Archive: New Patches
Adobe Plugs 8 Security Holes in Reader
This post was updated at 12:20 p.m. to clarify what's new in this Adobe patch. See the update below the original post. Adobe has issued an update to plug at least eight security holes in its PDF Reader software....
By Brian Krebs | May 9, 2008; 11:40 AM ET | Comments (7)
Microsoft Releases Windows XP Service Pack 3
Microsoft today finally released Service Pack 3 for Windows XP users. The update should now be offered via both Windows Update or Automatic Updates. The company was expected to release it last week, but pulled the plug at the last...
By Brian Krebs | May 6, 2008; 08:35 PM ET | Comments (63)
Microsoft Delays Windows XP Service Pack 3
Microsoft is delaying the release of Service Pack 3 for Windows XP users due to a "compatibility issue" with the bundle of updates and a supply-chain solution the company markets to small- and medium-sized businesses. The software giant had previously...
By Brian Krebs | April 29, 2008; 05:43 PM ET | Comments (41)
Do You Foxit? Then Patch It!
The makers of Foxit Reader -- a free alternative application to Adobe's software for viewing portable document format (PDF) files -- has issued an update that plugs several security holes. Hats off to Foxit Software, which turned around a patched...
By Brian Krebs | April 28, 2008; 12:14 PM ET | Comments (10)
Badware Threat Changes Apple's Tune on Safari
In response to mounting criticism from security and privacy experts, Apple has changed the way its Software Update program pushes out the Safari Web browser to Windows users. But the changes may not go far enough for many people because...
By Brian Krebs | April 23, 2008; 11:27 AM ET | Comments (32)
A Shifting Definition of 'Severity'
Microsoft this week issued a study that examines the malicious software threat to Windows computers ... a report clearly written from the software giant's vantage point. While the report includes some interesting stats about which malware samples were most prevalent...
By Brian Krebs | April 22, 2008; 09:00 AM ET | Comments (1)
Java Update Released
Sun Microsystems issued another update to fix security and stability problems with its Java software, but few users are likely to have noticed, as Sun currently isn't doing anything to alert people. Java's updater errantly says my Java 6 Update...
By Brian Krebs | April 21, 2008; 01:25 PM ET | Comments (17)
Windows Vista Service Pack 1: Not for the Impatient
Microsoft has released a bundle of security and stability updates for Windows Vista users. What follows is a long-overdue primer on this package of goodies from Redmond known as Service Pack 1. While some peoples' experience with Service Pack 2...
By Brian Krebs | April 17, 2008; 11:15 AM ET | Comments (40)
Security Updates for Firefox, Safari
Both Apple and Mozilla issued updates late Wednesday to plug security holes in their Web browser software. The Mozilla update fixes a single critical vulnerability with the way Firefox handles "Javascript garbage collection." Mozilla says this update was issued "primarily...
By Brian Krebs | April 17, 2008; 09:02 AM ET | Comments (15)
Security Fix Pop Quiz, Spring 2008 Edition
Have you been keeping up to date with the latest security patches? Examine the list below to see how you've done. If you're not sure which version of a program you're running, you can usually tell by selecting "Help" and...
By Brian Krebs | April 14, 2008; 10:07 AM ET | Comments (27)
Time to Patch Your Flash
Adobe has issued an update to patch several security holes in its Flash player. Most people will have some version of Flash installed on their computers, so it's a good idea to take a moment and make sure your system...
By Brian Krebs | April 11, 2008; 03:31 PM ET | Comments (20)
Microsoft Fixes 10 Security Vulnerabilities
Microsoft today issued software updates to plug at least 10 security holes in its Windows operating systems and other software. More than half of the vulnerabilities fixed by these patches earned the company's most dire "critical" rating, and several of...
By Brian Krebs | April 8, 2008; 03:01 PM ET | Comments (9)
Opera Updates and a Black Tuesday Preview
Opera this week released a new version of the Web browser to correct at least two remotely exploitable security vulnerabilities. Separately, Microsoft said it plans to release eight updates on Tuesday as part of its regular monthly patch cycle. The...
By Brian Krebs | April 7, 2008; 10:45 AM ET | Comments (2)
Reach Out And Hack Someone
Gone are the days when telephones were dumb appliances that you simply plugged into the wall and forgot: Security researchers from one Internet security firm say they have located more than 100 vulnerabilities in hardware and software that powers the...
By Brian Krebs | April 3, 2008; 05:15 PM ET | Comments (10)
Apple Issues QuickTime Update for Mac, Windows
Apple on Wednesday pushed out an update to its QuickTime media player software, fixing at least 11 security vulnerabilities in the software for both Mac and Windows systems. Mac users can get the latest version through Software Update. Windows QuickTime...
By Brian Krebs | April 3, 2008; 06:45 AM ET | Comments (14)
Apple Patches 93 Security Holes
Apple this week pushed out one of its biggest bushels of security updates in a long while, fixing more than 90 vulnerabilities in nearly every major component of its operating system and supporting software. Apple also released updates for the...
By Brian Krebs | March 19, 2008; 11:34 AM ET | Comments (8)
Microsoft Patches 12 Office Security Holes
Microsoft today issued four updates to fix at least a dozen security vulnerabilities in its Office software products. All of the updates earned Microsoft's "critical" label, meaning attackers could exploit the flaws to break into Windows systems with little or...
By Brian Krebs | March 11, 2008; 02:30 PM ET | Comments (6)
An Opera Update And A Farewell to Netscape
A new version of the Opera Web browser fixes at least three security vulnerabilities in the software. Separately, a security patch from AOL marks the final update for the venerable Netscape browser. The latest update from AOL will be the...
By Brian Krebs | February 27, 2008; 02:15 PM ET | Comments (26)
Microsoft's Valentine: 17 Security Updates
Microsoft today pushed out software updates to fix a large number of security flaws in computers running its Windows operating systems and other software. Notable among the patches is a critical roll-up of fixes for Internet Explorer, the Web browser...
By Brian Krebs | February 12, 2008; 04:50 PM ET | Comments (24)
Apple Releases Tiger, Leopard Security Updates
Apple is pushing out updates to plug at least 10 different security holes in computers powered by its Tiger (OS X 10.4.x) and Leopard (10.5.x) operating systems. Mac users can grab the latest patches via Software Update or directly from...
