ZDNet Definition for: Vulnerability

Additional Resources

Nsauditor 1.9.8 (Windows)

Nsauditor Network Security Auditor is a network security software and vulnerability scanner that allows auditing and monitoring network computers for possible vulnerabilities, checking network for all potential methods that a hacker might use to attack it and create a report of potential problems that were found. Nsauditor is a complete...

Tags: Network, Auditing, Monitoring, Microsoft Windows, Nsasoft, Nsauditor Network Security Auditor, Nsauditor, Networking

Software downloads 2009-11-28

Trial Download: Rational® AppScan® Standard Edition V7.9

To improve the security of web applications, it starts by building software securely. IBM Rational AppScan is a suite of Web application vulnerability scanners that include dynamic and static analysis capabilities. Now you can engage more testers earlier in the development cycle. Try it for yourself. Download and evaluation copy...

Tags: IBM Corp., IBM Rational AppScan, Scanners, Cloud Computing, Hardware, Peripherals

Download resources 2009-11-24

Exploit published for critical IE 7 zero-day flaw

Do you mean:"The vulnerability was confirmed on fully patched Windows XP SP3 systems with Internet Explorer 6 and [b]7[/b]."Also how effective is the exploit with Protected Mode and limited user account usage? I'd like to see more information on how these two mitigation techniques work against exploits. I suspect the...

Tags: Web browsers, EXPLORER, Microsoft Security Essentials, Microsoft Internet Explorer, critical IE 7 zero-day flaw, IE 7 zero-day flaw, Microsoft Internet Explorer 7, zero-day bug, exploit

Discussion threads 2009-11-23

Exploit published for critical IE 7 zero-day flaw

The vulnerability could be used in malware attacks to take complete control of a Windows machine running IE 6 or IE 7. by Ryan Naraine

Tags: Microsoft Internet Explorer 7, Malware, Microsoft Internet Explorer, Zero-day Bug, Web Browsers, Spyware, Adware & Malware, Cyberthreats, Viruses And Worms, Security, Internet, Ryan Naraine

Blog posts 2009-11-23

Second iPhone worm behaves like botnet

That'll teach them what happens to jailbreakers!This only hits those who deliberately climbed the fence and ventured into the dangerous would outside Apples walled garden.Victims of this have nothing on Apple for this. The vulnerability was introduced by their own incompetent actions, but knowingly non-sanctioned by Apple.The learning: You better...

Tags: Smart phones, Cyberthreats, Viruses and worms, SECURITY, Apple iPhone, worm, Apple Inc.

Discussion threads 2009-11-23

Blink Personal 4.5.1 (Windows)

Designed for personal, student, and home office use, Blink Personal Edition is the only solution that provides consumers with complete PC security for free. Blink Personal Edition is an internet security solution that protects users' systems and sensitive data from viruses, spyware, identity theft, malicious web sites, and other attacks...

Tags: eEye Digital Security, Vulnerability Assessment, Microsoft Windows, Internet Security, Blink Personal Edition, Internet, Security, Identity Theft, Network Security, Networking

Software downloads 2009-11-22

Microsoft finds security hole in Google Chrome Frame

HAHA! Way to go Microsoft! They basically just told Google to suck it! The best part is they were right the whole time. Yet people blindly defended Google. It would seem Google has more software issues than anyone else.RE: Microsoft finds security hole in Google Chrome FrameI'm not...

Tags: Web browsers, security, Google Inc., Microsoft Corp., attack surface, Google Chrome

Discussion threads 2009-11-19

Microsoft finds security hole in Google Chrome Frame

A security researcher in the Microsoft Vulnerability Research MSVR has discovered a "high risk" Google Chrome Frame security vulnerability that could allow an attacker to bypass cross-origin protections. by Ryan Naraine

Tags: Google Inc., Microsoft Corp., Google Chrome, Security, Ryan Naraine

Blog posts 2009-11-19

Managing a growing threat: An Executive's Guide to Web Application Security

Traditionally, companies have relied on perimeter defenses to keep their networks and data secure. Unfortunately, network firewalls and network vulnerability scanners can't defend against application-level attacks. Cyber-criminals are leveraging relatively simple application exploits to gain access to sensitive information for fun and profit. It's more important than ever to...

Tags: Web, Network, Web Application, IBM Corp., Cyber-criminals, Scanners, Networking, Hardware, Peripherals

White papers 2009-11-19

Webcast: Smart Techniques for application security: whitebox + blackbox testing.

Whitebox & blackbox application security testing are two approaches for detecting vulnerabilities in Web-based and network applications. Both have strengths and weaknesses, but a combination of the two provides the most comprehensive application security coverage and facilitates the extension of vulnerability assessments across the development lifecycle.

