Jump to content

Search the Community

Showing results for tags 'exploits'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Lunarsoft Related
    • Announcements
    • Lunarsoft Discussion & Issues
    • Backpage News
  • Lunar Lounge
    • General Discussion
    • Gamer's Hangout
    • Media Hub
    • Introduce Yourself
  • Technical Discussion
    • Software
    • Hardware
    • Malware Prevention & Security
    • Malware Removal
  • Microsoft Product Support
    • Windows 10
    • Windows 8
    • Windows 7
    • Microsoft Office
  • Member Projects
    • Anti-Malware Toolkit
  • Archives
    • Read Only Archives

Calendars

There are no results to display.


Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Location


Website URL


Interests

Found 2 results

  1. Symantec has warned customers that security flaws in the firm's systems outed by Google's Project Zero last month won't be fixed until mid-July. Patches were rushed out to cover some of the "as bad as it gets" flaws identified by Project Zero, but patches to secure the fundamental architectural flaws are still some weeks away. The cloud-based versions of Symantec's Endpoint Protection Small Business Edition will finally be updated this week, but users of the workstation versions will have to wait weeks. Symantec has promised updates "by mid-July" and recommended that customers apply them as a matter of urgency, but in the meantime Symantec's systems remain vulnerable. Project Zero publicized the flaws found in Symantec's Norton Antivirus products last week, after uncovering them in May and reporting them to Symantec. View the full article
  2. Security holes and vulnerabilities are to be expected, but not enough is being done to patch holes quickly enough. This is the conclusion of Heimdal Security who conducted analysis of software vulnerabilities. The security firm found that while security problems are on the increase, companies are failing to keep pace and issues remain unaddressed for too long. It's something that hackers are taking advantage of, and user data is being left at great risk. Heimdal Security found that between 60 and 90 percent of attacks from hackers take advantage of this fact. A number of key culprits are singled out for particular attention -- names that will be familiar to most: Oracle Java Runtime environment, Adobe Acrobat Reader, Adobe Flash Player, and Apple QuickTime. The biggest offender, by quite some margin, is Java Runtime environment, blighted by 48 vulnerabilities in 2012, a staggering 180 in 2013, and 90 so far in 2014. According to CVE Details, the average severity rating for all of the vulnerabilities found in each of the four products. Using the CVSS (Computer vulnerability severity system), which rates issue severity on a 1 to 10 scale, the average rating is 7.8 for Java -- and that's the best of the bunch. Adobe's two products were rated 9.2. So what is being done to address the issues as they are detected? Not enough. CEO of Heimdal Security, Morten Kjaersgaard, says: "Considering the severity and mass of security flaws we see in software released by key vendors, you may think that security gaps should be closed faster. However, our data actually indicates that it can take as many as 12 months between patches for Apple Quicktime to be released." Despite the huge number of security holes detected in its software, Oracle pumps out an update once every couple of months on average. Adobe and Apple fare just about as badly. All of these products are still widely used. In fact, QuickTime is actually almost three times as popular now as in 2012. But while Apple's media player may only be installed on 33 percent of computers, the two Adobe products and Java Runtime are found on more than 80 percent of systems. Heimdal Security points out that this is particularly worrying as some 27 percent of emails contain malicious URLs which exploit known software vulnerabilities. What is perhaps more troubling is that it is business systems that have been used in the studies. The figures may be slightly different for home computers, but it is business systems that house the most sensitive data in the greatest quantities. View the full article
×
×
  • Create New...