By Brian Krebs | February 12, 2008; 10:20 AM ET | Comments (5)
Mozilla, Skype Issue Updates
It seems as though every maker of desktop software applications is issuing updates to its products this week. Skype, the popular voice-over-Internet telephone service+software has a new version that squashes a security bug. Meanwhile Mozilla is pushing out an update...
By Brian Krebs | February 8, 2008; 11:02 AM ET | Comments (72)
Adobe, Apple Issue Security Updates
Adobe has released an update to its free Adobe Reader application that corrects more than two dozen bugs, including several security holes. Separately, Apple this week pushed out a patch to plug a single security vulnerability in its iPhoto application....
By Brian Krebs | February 6, 2008; 03:12 PM ET | Comments (9)
Massive Java Update Includes Security Fixes
Sun has released another update to its Java software that brings some 370 bug fixes, including a number of security updates. For most home users, this update brings the latest version of the software to Java 6 Update 4. Most...
By Brian Krebs | January 23, 2008; 01:42 PM ET | Comments (38)
Apple Patches QuickTime, iPhone and iPod Security Holes
Apple is pushing out patches to plug a number of security holes in the iPhone, iPod touch and its QuickTime media player. The QuickTime update fixes at least four security flaws found in both Mac OS X (including Leopard, OS...
By Brian Krebs | January 17, 2008; 04:00 PM ET | Comments (1)
Microsoft Patches Three Windows Security Holes
Microsoft yesterday pushed out a couple of patches to fix at least three separate security flaws in its various Windows operating systems, including one that could be especially dangerous for Windows home users. The most serious update is included in...
By Brian Krebs | January 9, 2008; 10:43 AM ET | Comments (35)
Important Update For Ad-Aware SE Users
Microsoft Windows users who rely on Ad-Aware SE Personal (the free version) to protect their machines from spyware and adware should be aware that Lavasoft, the company that makes the popular program, stopped shipping updates for the software after Dec....
By Brian Krebs | January 7, 2008; 01:14 PM ET | Comments (47)
Security Updates for Flash, Opera
Adobe is urging people who use its Flash Player (this includes pretty much all Windows users) to upgrade to a new version that fixes at least nine separate security vulnerabilities that could be exploited to install unwanted software on vulnerable...
By Brian Krebs | December 21, 2007; 10:06 AM ET | Comments (24)
Apple Patches Java, OS X and Safari 3 Flaws
Apple pushed out a bushel of patches late last week to fix at least 18 security vulnerabilities in its implementation of Java for Mac users. Then on Monday, the company issued a large update that plugged at least 40 security...
By Brian Krebs | December 18, 2007; 08:48 AM ET | Comments (8)
New QuickTime Player Fixes 3 Security Flaws
Apple has issued an update to its QuickTime media player software to plug at least three security holes, including one that cyber criminals already are using to break into vulnerable systems. The new version, QuickTime 7.3.1, is available for Mac...
By Brian Krebs | December 14, 2007; 10:18 AM ET | Comments (17)
Microsoft Plugs 11 Windows Security Holes
Microsoft today released software updates to plug at least 11 security holes in PCs powered by its Windows operating systems and other software. Windows users can download the fixes either directly through the Microsoft Update Web site or via Automatic...
By Brian Krebs | December 11, 2007; 03:15 PM ET | Comments (14)
Apple Plugs 44 Security Holes
Apple released updates to fix at least 44 different security vulnerabilities in its software for Mac OS X and Windows. Forty of the flaws reside in OS X itself, while the rest are specific to Apple's version of the Safari...
By Brian Krebs | November 15, 2007; 10:15 AM ET | Comments (16)
Microsoft Plugs Critical Windows Security Hole
Microsoft today issued two software updates to remedy security vulnerabilities in its Windows operating systems, including one that criminal groups have been targeting lately to break into and steal data from vulnerable machines. One of the patches fixes a critical...
By Brian Krebs | November 13, 2007; 02:01 PM ET | Comments (4)
Apple Patches iPhone Security Hole
Apple iPhone users should soon be prompted to install a software update that plugs a much-publicized security hole in the devices. The critical vulnerability patched by Apple was the very same used by iPhone developers to power "Jailbreak," software that...
By Brian Krebs | November 13, 2007; 08:54 AM ET | Email a Comment
Patch Tuesday Preview, And a Windows Warning
Microsoft plans to release just two security updates next week to fix problems with Windows and other software. Meanwhile, the company says it has received reports from Windows XP and Windows 2003 users that criminals are targeting an unpatched flaw...
By Brian Krebs | November 9, 2007; 10:02 AM ET | Comments (6)
New QuickTime Version Plugs 7 Security Holes
Apple on Monday released another iteration of its QuickTime media player that fixes at least seven security vulnerabilities in previous versions of the software. The flaws are present in earlier versions of QuickTime for Mac, Windows XP and Windows Vista....
By Brian Krebs | November 5, 2007; 05:40 PM ET | Comments (21)
Firefox Update Plugs 8 Security Holes
Mozilla has shipped an update to its Firefox Web browser that corrects at least eight separate security flaws, including two that Mozilla flagged as especially serious. Firefox users should have already received an update that brings the browser to version...
By Brian Krebs | October 25, 2007; 09:38 AM ET | Comments (23)
Adobe Fixes Reader, Acrobat Vulnerabilities
Adobe is offering a software update to fix a security flaw in its Adobe Acrobat and Adobe Reader products -- the latter being free software that many people use to view PDF documents. The update, which brings the latest versions...
By Brian Krebs | October 23, 2007; 09:44 AM ET | Comments (17)
RealPlayer Patch Plugs In-the-Wild Security Exploit
RealNetworks, the maker of the RealPlayer and RealOne media player software, has issued a security update to fix a flaw that hackers are actively exploiting to break into vulnerable computers. The stand-alone patch, available here, remedies a flaw in RealPlayer...
By Brian Krebs | October 22, 2007; 04:27 PM ET | Comments (6)
Microsoft Plugs Nine Security Holes
Microsoft today released a set of seven security updates to fix at least nine separate security holes in its PCs powered by its Windows operating and other software. Windows users can fetch the patches from the Microsoft Update Web site...
