Tag Archive for: unpatched

Researchers disclose four unpatched vulnerabilities in Internet Explorer

/in

Security researchers published limited details about four unpatched vulnerabilities in Internet Explorer because Microsoft has not moved quickly enough to fix them.

The flaws could potentially be exploited to execute malicious code on computers when users visit compromised websites or open specially crafted documents. They were reported through Hewlett-Packard’s Zero Day Initiative (ZDI) program.

HP’s TippingPoint division, which sells network security products, pays researchers for information on unpatched high-risk vulnerabilities in popular software. The company uses the information to create detection signatures, giving it a competitive advantage, but also reports the flaws to the affected vendors so they can be fixed.

To read this article in full or to leave a comment, please click here

Network World Security

D-Link remote access vulnerabilities remain unpatched

/in

D-Link routers have several unpatched vulnerabilities, the worst of which could allow an attacker to gain total control over a device, according to a systems engineer in Canada.

Peter Adkins, who does security research in his free time, released details of the flaws on Thursday. Adkins said in a phone interview that he has been in intermittent contact with D-Link since Jan. 11 on the issues, but the company has not indicated when it might patch.

“I believe it’s probably better for the end user to know that these exist than be completely in the dark for months on end while the vendor prepares patches,” he said.

D-Link officials did not have an immediate comment.

To read this article in full or to leave a comment, please click here

Network World Security

Google discloses unpatched Windows vulnerability

/in

A Google researcher has disclosed an unpatched vulnerability in Windows 8.1 after Microsoft didn’t fix the problem within a 90-day window Google gave its competitor.

The disclosure of the bug on Google’s security research website early this week stirred up a debate about whether outing the vulnerability was appropriate.

The bug allows low-level Windows users to become administrators in some cases, but some posters on the Google site said the company should have kept its mouth shut. Google said it was unclear if versions of the Windows OS earlier than 8.1 were affected by the bug.

To read this article in full or to leave a comment, please click here

Network World Security

Windows PCs still riddled with unpatched Java, QuickTime and Adobe Reader

/in

US Windows users remain badly exposed to dozens of basic software vulnerabilities, according to third quarter 2014 figures from Danish security firm Secunia. Java was by far the worst offender with 42 percent of systems unpatched against one or more flaws.

In total, Java 7 suffered a humungous 145 vulnerabilities in the third quarter of 2014, which Secunia found to be running on two thirds of the US-based consumer systems it assessed. From this, 42 percent were in an unpatched state and therefore taking a big risk given the popularity of Java exploits among cyber-criminals.

To read this article in full or to leave a comment, please click here

Network World Security