current-activity

FREAK (Factoring Attack on RSA-EXPORT Keys) SSL/TLS Vulnerability has been discovered, a weakness in some implementations of SSL/TLS.  It allows an attacker to intercept HTTPS connections between vulnerable clients and servers and force the two to use weakened encryption, which the attacker can break to steal or manipulate sensitive data. …

Samba Vulnerability has been discovered in Linux and UNIX based operating systems. All versions of Samba from 3.5.0 to 4.2.0rc4 are vulnerable to an unexpected code execution in the smbd file server daemon. Updates have been released to address the vulnerability that could allow an attacker to take control of …

SuperFish Vulnerability discovered in Lenovo personal computer pre-installed with SuperFish Visual Discovery Software, SuperFish intercepts HTTP(S) traffic using a self-signed root certificate. These updates address vulnerability that could allow an attacker to read all encrypted web browser traffic (HTTPS), successfully impersonate (spoof) any website, or perform other attacks on the …

Mozilla Security Updates The Mozilla Foundation has release security updates to address multiple vulnerabilities in Firefox, Firefox ESR and Thunderbird. These updates address vulnerabilities that could allow an attacker to obtain sensitive information or execute arbitrary code on an affected system. The following updates are available: . Firefox 36 . …

The Internet Systems Consortium (ISC) has released security updates for BIND. These updates address vulnerability that could potentially allow an attacker to cause a denial of service condition. The following update is available:- . BIND 9.9.6-P2 . BIND 9.10.1-P2 Users and administrators are encouraged to review the ISC Knowledge Base …

Google has released Chrome OS 40.0.2214.114 for Chrome devices. This update addresses multiple vulnerabilities (e.g. Use-after-free in DOM [CVE-2015-1209], Cross-origin-bypass in V8 bindings [CVE-2015-1210], Privilege escalation using service workers [CVE-2015-1211]) that could allow an attacker to cause a denial of service condition or obtain personal information. Users and administrators are …

Microsoft has released security update for Internet Explorer. This update addresses vulnerabilities exist when Internet Explorer improperly accesses objects in memory. Exploitation of these vulnerabilities could allow a remote attacker to take control of an affected system if a user views a specially crafted webpage using Internet Explorer. Affected Software:- …

Microsoft has released security update for Windows. This update addresses vulnerability by improving how domain-configured systems connect to domain controllers prior to Group Policy accepting configuration data. Exploitation of this vulnerability could allow an attacker to take complete control of an affected system if convinces a user with a domain-configured …

Microsoft has released security bulletin for the month of February 2015 to address vulnerabilities in Windows. Exploitation of these vulnerabilities could allow elevation of privilege, disclosure of information, remote code execution or security feature bypass. Users and administrators are encouraged to review Microsoft Security Bulletins MS15-Feb and apply the necessary …

Adobe has released security updates for Flash Player. These updates address critical vulnerability that could potentially allow an attacker to take control of the affected system. Affected software versions are:- .Adobe Flash Player 16.0.0.296 and earlier versions .Adobe Flash Player 13.0.0.264 and earlier 13.x versions .Adobe Flash Player 11.2.202.440 and …