By Brian Krebs | October 9, 2007; 05:21 PM ET | Comments (14)
Java Update Plugs Multiple Security Holes
Sun Microsystems is pushing out an important security update to various versions of its Java Runtime Environment (JRE) software, along with a couple of changes designed to make patching the program more predictable and manageable for companies running custom versions...
By Brian Krebs | October 8, 2007; 01:28 PM ET | Comments (8)
QuickTime Security Update for Windows
Apple has pushed out a security update for its QuickTime media player for Windows users. It might be a good idea not to let too much grass grow beneath your feet before installing this update: The vulnerability appears to be...
By Brian Krebs | October 5, 2007; 03:23 PM ET | Comments (5)
Microsoft's Stealth Update Backfires for Some Users
A software update Microsoft quietly delivered to millions of PCs this summer prevents the installation of at least 80 security updates when some Windows users try to fix a problem with their computer using the software's "repair" feature, according to...
By Brian Krebs | September 28, 2007; 10:23 AM ET | Comments (18)
Apple Ships iPhone Security Updates
Apple today issued a software update to plug at least 10 security holes in the iPhone, including at least seven fixes for Safari, the device's built-in Web browser. The updates are available only through iTunes, recent versions of which are...
By Brian Krebs | September 27, 2007; 04:47 PM ET | Comments (19)
Service Pack 3 Available for Office 2003 Users
Microsoft has released its third service pack for Office 2003 users. The company says the 117-megabyte bundle of security updates and program tweaks "represents a major evolution in security for Office 2003" and that it "further hardens the Office suite...
By Brian Krebs | September 26, 2007; 12:45 PM ET | Comments (9)
Firefox Update Fixes Apple QuickTime Flaw
Mozilla shipped an update on Tuesday to its Firefox Web browser that fixes a fairly dangerous security flaw introduced by Apple's QuickTime media player. The latest patched version is Firefox 2.0.0.7, and unless you're using an unsupported, older version of...
By Brian Krebs | September 19, 2007; 12:05 PM ET | Comments (13)
Security Updates for Windows 2000, Instant Messager
Microsoft Corp. released a mercifully light batch of software updates today as part of its regularly scheduled "Patch Tuesday" release cycle. Most Windows users will likely have to install just a single security update this time around. The fixes are...
By Brian Krebs | September 11, 2007; 02:27 PM ET | Comments (7)
Apple iTunes Update and Patch Tuesday Preview
Apple has released a new version of its iTunes software that includes an important security update for both Windows and Mac OS X systems. Meanwhile, Microsoft provided a preview of the security updates it will release next week to fix...
By Brian Krebs | September 7, 2007; 10:14 AM ET | Comments (6)
Yahoo! Issues Security Update for Messenger
Last week, Security Fix warned Yahoo! Messenger users to be wary of unexpected video chat invites from other Yahoo! instant messenger users, as the blueprints for exploiting security holes in the chat invite function of the program had been posted...
By Brian Krebs | August 23, 2007; 09:45 AM ET | Comments (9)
Microsoft Fixes 14 Software Security Flaws
Microsoft today released software updates to plug at least 14 security holes in computers powered by different versions of its Windows operating system and other software. The updates are available from the Microsoft Update Web site or via Automatic Updates....
By Brian Krebs | August 14, 2007; 02:01 PM ET | Comments (12)
Security Fix Pop Quiz, Summer 2007 Edition
Yes, dear readers, it's time once again for a Security Fix Pop Quiz, intended to serve as a gentle reminder to install security updates for third-party programs. The table below lists the software title, the date each update was released,...
By Brian Krebs | August 13, 2007; 02:57 PM ET | Comments (13)
There's a Black Tuesday on the Rise
Microsoft Windows users can expect to install a flood of software updates from Redmond next week, when the company plans to push out at least nine patch bundles to remedy security holes in its products. Each patch bundle often fixes...
By Brian Krebs | August 9, 2007; 04:14 PM ET | Comments (14)
Attacks Prompt Update for 'Tor' Anonymity Network
One of the best-known and free services for helping Internet users maintain their anonymity online - a network known simply as "Tor" -- suffered an attack this past week that may have exposed the identities of thousands of users. The...
By Brian Krebs | August 8, 2007; 02:00 PM ET | Comments (1)
iPhone Exploits Revealed
LAS VEGAS -- Two methods that could allow criminals to break into and steal data from Apple's iPhone were demonstrated Thursday here at the Black Hat hacker conference. Charlie Miller, a researcher with Independent Security Evaluators, had warned Apple...
By Brian Krebs | August 3, 2007; 01:39 PM ET | Comments (13)
Apple's 48 Security Fixes Include iPhone Updates
Apple on Tuesday pushed out security updates to fix at least four dozen security holes in its Mac OS X operating system and other software. Perhaps most notable among the patches are several designed to plug security holes in Apple's...
By Brian Krebs | August 1, 2007; 07:20 AM ET | Comments (36)
Firefox Update Comes With a Mea Culpa
Mozilla is pushing out an update to its Firefox Web browser (version 2.0.0.6) that plugs a pair of security holes in the software. Firefox users should receive notice of the pending update the next time they launch the browser. (If...
By Brian Krebs | July 31, 2007; 10:17 AM ET | Comments (17)
New Firefox Browser Fixes Seven Security Holes
Mozilla has shipped a new version of its popular Firefox Web browser to plug multiple security holes. The fixes embedded in the latest iteration of Firefox, version 2.0.0.5, are not included in older versions of Firefox (e.g., 1.5.x and lower),...
By Brian Krebs | July 18, 2007; 10:36 AM ET | Comments (20)
Important Updates for Adobe Flash, Sun's Java
Adobe and Sun Microsystems have issued updates to fix security problems in their Flash Player and Java applications, respectively. Flash and Java are some of the most widely installed third-party software applications on the planet, so it's a fair bet...
By Brian Krebs | July 16, 2007; 09:46 PM ET | Comments (13)
New QuickTime Version Mends Eight Flaws
Apple has released a new version of its ubiquitous QuickTime player for both Mac OS X and Microsoft Windows computers. The latest version, v. 7.2, plugs at least eight security holes in the software. QuickTime vulnerabilities that span both operating...
