vulnerability - search results

Content Security Policy (CSP) from the World Wide Web Consortium (W3C) is a mechanism web applications can use to mitigate a broad class of content injection vulnerabilities, such as cross-site scripting (XSS).

The latest Cumulative Update for SharePoint Server 2016 includes KB1341486 and KD3141487, as well as the previously released Feature Pack 1.

Netgear has a new firmware update to solve a vulnerability in three routers of eight found to be at risk from hacker exploits. The flaw allows hackers to access a router via a malicious URL and was given a rating of 9.3 out of 10 on the Common Vulnerability Scoring System.

A piece of code designed by researchers at Ben-Gurion University in Beer-Sheva, Israel, enables hackers to hijack headphones and turn them into a covert listening device.

In a bid to provide customers with more information, Microsoft has created Security Updates Guide. The company says customers can access info about new features and protection methods.

A Chinese vulnerability firm and a lone hacker breached Microsoft Edge at the Power of Community conference in Seoul. Microsoft has been informed of the relevant vulnerabilities and will be able to shore up Edge for future attacks.

The security update fixes the vulnerabilities in various versions of Windows by correcting how the Windows kernel-mode driver handles objects in memory.

A Windows exploit in the win32k system call has been revealed by Google, causing some significant conflict between the two rivals. The Redmond giant was given just ten days to fix the issue.

Corporate vice president Brad Anderson suggests that companies have too much trust in iOS as a platform, and references the Trident spyware as a prime example.

49 vulnerabilities were found across 10 security bulletins. Microsoft says there were four zero-day vulnerabilities in Edge, Office, Internet Explorer, Windows, and Skype for Business.

Microsoft's bug bounty program now extends to violations in W3C standards, including Same Origin Policy bypass and Referer Spoofing.

Microsoft has rolled out a total of 94 fixes to address vulnerabilities in its software. The security updates cover Internet Explorer, Edge, SharePoint, Silverlight and more.

The latest bug bounty will give users who find critical problems in the cross platform server app development tools a reward. Like other similar programs, Microsoft is offering between $500 and $15,000.

Flash player will now update automatically inside of edge, and also be contained in a separate AppContainer for extra security.

A group of four vulnerabilities named the QuadRooter affect the Android platform, giving access to the root of devices. Security researcher Check Point says new handsets are among the 900 million devices affected.

Windows Insiders running preview build of the Edge browser can be awarded between $500 and $15,000 for finding remote-exploitable bugs and reporting them to Microsoft.

Microsoft has fixed a vulnerability that allowed users to unlock ARM-powered Windows RT tablets and boot or install Linux or other unapproved operating systems.

A vulnerability found in the UEFI driver of Lenovo's ThinkPad allows hackers to bypass new Windows security features and remove write protection on flash memory.

Hallum explains how this new strategy came about from the fact that building a system’s security from software, particularly from the operating system, allows...

The fallout from last week’s uTorrent breach has been confirmed as 35,000 forum members suffered exploited private details, sparing many of the 388,000 total users.