Mar 17

1-Year Vista Vulnerability Analysis

Posted in: Today's Chili

This article was written on January 24, 2008 by CyberNet.

Jeff Jones, the Security Strategy Director for Microsoft’s Trustworthy Computing group, has assembled a 1-year analysis of Vista’s vulnerabilities. In his 6-month review Vista came out on top when pitted up against other operating systems, and stretching the timeline out over a 1-year period didn’t yield any different results.

In his report he wanted to clarify that he is not reviewing the actual security of an operating system, and is just using vulnerability reports to compile his results:

So, this is not an analysis of “the security”.  I don’t look at protective mechanisms and see how they might protect in certain scenarios.  Nor do I look at security features and see how they might enable better privacy or help secure business process.  And I certainly don’t look at how easy it is to manage the security policy for these products.

The chart below covers the first year of vulnerabilities for 5 major operating systems. Vista was analyzed during November 30, 2006 and November 30, 2007 while the others were analyzed during their first year of release. And third-party applications commonly included with the Linux distributions, such as OpenOffice and Gimp, were ignored to keep things fair.

Operating System Vulnerabilites

The results are obviously point to Vista being a secure operating system. Jones said that he plans to do a 2007 (January 2007 to December 2007) vulnerability comparison of the various operating systems as well. What I would really like to see is a comparison of the amount of time vulnerabilities have gone unpatched. I wonder how that would affect the results?

Copyright © 2014 CyberNetNews.com

No Comments | Tags: , , , ,
Aug 31

Firefox 3 Vulnerability Found in 5-hours

Posted in: Today's Chili

This article was written on June 19, 2008 by CyberNet.

firefox vulnerable.jpgMozilla has got to be happy that they’re Firefox 3 web browser has received over 12 million downloads since Tuesday, but it took only five hours for the browser’s first critical vulnerability to be discovered. Luckily details about the vulnerability have not been made public, and Mozilla has said that there’s no known exploit for the bug at this time.

At this point very little is known about the vulnerability other than the fact that you would have to click on a link to initiate it:

Successful exploitation of the vulnerability could allow an attacker to execute arbitrary code. Not unlike most browser based vulnerabilities that we see these days, user interaction is required such as clicking on a link in email or visiting a malicious web page.

For those of you running Firefox 2 still… you’re not immune to this either. This affects both Firefox 2 and Firefox 3, and Mozilla is already working on a patch to plug the hole. I guess that means you’ll want to exercise caution when clicking on unknown links, but then again you should always be doing that. 😉

Mozilla Blog [via CNet]

Copyright © 2013 CyberNetNews.com

No Comments | Tags: , , , ,
Jul 17

Wearable Computers Create New Security Vulnerabilities

Posted in: Today's Chili
Wearable Computers Create New Security Vulnerabilities

Among other things, Google Glass is bringing to light how wearable computers and the new wave of web-connected objects collectively known as the Internet of Things are introducing new security vulnerabilities to the puzzle of mobile computing.

    

No Comments | Tags: , , , , , ,
Jan 12

Even The Department Of Homeland Security Wants You To Disable Your Java

Posted in: Today's Chili

We’ve been concerned about the security of Java for a while now. There was that vulnerability that affected like a billion computers, and Apple went so far as to remove Java plugins from all OSX browsers. Now even the Department of Homeland Security is in on the act with a special message: “Yo, shut off that Java jazz“. More »

No Comments | Tags: , , , ,
Sep 21

Microsoft issues security patches for Flash vulnerabilities in Windows 8 and Internet Explorer

Posted in: Today's Chili

As promised, Microsoft is issuing a security patch for a Flash vulnerability on Windows 8 in Internet Explorer 10. Though the operating system has yet to see its official public release, researchers testing the RTM version found a bug that could cause Flash to crash and allow for attackers to take control of a user’s machine. Additionally, the company is rolling out an update to address a security hole in Internet Explorer versions 7 and 8 on Windows XP — and IE 9 on Windows 7 and Windows Vista — which left the door open for hackers to spread malware via a specially designed Flash animation. Both security patches are available via Microsoft’s Windows Update service.

Filed under: ,

Microsoft issues security patches for Flash vulnerabilities in Windows 8 and Internet Explorer originally appeared on Engadget on Fri, 21 Sep 2012 22:53:00 EDT. Please see our terms for use of feeds.

Permalink The Verge  |   | Email this | Comments

No Comments | Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,