By Brian Krebs | July 12, 2007; 02:52 PM ET | Comments (4)
Microsoft Plugs 11 Software Holes
Microsoft Corp. today pushed out software updates to plug at least 11 separate security holes in its Windows operating system and other software. Windows users can grab the updates via the Microsoft Update Web site, through Automatic Updates, or download...
By Brian Krebs | July 10, 2007; 02:55 PM ET | Comments (7)
It's a Jungle Out There for Apple's Safari
For the second time in less than a week, Apple has shipped updates to correct security holes in the beta version of its Safari Web browser. Patches are available for Windows users who have installed the version of Safari for...
By Brian Krebs | June 25, 2007; 04:49 PM ET | Comments (20)
Two Security Updates from Apple
Apple on Wednesday shipped a couple of software security updates. One plugs a security hole in its Apple TV product, the other a flaw in the Mac OS X operating system. Mac OS X v10.4.10 is available through Apple Downloads...
By Brian Krebs | June 21, 2007; 04:54 PM ET | Comments (1)
Mpack Exploit Tool Slips through Security Holes
Researchers have been charting the rise in threats created by a new software exploit tool known as "Mpack," a virtual attack kit designed to be embedded in hacked or malicious Web sites. It targets security holes in multiple software products,...
By Brian Krebs | June 18, 2007; 04:15 PM ET | Comments (10)
Apple Issues Windows Safari Bug Fixes
Apple today issued software updates to fix at least three security vulnerabilities in the new version of the Safari Web browser, designed for Windows PCs. The fixes are available in a new version of the browser, Safari 3.0.1 Public Beta...
By Brian Krebs | June 14, 2007; 10:15 AM ET | Comments (21)
Microsoft Plugs 15 Security Holes
Microsoft issued free software updates today to fix at least 15 separate security flaws in its Windows operating system and other software. Windows users can grab the patches by visiting Microsoft Update or by turning on Automatic Updates. Nine of...
By Brian Krebs | June 12, 2007; 02:22 PM ET | Comments (18)
Yahoo! IM Users Should Upgrade Immediately
People who chat online using Yahoo! Messenger software should upgrade their program. The company has pushed out a fix to plug two newly discovered security holes. The two critical vulnerabilities reside in Yahoo! Messenger versions 8.1.0.249 and earlier. The flaws...
By Brian Krebs | June 9, 2007; 02:30 PM ET | Comments (13)
Microsoft to Issue Six Security Updates
Microsoft said today it plans to offer at least six software updates to fix security holes in its Windows operating system and other software. The Redmond, Wash., campus generally issues updates on the second Tuesday of each month. Each Thursday...
By Brian Krebs | June 8, 2007; 03:16 PM ET | Comments (5)
Sun Issues Java Security Update
Sun Microsystems has issued an update to plug a pair of security holes in its Java Runtime Environment software. JRE is a widely installed software bundle that Web sites use to serve visitors with multimedia, interactive content. One of the...
By Brian Krebs | June 8, 2007; 02:59 PM ET | Comments (8)
Apple, Mozilla Issue Security Updates
Apple and Mozilla each issued free updates to plug security holes in their products this week. Apple's patch fixes two vulnerabilities in its QuickTime media player for both Mac and Windows. Mozilla pushed out a series of updates to fix...
By Brian Krebs | May 31, 2007; 09:38 AM ET | Comments (9)
Apple, Microsoft Issue Security Updates
Apple yesterday pushed out an update to plug at least 17 separate security holes in its Mac OS X operating system and other software. Mac users can get the latest patch bundle from Apple Downloads or through the built-in Software...
By Brian Krebs | May 25, 2007; 03:29 PM ET | Comments (6)
Patch Tuesday Plugs 19 Microsoft Security Holes
Microsoft today issued software updates to plug at least 19 separate security holes in its Windows operating system and other software, including two vulnerabilities that criminals are actively exploiting to take control of Windows PCs. Windows users can install the...
By Brian Krebs | May 8, 2007; 03:49 PM ET | Comments (9)
Microsoft to Issue Seven Security Updates
Microsoft Corp. today announced that it plans to release seven software updates next week to plug multiple security holes in its Windows operating system and other software. The company said two of the patch bundles will fix problems in Windows...
By Brian Krebs | May 3, 2007; 03:15 PM ET | Comments (5)
Apple Patches QuickTime Security Hole
Apple today issued a software update to plug a security hole in its QuickTime media player software. The flaw is present in both Mac OS X and Windows versions of the player. Mac users can get the fix through Apple's...
By Brian Krebs | May 1, 2007; 05:22 PM ET | Comments (9)
Apple Issues Patches for 25 Security Holes
Apple today released software updates to plug more than two dozen security holes in its Mac OS X operating system and other software. The free patches are available via the Mac's built-in Software Update feature or directly from Apple's Web...
By Brian Krebs | April 19, 2007; 05:41 PM ET | Comments (40)
Critical Vista Flaw Leads Patch Tuesday Lineup
Update, April 11, 12:06 p.m.: An earlier version of this post incorrectly stated that Microsoft had re-issued a patch that it originally released on Tuesday, Apr. 3. The text below has been changed. Original post: Microsoft Corp. today issued a...
By Brian Krebs | April 10, 2007; 04:57 PM ET | Comments (14)
Patch Tuesday Comes Twice in April
Microsoft Corp. today said it plans to release at least five software updates next week to plug several security holes in its Windows operating system and other software. Security Fix will have more details on the fixes soon after they...
By Brian Krebs | April 5, 2007; 03:52 PM ET | Comments (12)
Yoo-Hoo! Do You Yahoo?
Yahoo! is urging users of its Yahoo! Messenger instant messaging software to update the program with a patch plugging a serious security hole that bad guys could use to break into PCs. Anyone who downloaded the program prior to Mar....
By Brian Krebs | April 4, 2007; 04:15 PM ET | Comments (12)
Microsoft Issues Emergency Patch
Microsoft Corp. today issued an emergency software update to plug a critical security hole in its Windows operating system. The free update is available either from the Microsoft Update site or via the company's automatic updates feature. Alternatively, Windows users...
By Brian Krebs | April 3, 2007; 03:58 PM ET | Comments (24)
Microsoft Rushes Out a Security Update
Microsoft Corp. yesterday said it plans to issue a software update on Tuesday to fix a dangerous security flaw in its Windows operating system -- a flaw that cyber criminals are actively targeting to gain access to computers across the...