Tags: Technique, Webcast, Application Security, Security Administration, Security

Webcasts 2009-11-19

Mozilla locks out rogue Firefox add-ons

Firefox has conquered IEIt is evident that Firefox free has conquered IE, plus the fact the majority of sites work regardless of browser.The days of this old bait & switch from MS are over.But I thought the whole point behind "open source"......was to allow ANYONE to put code in their...

Tags: Web browsers, Microsoft Internet Explorer, Mozilla Firefox, Web browser, open source, Mozilla Corp.

Discussion threads 2009-11-18

Microsoft confirms 'detailed' Windows 7 exploit

Ummm interesting....so just block 139 and 445...445? great that port aggain.Is SMB blocked to/from internet by th firewall by default?RE: Microsoft confirms 'detailed' Windows 7 exploitPorts 139 and 445 are blocked by default for Internet access by Windows firewall in Windows 7 and any commerical hardware firewall. They are enabled...

Tags: Firewalls, SMB/SME, SMB protocol, Microsoft Windows 7, firewall, Windows 7 exploit, Microsoft Windows, small and medium business, Microsoft Windows Vista, operating system, Microsoft Corp.

Discussion threads 2009-11-16

Microsoft confirms 'detailed' Windows 7 exploit

Exploit code for the vulnerability was released by researcher Laurent Gaffié after failed attempts to get Microsoft's security response center to acknowledge that this was an issue that needs to be patched. by Ryan Naraine

Tags: Microsoft Corp., Microsoft Windows 7, Security, Operating Systems, Microsoft Windows, Software, Ryan Naraine

Blog posts 2009-11-16

VeriSign sets timetable to fix DNS hole

VeriSign has said a significant outstanding internet security vulnerability will be closed by 2011, after delays caused by technical aspects of the implementation. VeriSign has said a significant outstanding internet security vulnerability will be closed by 2011, after delays caused by technical aspects of the implementation. ...

Tags: DNS, VeriSign Inc., Internet Security, Internet, Domain Names, Security, VeriSign, security, Tom Espiner

News items 2009-11-16

Microsoft bracing for malware attacks from embedded fonts

It's only a matter of time before malicious hackers start exploiting a critical Windows vulnerability via booby-trapped Web pages or Office Word or PowerPoint documents. by Ryan Naraine

Tags: Malware, Microsoft Corp., Font, Attack, Spyware, Adware & Malware, Cyberthreats, Viruses And Worms, Security, Microsoft Office, Office Suites, Software, Ryan Naraine

Blog posts 2009-11-12

Microsoft probing Windows 7 zero-day hole

I hope Jeremy got some sleep last nightbecause he probably won't be getting much in the near future.first of many zillionsis there anything worse than being MS security programmer?poor bastards.YesYeah, being a mindless repetitive troll.yeah, being a poor Mac user. yeah, being a poor Mac user....

Tags: Wireless LANs, Firewalls, Microsoft Corp., Microsoft Windows 7, zero-day hole, Wi-Fi, Microsoft Windows, firewall

Discussion threads 2009-11-12

Microsoft probing Windows 7 zero-day hole

Microsoft said it is looking into a report of a vulnerability in Windows 7 and Server 2008 Release 2 that could be used by an attacker to remotely crash the computer. Microsoft said on Wednesday it is looking into a report of a vulnerability in Windows 7 and Server...

Tags: Vulnerability, Microsoft Corp., Server Message Block, Microsoft Windows 7, Microsoft Windows, Security, Operating Systems, Software, Microsoft, attack, zero day, Elinor Mills CNET News

News items 2009-11-12

Apple Safari exposes Windows to drive-by download attacks

"May lead"?Whenever I see these kinds of statements, regardless of platform, I always wonder if the "may" in "may lead to?arbitrary code execution" is equivalent to the odd, statistically improbable and realistically negligible but observed drug side-effect possibilities, like dry-mouth from eye drops or headaches from suppositories or whether it's...

Tags: Linux, Operating systems, SECURITY, Apple Safari, Apple Inc., Microsoft Windows

Discussion threads 2009-11-11

End-to-end encryption is the key to protecting data and reputations

In order to avoid the financial and brand damage associated with data breaches, businesses need to consider deploying end-to-end encryption as a tamper proof way of securing data. Commentary - Media outlets around the globe highlight new data breaches at an alarmingly regular rate. Forrester estimates that the cost...

Tags: PCI, Organization, Data Breach, PCI DSS, Encryption Key, encryption, security, Paul Meadowcroft Thales, Special to ZDNet, Paul Meadowcroft, Thales, Special to ZDNet

News items 2009-11-11

Adobe plugs security hole in Photoshop Elements

Adobe has shipped a patch to cover a security vulnerability affecting its Photoshop Elements software product. by Ryan Naraine

Tags: Adobe Systems Inc., Adobe PhotoShop, Adobe PhotoShop Elements, Security, Patches, Ryan Naraine

Blog posts 2009-11-10