The world is about to get another reminder about just how much of the Internet runs on technology maintained by a handful of coders working on a shoestring budget. OpenSSL — the software used by thousands of companies to encrypt online communications — is set to get a security makeover this week: The OpenSSL Software Foundation said it plans to release new versions of its code to fix a number of security weaknesses, including some classified as “high” severity. OpenSSL is deployed at countless organizations, including at Web giants like Facebook, Google and Yahoo — as well as broadly across U.S
Adobe Flash Update Plugs 11 Security Holes
Adobe has released an update for its Flash Player software that fixes at least 11 separate, critical security vulnerabilities in the program. If you have Flash installed, please take a moment to ensure your systems are updated. Not sure whether your browser has Flash installed or what version it may be running?
Microsoft Fixes Stuxnet Bug, Again
Microsoft today shipped a bundle of security updates to address more than three dozen vulnerabilities in Windows and associated software. Included in the batch is a fix for a flaw first patched in 2010 — the very same vulnerability that led to the discovery of the infamous cyberweapon known as Stuxnet. Turns out, the patch that Microsoft shipped to fix that flaw in 2010 didn’t quite do the trick, leaving Windows users dangerously exposed all this time.
Yet Another Flash Patch Fixes Zero-Day Flaw
For the third time in two weeks, Adobe has issued an emergency security update for its Flash Player software to fix a dangerous zero-day vulnerability that hackers already are exploiting to launch drive-by download attacks. The newest update, version 16.0.0.305 , addresses a critical security bug ( CVE-2015-0313 ) present in the version of Flash that Adobe released o n Jan.
Yet Another Emergency Flash Player Patch
For the second time in a week, Adobe has issued an emergency update to fix a critical security flaw that crooks are actively exploiting in its Flash Player software. Updates are available for Flash Player on Windows and Mac OS X .
Flash Patch Targets Zero-Day Exploit
Adobe today released an important security update for its Flash Player software that fixes a vulnerability which is already being exploited in active attacks.
‘Security by Antiquity’ Bricks Payment Terminals
Last week, several thousand credit card payment terminals at various retailers across the country suddenly stopped working, their LCD displays showing a blank screens instead of numbers and letters. Puzzled merchants began to worry that this was perhaps part of some sophisticated hacker attack on their cash registers.
‘Poodle’ Bug Returns, Bites Big Bank Sites
Many of the nation’s top banks, investment firms and credit providers are vulnerable to a newly-discovered twist on a known security flaw that exposes Web site traffic to eavesdropping. The discovery has prompted renewed warnings from the U.S. Department of Homeland Security advising vulnerable Web site owners to address the flaw as quickly as possible.
Adobe Pushes Critical Flash Patch
For the second time this month, Adobe has issued a security update for its Flash Player software. New versions are available for Windows , Mac and Linux versions of Flash. The patch provides additional protection on a vulnerability that Adobe fixed earlier this year for which attackers appear to have devised unique and active exploits
Adobe, Microsoft Issue Critical Security Fixes
Adobe and Microsoft today each issued security updates to fix critical vulnerabilities in their software.