Relying on oft-criticized ActiveX technology, Microsoft hopes to fix security hole by the end of next month
Windows Live Hotmail users have been venting their frustration at Microsoft Corp. for the past month since the software maker suddenly removed a popular feature because it created a security hole.
Flaw that hackers have exploited for weeks reached Microsoft in March 2007
Three of the critical vulnerabilities Microsoft patched Tuesday in ActiveX controls for Office were first reported to the company two years ago, according to the security firm that alerted Microsoft of the flaws.
Company's security development expert confirms reports by outside researchers
Microsoft yesterday confirmed that a single superfluous character in its own development code is responsible for the bug that has let hackers exploit Internet Explorer (IE) since early July.
Developers who used the buggy code 'library' must redo software, update customers
As promised, Microsoft today patched six vulnerabilities in Internet Explorer (IE) and Visual Studio with the first "out-of-cycle" update since it plugged a hole last October that the Conficker worm later used to run rampant.
At Black Hat this week researchers will show a way to bypass kill-bits; Microsoft is releasing a patch for the bug on Tuesday
Microsoft has been forced to issue emergency patches for its Windows operating system after researchers discovered a way to bypass a critical security mechanism in the Internet Explorer browser.
Microsoft's IE ActiveX vulnerability, disclosed same day as Firefox's bug, not yet fixed
Mozilla last week issued the first patch for Firefox 3.5, fixing a flaw that went public Monday. One noted contributor had called the flaw a "self-inflicted" vulnerability.
Two zero-days and critical font bug quashed; no fix for Monday's ActiveX vulnerability
Microsoft today delivered six security updates that patch nine vulnerabilities, fixing two bugs already being used by hackers but leaving one still open to exploit.
As patch day looms, company says critical flaw affects Office users running IE
For the second time in a week, Microsoft is warning users that hackers are exploiting an unpatched, critical bug in a company-made ActiveX control, putting people running Internet Explorer (IE) at risk.
Just a day before Microsoft will patch a different zero-day flaw, another one pops up
Microsoft confirmed another zero-day vulnerability on Monday in a set of software components that ship in a wide variety of the company's products.
The news means there are now two critical, unpatched holes involving flawed ActiveX controls
Microsoft today warned of a serious security vulnerability in a Spreadsheet ActiveX control that could allow for a drive-by-download attack against vulnerable PCs.
A new unpatched Windows bug surfaces; Microsoft hasn't patched the old one from May
Thousands of legitimate Web sites hacked over the weekend are launching drive-by attacks using an exploit of a second critical unpatched vulnerability in Windows' DirectShow component, a Danish security company said today.
Google has released a new technology called Native Client, which is similar to Microsoft's ActiveX.
Google has released new software designed to let Web developers write more powerful programs that can work directly with an operating system, rather than having to be run through a browser.
11 separate security updates for Windows, Office, Internet Explorer (IE), Active Directory and the Host Integration Server.
Microsoft on Tuesday patched 20 vulnerabilities, more than half of them rated critical, in 11 separate security updates for Windows, Office, Internet Explorer (IE), Active Directory and the Host Integration Server.
ActiveX control in Windows Vista iPrint client at fault; patch available
Attackers can exploit bugs in Novell's iPrint application to obtain corporate information or hijack computers, security experts said today.
