Some of the world's biggest security and software vendors will be rushing to patch holes in implementations of the popular 7-zip compression tool to stop attackers gaining full control of customer machines.
Cisco security researcher Jaeson Schultz found and reported the holes to the maintainers of the open source 7-Zip platform who kindly cooked up a fix.
Mozilla has asked a court that it should be provided information on a vulnerability in the Tor browser ahead of it being provided to a defendant in a lawsuit, as the browser is based in part on Firefox browser code.
“At this point, no one (including us) outside the government knows what vulnerability was exploited and whether it resides in any of our code base,” wrote Denelle Dixon-Thayer, chief legal and business officer at Mozilla, in a blog post Wednesday.
L33tdawg: Interested in SAP security? You might like to attend this 2-day training at #HITB2016AMS
More than 36 organizations—some in the gas, telecommunications, and steel manufacturing industries—have been breached by attackers exploiting a vulnerability in older SAP business applications that gives them remote access to highly confidential data, the US government-sponsored CERT warned Wednesday.
Microsoft has fixed a critical security vulnerability affecting all supported versions of Windows.
The company said in a security advisory that all users of Windows 10 and earlier should patch as soon as possible to prevent attackers from exploiting a flaw in how the operating system handles graphics and fonts.
The patch fixes four separate vulnerabilities -- the worst of which could let an attacker install malware on an affected computer. The flaw is not thought to have been actively exploited in the wild, the company said.
Windows users woke up to something that doesn't happen every day: the disclosure of two zero-day vulnerabilities, one in the Microsoft operating system and the other in Adobe's Flash Player.