By Brian Krebs | April 2, 2007; 01:20 PM ET | Comments (51)
Enabling the Spammers
Spammers are having a field day with a string of recently discovered security vulnerabilities in MailEnable, an e-mail server program offered by many large, dedicated Web hosting companies. Over the past few months, MailEnable has released updates at least a...
By Brian Krebs | March 27, 2007; 04:52 PM ET | Comments (3)
New Firefox Version Fixes Flaw
If you use Mozilla's Firefox Web browser to surf the Internet, you probably have received a notice that a new version of the browser has been installed. The update brings Firefox to version 2.0.0.3 or version 1.5.0.11, and fixes a...
By Brian Krebs | March 21, 2007; 11:23 AM ET | Comments (13)
Apple Releases a Bushel of Software Patches
Today turned out to be "Patch Tuesday" after all, only the security updates were released by Apple instead of Microsoft. Apple issued security updates to plug at least 46 separate security holes in its operating system and other software. The...
By Brian Krebs | March 13, 2007; 06:42 PM ET | Comments (6)
Patch Reprieve for March's Black Tuesday
Windows PC users and corporate system administrators worldwide will earn a reprieve from Redmond next week. Microsoft said today it has no plans to release new software security updates this month. It's not as if there aren't any outstanding security...
By Brian Krebs | March 8, 2007; 03:30 PM ET | Comments (3)
Apple Patches QuickTime Holes
Apple on Monday issued security patches to plug multiple security holes in its QuickTime media player software. The new version of the player -- QuickTime 7.1.5 -- fixes at least eight separate and serious vulnerabilities. Updates are available for Mac...
By Brian Krebs | March 6, 2007; 10:37 AM ET | Comments (22)
Mozilla Plugs Firefox Security Holes
Mozilla on Friday published software updates to fix a baker's dozen security and compatibility problems with its Firefox Web browser. The new version includes fixes for serious security flaws along with updates designed to make Firefox play nicer with Vista,...
By Brian Krebs | February 26, 2007; 10:31 AM ET | Comments (4)
Serious Flaw in Google Desktop Prompts Patch
Search engine giant Google has issued an update for people running its powerful Desktop software. Researchers had demonstrated a potentially devastating security hole in the software that could allow bad guys to snoop on users' computers or even to install...
By Brian Krebs | February 21, 2007; 02:39 PM ET | Comments (11)
Apple Works To Stave Off Big Mac Attack
Apple Inc. on Thursday issued patches to plug five separate security holes in software included on its Mac OS X computers. Mac users can download the free updates through the Mac's built-in software update feature or directly from Apple downloads....
By Brian Krebs | February 16, 2007; 10:40 AM ET | Comments (28)
Microsoft Releases Patches to Fix 20 Security Holes
Microsoft Corp. today issued a dozen software updates to plug at least 20 security holes in its Windows operating system and other software, including fixes for a number of vulnerabilities in Office that hackers are currently exploiting to hijack vulnerable...
By Brian Krebs | February 13, 2007; 02:22 PM ET | Comments (3)
A Dozen Patches Expected From Microsoft Next Week
Microsoft Corp. said today that it plans to release at least a dozen patch bundles next Tuesday to plug security vulnerabilities in its Windows operating systems and other software. This patch batch could wind up breaking records for the most...
By Brian Krebs | February 8, 2007; 04:16 PM ET | Comments (9)
Apple Patches Mac Wireless Security Hole
Apple Inc. on Thursday released a security update to patch a hole in the wireless Internet software built into many of its computers running Mac OS X. The update applies to Core Duo versions of the Mac mini, MacBook and...
By Brian Krebs | January 26, 2007; 01:26 PM ET | Comments (12)
Time to Reboot the Internet Again
Cisco Systems Inc., the company whose hardware routers are responsible for handling the majority of the world's Internet traffic, today issued patches to fix at least three very serious security holes in its products. This is generally not something that...
By Brian Krebs | January 24, 2007; 01:52 PM ET | Comments (6)
Apple Patches First 'Month of Apple Bugs' Flaw
Apple Inc. on Tuesday released a software patch to fix an extremely serious security hole in its QuickTime media player program, one that could be exploited to install malicious software on Microsoft Windows or Mac OS X systems just by...
By Brian Krebs | January 24, 2007; 12:37 PM ET | Comments (9)
Sun Releases Java Security Update
Sun Microsystems is urging users of its Java software (i.e., most computer users on the planet) to apply a security patch to fix a dangerous security vulnerability that exists in most versions of the program. Many people may not even...
By Brian Krebs | January 23, 2007; 11:15 AM ET | Comments (12)
Critical Microsoft & Mozilla Patches for 2006
A couple of weeks ago, Security Fix published some data showing how risky it was for the average Windows user to browse the Web with Microsoft's Internet Explorer in 2006. That analysis found that for 284 days in 2006, bad...
By Brian Krebs | January 19, 2007; 02:21 PM ET | Comments (8)
Free Tool Scans Your PC for Missing Patches
A number of past Security Fix postings lamented the lack of a free software tool that Windows computer users could use to quickly and easily scan their machines for missing patches for the myriad applications that run on top of...
By Brian Krebs | January 11, 2007; 02:00 PM ET | Comments (19)
More Adobe Reader Vulnerabilities
Last week, Security Fix warned readers about a newly discovered design flaw in Adobe Reader that could be used to trick users into giving away personal and financial data. This week, Adobe warned warned that versions 7.0.8 and 7.0.3 of...
By Brian Krebs | January 11, 2007; 12:50 PM ET | Comments (4)
Microsoft Plugs Ten Security Holes
Microsoft Corp. today issued free software updates to plug at least 10 security holes in its Windows operating system and other software. Windows users can download the patches directly from Microsoft Update or by using the Windows Automatic Updates feature....
By Brian Krebs | January 9, 2007; 01:58 PM ET | Comments (9)
Microsoft's Achilles' Heel: Office
The cyber attack last month against a U.S.-based public utility came wrapped in a Microsoft PowerPoint document featuring holiday illustrations and heartwarming reflections. This PowerPoint file, which resembled an innocuous version that was being forwarded around the Web by many...
