TechBlog

Security News? Just a few clicks away

Tag Archives: Vulnerability

Adobe hacked: lost source code and millions of user credentials

In a blog post published two days ago, Adobe Inc., the publisher of Adobe Acrobat, Coldfusion and many, many other titles, has reported that their infrastructure was hacked and source code of several products was stolen. The breach has been … Continue reading

OWASP Top 10 Project 2013 published

The Open Web Application Security Project (OWASP) is an open community dedicated to enabling organizations to develop, purchase, and maintain applications that can be trusted. The goal of the Top 10 project is to raise awareness about application security by identifying … Continue reading

Emails with malicious URLs use the tragedy in Boston to exploit vulnerable Java installations (updated)

Yesterday the USA has suffered a bomb attack during a marathon that took place in Boston. This attack was characterized by the US President as a “terrorist attack” since it involved civilians. Not even 24h later, we have started to … Continue reading

Didn’t you uninstall Java already?

If you didn’t uninstall it, then think again about this. Here is how to uninstall or deactivate Java from your system. Oracle has announced that they fixed with the update on February 1st only a part of the problems originally … Continue reading

Microsoft fixes the IE zero-day exploit

We have published information about the IE zero-day exploit which affected IE version 6 to 9 on all operating systems on which it is available. Not surprisingly, Microsoft announced today that they have a fix for this problem even before the cumulative patch on … Continue reading

Oracle has released the patch for the Java 0-day exploit

We wrote about the Java 0-day exploit (CVE-2012-4681) and that there is no fix available from Oracle. In the meanwhile, we have added also detection for the exploit starting with t he engine  version 8.2.10.148 or higher. All Avira products detect this … Continue reading

0-day exploit for Java 1.7 (Update)

Recently a vulnerability in Oracle’s Java Runtime Environment (JRE) 1.7 was discovered that may allow an applet to execute any program with arbitrary permissions. The JRE framework allows any browser on any supported platform to execute Java applications called applets … Continue reading

Security updates for Safari and OS X Lion products

Apple released Safari 5.1.7 addressing multiple cross-site scripting, remote code execution, crashes  and other vulnerabilities. Also notable is the automatic deactivation of  Adobe Flash Player if it is older than 10.1.102.64 by moving its files to a new directory. This update presents the option to … Continue reading

Security 101: March – Questions & Answers

The magazine PC.COM (Malaysia) is publishing on a monthly basis the questions and answers coming from their readers. The editor of the magazine was kind to allow us to publish the questions and the answers I provided. This means that every month … Continue reading

Old Microsoft Office for Mac vulnerability actively used to install malware

Not surprisingly, more than two and a half years after a critical patch has been delivered, we see customers that didn’t update. And if we can see them, then also the bad guys see them as well. Even worse, we … Continue reading