An open-source component used to display PDF files on WikiLeaks.org and other websites contains vulnerabilities that could be exploited to launch cross-site scripting (XSS) and content spoofing attacks against visitors.
Remote code execution vulnerabilities in the standard implementation of the network time protocol (NTP) can be exploited by attackers to compromise servers, embedded devices and even critical infrastructure systems that run UNIX-like operating system...
A critical vulnerability in client software used to interact with Git, a distributed revision control system for managing source code repositories, allows attackers to execute rogue commands on computers used by developers.
Internet Explorer and Exchange Server top the list of Microsoft programs needing to be patched by IT administrators this month, now that the company has rolled out its latest round of "Patch Tuesday" security fixes.
Webmasters who patched their sites against a serious SSL flaw discovered in October will have to check them again. Researchers have discovered that the vulnerability also affects implementations of the newer TLS (Transport Layer Security) protocol.
A vulnerability in the IBM Endpoint Manager for mobile devices could allow attackers to execute malicious code on the servers used by companies to manage devices.
Siemens released security updates for several of its SCADA (supervisory control and data acquisition) products for industrial environments, in order to fix critical vulnerabilities that may have been exploited in recent attacks.
When Microsoft released a critical update for multiple versions of Windows Server this month, it also pushed out a fix for several releases of the Windows client OS, including even the technical preview for Windows 10.
New security updates released for the WordPress content management system and one of its popular plug-ins fix cross-site scripting (XSS) vulnerabilities that could allow attackers to take control of websites.
Microsoft fixed a critical vulnerability Tuesday in the Windows cryptographic library that could expose Windows servers to remote code execution attacks. The update also adds support for stronger and more modern cryptographic ciphers to older Windows...
Adobe Systems released critical security updates Tuesday for Flash Player to address 18 vulnerabilities, many of which can be remotely exploited to compromise underlying systems.
Microsoft's Enhanced Mitigation Experience Toolkit (EMET), a security program popular with companies, was updated Monday to harden the exploit mitigations that it adds to other programs and to address compatibility issues with some of them.
Cisco Systems released patches for its small business RV Series routers and firewalls to address vulnerabilities that could allow attackers to execute arbitrary commands and overwrite files on the vulnerable devices.
Google plans to remove support for the aging Secure Sockets Layer (SSL) version 3.0 protocol in Google Chrome 40, which is expected to ship in about two months.
The critical Shellshock vulnerabilities found last month in the Bash Unix shell have motivated security researchers to search for similar flaws in old, but widely used, command-line utilities.
Most Popular Reviews
- 1 HP Stream 11 laptop
- 2 B&O BeoPlay A2 portable Bluetooth speaker
- 3 Acer Chromebook 11 (CB3-111)
- 4 Asus Zenbook UX303LN Ultrabook
- 5 Samsung's Galaxy Alpha review: A peek into the Galaxy S6
Best Deals on GoodGearGuide
Latest News Articles
- Hackers target Tor as PlayStation disruption continues
- Connected, self-driving cars in the front seat at CES
- MIT unifies Web development in a single, speedy new language
- Google, Microsoft, Sony make 'The Interview' available online
- Experts: FCC will adopt net neutrality rules in early 2015
GGG Evaluation Team
First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.