By Brian Krebs | January 5, 2007; 06:00 AM ET | Comments (15)
Internet Explorer Unsafe for 284 Days in 2006
Security Fix spent the past several weeks compiling statistics on how long it took some of the major software vendors to issue patches for security flaws in their products. Since Windows is the most-used operating system in the world, it...
By Brian Krebs | January 4, 2007; 06:45 AM ET | Comments (108)
New Firefox Version Fixes 8 Security Holes
Mozilla on Tuesday released updates to fix at least eight security vulnerabilities in its Firefox Web browser and related software. Five of the eight flaws received a "critical" label, meaning that an attacker could exploit them to break into machines...
By Brian Krebs | December 20, 2006; 09:10 AM ET | Comments (21)
Microsoft Tweaks Windows XP Wireless Security
Microsoft last month quietly issued a long-overdue update to fix a simple yet potentially dangerous security weakness in the way embedded wireless cards work on Windows XP laptops. Open up an XP portable, and if you're looking with the right...
By Brian Krebs | December 13, 2006; 03:02 PM ET | Comments (13)
Microsoft's Monthly Patch Release Plugs 11 Security Holes
Microsoft Corp. today released software updates to fix at least 11 security holes in various versions of its Windows operating system and other products. Windows users can download the free updates manually from Microsoft Update or via Automatic Updates. This...
By Brian Krebs | December 12, 2006; 01:57 PM ET | Comments (10)
Finding the Free Version of AVG 7.5 Anti-Virus
A number of Security Fix readers have written to ask whether AVG would continue to offer a free version of its anti-virus product, as users have been seeing pop-up notices lately saying their software would expire in mid-January and that...
By Brian Krebs | December 11, 2006; 08:45 AM ET | Comments (32)
Monthly Microsoft Patch Release Won't Include Word Fix
Microsoft Corp. said yesterday that its monthly patch release next Tuesday will include at least six software updates to plug security holes in its Windows operating system and other software. Missing from the company's notice, however, is any mention of...
By Brian Krebs | December 8, 2006; 03:56 PM ET | Comments (4)
Time to Update Your Adobe Reader
Adobe Systems is urging users who run the company's Adobe Reader software on Microsoft Windows computers to update to a new version of the popular PDF document viewer, after the company was alerted to several flaws that criminals could exploit...
By Brian Krebs | December 8, 2006; 12:30 PM ET | Comments (20)
How Not to Distribute Security Patches
Over the weekend MySpace was hit by a password-stealing computer worm that took advantage of a weakness in Apple's QuickTime media player to spread rapidly among the online community's users. On Tuesday, MySpace administrators sent around a memo urging millions...
By Brian Krebs | December 6, 2006; 09:07 AM ET | Comments (16)
Apple Patches 31 Security Holes
Apple Computer today released software updates to fix at least 31 separate security flaws in computers powered by different versions of its Mac OS X operating systems. Users can download the free updates using OS X's Software Update feature, or...
By Brian Krebs | November 28, 2006; 06:03 PM ET | Comments (5)
Microsoft Patches 9 Security Holes
Microsoft Corp. today issued patches to mend at least nine separate vulnerabilities in its Windows operating systems and other software, including three security holes that criminal hackers already are exploiting. As always, users can download and install the patches via...
By Brian Krebs | November 14, 2006; 03:00 PM ET | Comments (7)
A Little Patch Housekeeping
Security Fix has been a tad sparse on patch updates lately because I've been taking some use-it-or-lose-it vacation time. The time off served as a good reminder of how quickly the programs on your machine can get outdated even in...
By Brian Krebs | November 13, 2006; 11:40 AM ET | Comments (8)
Microsoft to Issue Six Security Patches Next Week
Microsoft Corp. said Thursday that it plans to release at least six software patches next week to fix security flaws in its Windows operating systems and other software, including an update to plug a security hole that hackers have been...
By Brian Krebs | November 10, 2006; 10:51 AM ET | Comments (4)
Patches Available for Bluetooth Flaw
Security flaws present in the software components that power wireless communications over Bluetooth on a number of popular laptop models could let attackers compromise vulnerable machines. Bluetooth is a communications technology that allows electronic devices to exchange information wirelessly over...
By Brian Krebs | October 17, 2006; 12:44 PM ET | Comments (10)
Microsoft Fixes Record 26 Security Holes
Microsoft today issued a record-breaking number of security updates, fixing at least 26 separate security holes in its Windows operating system and other products, including 16 vulnerabilities in Microsoft Office and Office components. By my count, this is the largest...
By Brian Krebs | October 10, 2006; 03:14 PM ET | Comments (31)
Microsoft to Push Out IE 7 This Month
Microsoft this month will be pushing out Internet Explorer 7 to Windows users who download security updates through Microsoft Update or Automatic Updates. Last week, Security Fix mentioned that Microsoft intends to ship 11 patches tomorrow, including a "high-priority update."...
By Brian Krebs | October 9, 2006; 12:31 PM ET | Comments (29)
Microsoft to Issue 11 Patches Next Week
Microsoft Corp. will issue at least 11 software updates on Tuesday to fix security holes in its Windows operating system and other software products. The company is expected to release six patches to fix flaws in Windows, and another four...
By Brian Krebs | October 6, 2006; 05:50 PM ET | Comments (3)
Apple Patches 15 Security Flaws
Apple Computer on Friday issued a bundle of updates to fix at least 15 different security holes in its Mac OS X software applications. Mac OS X v10.4.8 and Security Update 2006-006 corrects flaws in OS X Mac OS X...
By Brian Krebs | October 1, 2006; 09:45 AM ET | Comments (14)
Microsoft Issues Emergency Patch for IE Flaw
Microsoft Corp. today issued a security update to fix a serious flaw in its Internet Explorer browser -- a flaw that hackers have been exploiting to install spyware on vulnerable computers. Microsoft is issuing the update outside of its monthly...
By Brian Krebs | September 26, 2006; 03:51 PM ET | Comments (16)
Unofficial Patch Released for IE Flaw
A team of security gurus today released an unofficial security fix for a serious flaw in Microsoft's default Web browser and e-mail software. The action comes as computer security organizations in the United States and elsewhere are issue alarms that...
By Brian Krebs | September 22, 2006; 02:15 PM ET | Comments (13)
Apple Issues Patches for Laptop Wireless Flaws
Apple Computer today issued a trio of software updates to fix three serious vulnerabilities located in the wireless components of a number of its Mac products. In an advisory, Apple said flaws exist in the Airport wireless device drivers included...
