involving unescaped URLs passing to external programs and privilege escalation.
- July 26, 2007
Danish vulnerability clearinghouse Secunia and the United States Computer Emergency Readiness Team (US-CERT) issued advisories about the input validation flaw.
- July 18, 2007
Mozilla attended to eight flaws in Firefox, fixing three critical and two high-impact vulnerabilities that could be used by an attacker to gain access to sensitive information.
- June 14, 2007
Researchers who haven't liked Apple's past response to flaw reports applaud the company's quick fix to Safari for Windows. But they're not convinced Apple is turning over a new leaf.
- June 13, 2007
Attackers can exploit a new buffer-overflow flaw in Microsoft Office to cause a denial of service or run malicious code on targeted machines via IE, Symantec warned Wednesday.
- June 12, 2007
Microsoft fixed 15 flaws in a variety of products Tuesday, including Windows XP, Vista and Internet Explorer 7. Attackers could exploit the most serious flaws for remote code execution.
- June 12, 2007
Attackers could exploit a flaw in Apple's Safari for Windows to pass arbitrary command line arguments to any application that can be called through a protocol handler.
- May 31, 2007
Firefox versions 184.108.40.206 and 220.127.116.11 fix flaws attackers could exploit to do a variety of damage. Mozilla says this is the final update for Firefox 1.5.
- May 14, 2007
A DNS service failure and an ongoing WSUS glitch are among this month's frustrations as IT administrators try to deploy the latest security patches from Microsoft.
- April 27, 2007
This week in Security Blog Log: A much-hyped QuickTime exploit threatens Mac OS X and Windows browsers, but the Apple faithful feel the greatest sting.
- March 30, 2007
Beware of emails from "email@example.com." It may look like an invitation to download Internet Explorer 7, but it's really a trick to infect machines with malware.
- March 28, 2007
Websense Security Labs warned that exploit code targeting the Internet Explorer MDAC flaw has been published. Microsoft released a patch for the flaw in February.
- March 22, 2007
One newly-discovered flaw and several glitches introduced in the last update have been fixed with Mozilla's release of Firefox 18.104.22.168 and 22.214.171.124.
- March 15, 2007
Microsoft said it is investigating a flaw in Internet Explorer 7 (IE 7) attackers could exploit to launch phishing expeditions.