News

• uTorrent patches application against DLL vulnerability

  The developers of the uTorrent file-sharing application have released an updated version that fixes a problem that could allow an attacker to load malicious code onto a user's computer.

• Adobe fixes 20 vulnerabilities in Shockwave Player

  Adobe Systems patched 20 security vulnerabilities in its Shockwave Player on Tuesday. Most of the flaws could allow an attacker to run their own code on an affected computer.

• Facebook bug could give spammers names, photos

  Facebook is scrambling to fix a bug in its website that could be misused by spammers to harvest user names and photographs.

• Repetition breaks Google Audio CAPTCHA

  Google has fixed a flaw in its Audio CAPTCHA software that could have given scammers a way to automatically set up phoney accounts with the company's services.

• Hacker wrecks 175 websites, leaves Facebook fan link

  An audacious hacker has defaced 175 Australian websites in an attack that links viewers to his personal website, email and Facebook fan page.

• Hackers exploit Windows XP zero-day, Microsoft confirms

  Hackers are now exploiting the zero-day Windows vulnerability that a Google engineer took public last week, Microsoft confirmed today.

• Microsoft runs fuzzing botnet, finds 1,800 Office bugs

  Microsoft uncovered more than 1,800 bugs in Office 2010 by tapping into the unused computing horsepower of idling PCs, a company security engineer said today.

• Microsoft defends Windows 7 security after Pwn2Own hacks

  Just days after a pair of researchers outwitted major Windows 7 defenses to exploit Internet Explorer (IE) and Firefox, Microsoft said the measures aren't meant to "prevent every attack forever."

• Mozilla confirms critical Firefox bug

  Mozilla yesterday confirmed a critical vulnerability in the newest version of Firefox, and said it would plug the hole by the end of the month.

• Microsoft hustles on IE patch, tests fix

  Microsoft yesterday said it is testing a patch for a critical vulnerability in Internet Explorer (IE), but stopped short of promising to deliver an emergency fix before the next scheduled Patch Tuesday.

• Hackers exploit latest IE zero-day with drive-by attacks

  Hackers are exploiting the just-disclosed unpatched bug in Internet Explorer (IE) to launch drive-by attacks from malicious Web sites, security researchers said today.

• Microsoft warns of new IE bug; attacks under way

  Microsoft today warned of a critical vulnerability in Internet Explorer that is already being exploited by hackers, the second such admission in the last two months.

• New exploit technique nullifies major Windows defense

  The disclosure of a new exploit technique that bypasses an important Windows security feature may result in more successful attacks against Microsoft's newer operating systems, researchers said today.

• IBM: Vulnerabilities fell in 2009, but other risks abound

  The number of software vulnerabilities fell overall in 2009, but the number of bugs in document readers and multimedia applications increased by 50 percent, according to IBM's annual X-Force Trend and Risk Report.

• Twitter forces password reset to protect some accounts

  Twitter required some users to reset their passwords on Tuesday after discovering that their log-in information may have been harvested via security-compromised torrent Web sites, the company said.