By Brian Krebs | September 21, 2006; 05:10 PM ET | Comments (56)
New Firefox Version Fixes 7 Security Holes
Mozilla this week pushed out a new version of its Firefox Web browser to mend at least seven security holes in the program, including at least four flaws that attackers could use to install software on vulnerable computers. Firefox version...
By Brian Krebs | September 16, 2006; 09:31 AM ET | Comments (6)
AOL Issues Security Update
America Online has shipped a security update for its millions of users to fix a flaw in the way the Internet service provider's Web browser processes certain types of image files -- a vulnerability that could let attackers install malicious...
By Brian Krebs | September 13, 2006; 09:57 PM ET | Comments (3)
Apple, Microsoft Release Software Patches
Apple and Microsoft today released updates to fix security problems in their software, including a patch bundle for the popular QuickTime media player, as well as fixes for computers running Windows and Microsoft Office. The QuickTime update, available for both...
By Brian Krebs | September 12, 2006; 05:37 PM ET | Comments (9)
Three Patches from Microsoft Next Week
Microsoft said Thursday that Windows users can expect at least three software updates from the company next week. Two of the updates will address security flaws in Windows, while the third patch will deal with Office. Each patch may address...
By Brian Krebs | September 8, 2006; 08:52 AM ET | Comments (9)
Sun Acknowledges Security Hole in Patch Process
I have always dreaded security updates from Sun Microsystems to fix problems in their Java software. For one thing, the updates typically are huge and time consuming, the instructions for downloading and installing the fixes labrynthine, and when all is...
By Brian Krebs | August 29, 2006; 10:44 AM ET | Comments (33)
Microsoft Re-Releases Internet Explorer Patch
Microsoft today re-released a patch it originally issued earlier this month to plug security holes in its Internet Explorer Web browser. Redmond had planned to re-release the patch earlier this week, which has caused periodic crashes for IE installations on...
By Brian Krebs | August 24, 2006; 03:05 PM ET | Comments (12)
Apple Mac Pro Users Urged to Apply Security Updates
Apple today issued two additional security patches for users who recently bought a new Mac Pro. On Aug. 1, Apple pushed out fixes to plug 26 security holes in different versions of the Mac OS X operating system. Turns out...
By Brian Krebs | August 9, 2006; 04:50 PM ET | Comments (1)
Microsoft Fixes 23 Security Flaws
Microsoft Corp. today released free software updates to fix nearly two dozen security holes in its Windows operating system and Microsoft Office products. At least 17 of the 23 flaws could be exploited by attackers to hijack vulnerable systems or...
By Brian Krebs | August 8, 2006; 03:08 PM ET | Comments (26)
At Least 12 Patches from Microsoft Next Week
Microsoft said today that it plans to issue at least 12 security updates to fix vulnerabilities in its Windows and Office products. Redmond says 10 of the updates will address flaws -- some of them "critical" -- in Windows. No...
By Brian Krebs | August 3, 2006; 06:08 PM ET | Comments (3)
Intel Issues Patches to Fix Wireless Flaws
Intel has released updates to fix at least seven separate security flaws in the low-level software that powers its Centrino wireless devices. The flaws reside in Intel's wireless "device drivers," and are present at such a fundamental level of the...
By Brian Krebs | August 3, 2006; 12:25 PM ET | Comments (3)
Apple Issues Bundle of Security Updates
Apple today released a bundle of software updates to fix more than two-dozen security weaknesses in computers powered by its Mac OS X operating system. Apple issued updates to address 26 distinct security issues, by my count anyway. The patches...
By Brian Krebs | August 1, 2006; 06:37 PM ET | Email a Comment
Microsoft to Push Out IE7 as High Priority Update
Microsoft is apparently planning to ship Internet Explorer 7 out to Windows XP users as a "high priority" security update later this year, according to a company spokesperson. While the new browser version will be pushed out through Windows' Automatic...
By Brian Krebs | July 27, 2006; 12:52 PM ET | Comments (17)
Mozilla Issues Security Updates for Firefox
Mozilla has pushed out a new version of Firefox that cleans up a dozen security flaws, more than half of which could be used by malicious Web sites or attackers to hijack the browser or the user's computer. The new...
By Brian Krebs | July 27, 2006; 09:56 AM ET | Comments (3)
EBay Fixes Serious Security Hole in Picture Tool
EBay sellers who use the auction giant's Enhanced Picture Services tool to upload photos to auction pages may be prompted to update the software plug-in the next time they use it, as security experts have discovered a flaw that could...
By Brian Krebs | July 14, 2006; 12:37 PM ET | Comments (2)
Adobe Issues Security Update
Adobe on Monday issued a new version of Acrobat to fix what it called a "critical" security vulnerability in the program that hackers could use to hijack machines running the software just by convincing people to open a specially crafted...
By Brian Krebs | July 12, 2006; 10:45 AM ET | Comments (16)
Microsoft Patches 18 Security Flaws in Windows, Office
Microsoft Corp. today released seven security updates to address 18 separate flaws in its Windows operating systems and Office software, including 13 problems that earned a "critical" severity rating, the company's most dire. Microsoft labels a security hole as "critical"...
By Brian Krebs | July 11, 2006; 04:00 PM ET | Comments (10)
Macromedia Flash Update Prompts an SF Rant
A newly released version of Adobe's Macromedia Flash Player fixes at least two security flaws in the program that more than 200 million people have installed on their computers. Security vendor Fortinet released two advisories calling attention to the vulnerabilities,...
By Brian Krebs | July 7, 2006; 11:35 AM ET | Comments (29)
Seven Security Updates From Microsoft Next Week
Next Tuesday is shaping up to be another busy one for computer and network administrators responsible for keeping hordes of machines updated with the latest Windows security patches from Microsoft. Redmond said today it plans to issue at least seven...
By Brian Krebs | July 6, 2006; 02:02 PM ET | Comments (1)
Apple Issues ITunes Security Update
Apple has pushed out another update to fix a security hole in its popular iTunes application that the company says attackers could use to break into or seize control over affected machines just by getting the user to play a...
