[patch] Forum Topics

Earlier this month, security outfit FireEye’s 'FireEye as a Service' researchers out in Singapore [discovered and reported](https://www.fireeye.com/blog/threat-research/2015/06/operation-clandestine-wolf-adobe-flash-zero-day.html) on a phishing campaign that was found to be exploiting a zero-day in Adobe Flash Player vulnerability (CVE-2015-3113). That campaign has been well and truly active for a while now, with attacking emails …

A 22 year old vulnerability, yes you read that right, has been discovered which some security experts suggest could be bigger than Heartbleed. The bug, reported as '[CVE-2014-6271:remote code execution through bash](http://seclists.org/oss-sec/2014/q3/649)' relates to how environment variables are processed: with trailing code in function definitions being executed independently of the …

Microsoft has published an [advance notification](http://technet.microsoft.com/en-us/security/bulletin/ms13-jan) for vulnerabilities that will be patched in the January 2013 'Patch Tuesday' security bulletin due next week. However, anyone hoping for a permanent fix to deal with the Internet Explorer zero-day exploit that surfaced during the seasonal holiday period is going to be disappointed. …

Reports are coming in thick and fast about 'state-sponsored' zero-day exploits hitting business websites in the UK. The latest, disclosed yesterday by [SophosLabs](http://nakedsecurity.sophos.com/2012/06/20/aeronautical-state-sponsored-exploit/), involves an as yet unnamed European aeronautical parts supplier and follows on from another the day before involving a European medical company site. In both cases the …

Last week saw the discovery of YAJE: Yet Another Java Exploit. Sadly, Java vulnerabilities are neither new nor uncommon and the bad guys are quick to exploit them in the wild. Some claim that Oracle is in too much of a rush to extricate itself from this unholy mess and …

Hi all, This is kind of related to another thread I posted in C++, but I thought I'd go the VB.NET route and have a co-worker help with the C++ conversion if needed. I hope I'm getting pretty close with this... Const MinMsiVersion = "3.0" 'Minimum version to support functionality …

Microsoft Security Advisory notices do not, as a rule, make the media sit up and take much notice. Not least as they have become relatively commonplace over the years, but every now and then one comes along which may grab some press attention. Take [MSA 2718704](http://technet.microsoft.com/en-us/security/advisory/2718704) for example.  …

An in-the-wild exploit targeting a vulnerability with Java 7 has led to security experts the world over warning users to disable the Java plug-in for their browser clients at the very least, and preferably uninstall Java altogether. The CVE-2012-4681 vulnerability, comprising two flaws, along with a couple of other 'related …

Hi guys. I need help for creating an exe which will patch my other exe.. 1st exe is one form with a textbox and a value textbox1.text="Hi,my name is Chris" 2nd exe i want to be an exe which will PATCH the 1st exe and change the value of the …

If you are a user of Adobe Flash, be sure to apply the latest security update if you want to avoid becoming part of an in-the-wild attack exploiting a vulnerability which currently seems to be exploiting users of Internet Explorer on the Windows platform only. Adobe has, however, issued an …

[ATTACH=RIGHT]21548[/ATTACH]Earlier this week a hacker group called Dev-Team launched a revamped website service that enables owners of the iPhone 4 and iPad 2 (amongst a myriad other iOS-powered devices) to jailbreak them in next to no time, for free, online. The [URL="http://blog.iphone-dev.org/post/890709355/the-return-of-jailbreakme-com"]JailBreakMe site exploits a vulnerability[/URL] with the way that …

I have a notebook Lenovo Z61m, OS window XP. I'm trying to disconnect the HP all in one printer 2355 series without success. A window appears reading Error 1606 "could not access network location 0. i'm buying a new printer and want to eliminate the previous one HP. Please help!

[ATTACH=right]16305[/ATTACH]No more shortcuts for hackers - that's the word from Microsoft, which plans to release a patch today that the company says will fix a security loophole. The issue is tied to the way the Windows OS handles shortcuts, or .lnk files, or as Microsoft explains it in the [URL="http://www.microsoft.com/technet/security/advisory/2286198.mspx"]official …

A user reported not be able to access the network. I moved their network cable to another jack and all was well. The 2 wall jacks in question were professional installed Cat 5E cabling, both are plugged into a switch but I can't ping or tracert anything on the network …

Microsoft on Tuesday is set to release six security updates, three of which it has deemed critical and apply only to versions of Windows other than Windows 7. Microsoft released advance notice of its [url=http://www.microsoft.com/technet/security/Bulletin/MS09-nov.mspx]Security Bulletin for November[/url], on Nov. 5. The bulletin itself will be released on Tuesday along …

According to a new report, published today by SANS, the overwhelming majority of all cyber-security risks can be laid at the door of just two areas: unpatched client-side software and vulnerable Internet facing web sites. The report was compiled by Rohit Dhamankar, Mike Dausin, Marc Eisenbarth and James King of …

Microsoft yesterday released a [url=http://support.microsoft.com/kb/954593]security update[/url] intended to fix eight critical vulnerabilities in as many as 42 Windows apps and components, including IE6, Media Player, Office, SQL Server and Visual Studio. The patch was made available before they could be discovered and exploited by malicious hackers, or at least before …

Apple has rolled no less than 25 patches into the [URL="http://www.apple.com/support/downloads/"]Mac OS X 10.5.4 Leopard update[/URL] that was announced yesterday. These address a number of Ruby vulnerabilities, as reported [URL="http://www.daniweb.com/blogs/entry2657.html"]here on DaniWeb[/URL] last month by fellow blogger Davey Winder. So that's six of the patches accounted for at any rate. …

Microsoft today gave [URL=http://www.microsoft.com/technet/security/bulletin/ms08-jun.mspx] advance notice [/URL]of a security bulletin it will release on Tuesday to repair seven vulnerabilities in Windows and Internet Explorer, three of them critical. The three critical warnings involve potential remote code execution, and affect Bluetooth, DirectX and IE. According to reports, the latter patch might …

It should come as no surprise that the upcoming 'Patch Tuesday' from Microsoft should include critical patches covering the likes of VBScript and Jscript implementation in Windows 2000, XP and 2003. However, [URL="http://www.itpro.co.uk/news/184764/not-even-vista-sp1-escapes-next-patch-tuesday.html"]some reporters[/URL] have expressed just a little astonishment that both Windows Server 2008 and Vista SP1 are also …

A browser with vulnerabilities that could lead to arbitrary code execution and cross-site scripting attacks. An urgent automatic update to patch eight such vulnerabilities, five of which are rated as critical and the complete set as ‘highly critical’ by security exploits tracker Secunia. And even then missing a password management …

Various internet sources are reporting two Microsoft patch concerns -- a failed "real" patch released by Microsoft, and a third party assembling various hot-fixes, and calling them "Windows XP SP3 Preview Pack". There is no official "Windows XP SP3"... the third party preparing them clearly mentions that on their website, …