Microsoft has published a temporary fix for a new zero-day flaw that affects nearly all versions of Windows and is currently being exploited via PowerPoint.
After a relatively quiet few months, Microsoft Patch Tuesday is back in full force, covering three zero-day vulnerabilities that administrators should attend to as quickly as possible.
A cyberespionage group operating out of Russia has launched malware attacks against the Ukrainian government and at least one U.S.-based organization through a previously unknown vulnerability that affects most versions of Windows.
Shellshock continues to reverberate: Attackers are exploiting recently discovered vulnerabilities in the Bash command-line interpreter in order to infect Linux servers with a sophisticated malware program known as Mayhem.
Around 45 percent of Android devices have a browser that is vulnerable to two serious security issues, but some countries have a considerably larger percentage of affected users than others, according to data from mobile security firm Lookout.
Hackers could have had an inside track on unpatched flaws in major software projects because of a critical vulnerability in Bugzilla, a system that many developers use to track and discuss bugs in their code.
The Xen Project has revealed the details of a serious vulnerability in the Xen hypervisor that could put the security of many virtualized servers at risk.
The Joomla project pushed out new updates for its popular content management system Wednesday after a glitch was found in the high-priority security patches it released a day before.
Virtual private network servers based on OpenVPN might be vulnerable to remote code execution attacks through Shellshock and other recent flaws that affect the Bash Unix shell.
Google has tripled its maximum reward for finding flaws in its software to US$15,000, a figure the company hopes will deter independent researchers from selling their information on shady markets.
The "Shellshock" flaw has the potential to pose a risk to the payments industry, but doesn't appear to have caused any problems yet, an official with a consortium run by major credit card companies warned on Tuesday.
Cisco Systems and Oracle are hard at work identifying networking and other products in their portfolios that are affected by the critical Shellshock vulnerability.
Apple released a patch Monday for Shellshock, a serious software vulnerability disclosed last week, although the company had said it posed no risk to most users.
System administrators who spent last week making sure their computers are patched against Shellshock, a critical vulnerability in the Bash Unix command-line interpreter, will have to install a new patch that addresses additional attack vectors.
Apple's iOS 8 addresses a serious weakness that could allow attackers to hijack the wireless network authentication of Apple devices and gain access to enterprise networks.
Most Popular Reviews
- 1 Apple MacBook (early 2015) review: Almost a game changer
- 2 Microsoft Surface 3 Windows 8.1 tablet
- 3 HP Spectre x360 convertible laptop
- 4 Dell XPS 13 laptop (early 2015 model)
- 5 Panasonic Lumix DMC-TZ70 compact camera
Join the PC World newsletter!
Best Deals on GoodGearGuide
Latest News Articles
- Microsoft aims to increase confidence in cloud services with better networking
- The Internet of Things to take a beating in DefCon hacking contest
- The Upload: Your tech news briefing for Wednesday, May 6
- EU launches antitrust probe into e-commerce sector
- Google launches a service for storing big data
GGG Evaluation Team
First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.