By Brian Krebs | June 30, 2006; 09:06 AM ET | Comments (9)
Apple Updates Fix Five Flaws for Mac OS X
Apple today released five software updates to mend security holes in its various programs for certain computers powered by the Mac OS X operating system. This update affects systems running OS X and OS X Server versions 10.4 through 10.4.6....
By Brian Krebs | June 27, 2006; 04:41 PM ET | Comments (2)
Security Update Available for Winamp
America Online has released another update to its Winamp media and music player that includes at least one security update. The newest version that fixes the flaw is 5.24 and is downloadable from this link here (newer versions of...
By Brian Krebs | June 26, 2006; 01:49 PM ET | Comments (3)
New Adobe Version Plugs Security Holes
Adobe has released yet another update of its Adobe Reader for PDF documents that fixes several security flaws in both the Windows and Mac OS X versions. The latest version, 7.0.8, includes several stability and security bug fixes. Adobe's advisory...
By Brian Krebs | June 15, 2006; 11:15 AM ET | Comments (2)
12 Microsoft Patches Plug 21 Security Holes
Microsoft today released a dozen security updates to fix at least 21 vulnerabilities in its Windows operating system and other software, including 12 flaws Redmond labeled "critical," its most severe warning level. Today's patch bundle is the largest yet for...
By Brian Krebs | June 13, 2006; 03:01 PM ET | Comments (27)
Microsoft Plans 12 Security Updates Next Week
Microsoft said today it will issue at least 12 software updates Tuesday to fix security flaws in its Windows operating system and other software. Some of the patches are expected to carry the company's most serious rating of "critical," which...
By Brian Krebs | June 8, 2006; 02:36 PM ET | Email a Comment
New Firefox Version Fixes 13 Security Holes
Mozilla on Thursday released a new version of its Firefox Web browser to correct 13 security holes, including at least five that Mozilla said could let attackers install software without any action on the part of the user. The update...
By Brian Krebs | June 2, 2006; 08:33 AM ET | Comments (16)
Fun With Java Updates
Sun Microsystems has issued an update to fix stability and security problems with its Java software. The "platform-independent" programming language is supposed to make it easier for Web users to interact with some Web sites, but keeping it up to...
By Brian Krebs | May 26, 2006; 08:20 AM ET | Comments (22)
New Winamp Version Fixes Major Security Hole
AOL's Nullsoft division released a new version of its popular Winamp music and video player on Thursday, in part to fix a "major" security flaw in the program, according to the accompanying advisory. Winamp 5.22 includes a huge list of...
By Brian Krebs | May 26, 2006; 07:32 AM ET | Email a Comment
Mozilla to End Support for Older (1.0.x) Firefox Versions
Mozilla is expected to release a bunch of security fixes and other updates to its Firefox Web browser next week, but it won't be issuing any updates for people still using older versions of Firefox from the 1.0 family (the...
By Brian Krebs | May 24, 2006; 03:33 PM ET | Comments (1)
Mac Update Brings Trouble for Some Users
The large bundle of security updates issued by Apple last week is causing headaches for some users who have had trouble powering up their systems after installing the patches. According to numerous posts on the Mac OS X support forums,...
By Brian Krebs | May 16, 2006; 10:24 AM ET | Comments (8)
Apple Update Mends Dozens of Security Flaws (Windows Users Read This Too)
Apple Computer Inc. today released free software updates that fix at least 43 separate security flaws in its Mac OS X operating system and other products, including a dozen problems with its popular Quicktime media player. The new version of...
By Brian Krebs | May 11, 2006; 05:38 PM ET | Comments (19)
Microsoft Issues Three Security Updates
Microsoft today issued three software patches to fix a security flaw in Windows, another in iits Exchange Server e-mail product, and two "critical" vulnerabilities in older versions of Adobe's Macromedia Flash Player that comes bundled with Windows. The Flash patch...
By Brian Krebs | May 9, 2006; 03:05 PM ET | Comments (1)
Microsoft to Issue Three Security Updates Next Week
Microsoft said today it plans next week to release three free software updates to fix security holes in its products, including two vulnerabilities in Windows and another in its Exchange Server corporate e-mail product.. At least one, possibly both, of...
By Brian Krebs | May 4, 2006; 01:22 PM ET | Comments (2)
MS Expands Anti-Piracy Program, Reissues Patch
Microsoft today began expanding its anti-piracy program by quietly pushing out a software update that in many cases automatically scans Windows computers and reports on whether they are powered by unlicensed software. The new pilot program is a fairly broad...
By Brian Krebs | April 25, 2006; 04:03 PM ET | Comments (525)
Microsoft to Re-Issue Windows Security Patch
Microsoft said Thursday that it plans next week to issue an updated version of a security patch it released last week that has caused problems for a number of Windows users who installed it. On Tuesday, Microsoft will push out...
By Brian Krebs | April 21, 2006; 07:55 AM ET | Comments (7)
Security Updates for Firefox, Opera Browsers
Mozilla has issued a new version of Firefox to fix multiple, serious flaws in the open-source browser, including at least five vulnerabilities that hackers could deploy on malicious Web sites to install malware if users visited the sites with vulnerable...
By Brian Krebs | April 14, 2006; 07:07 AM ET | Comments (8)
The Skinny on April's Batch of Microsoft Patches
Microsoft on Tuesday released five updates to remedy security flaws in its software products, including a huge -- and potentially disruptive -- patch bundle that fixes eight "critical" flaws in Microsoft's Internet Explorer Web browser. The IE patch corrects a...
By Brian Krebs | April 12, 2006; 11:40 AM ET | Comments (52)
Microsoft to Issue Five Security Fixes
Microsoft today said it plans to issue at least five free software updates next week to fix security flaws in its Windows operating system and other software products. At least one of the updates will carry a "critical" rating, which...
By Brian Krebs | April 6, 2006; 02:07 PM ET | Comments (12)
Another Round of Mac Fixes
Apple on Monday released another batch of security and stability fixes for its Mac OS X operating system, the fourth such update bundle in as many weeks. This collection includes 20 or so stability updates, a few fixes for third-party...
By Brian Krebs | April 4, 2006; 10:42 AM ET | Comments (21)
RealNetworks Fixes Critical Media-Player Flaws
RealNetworks has issued an update to its fleet of media-player products that fixes at least three critical flaws in the applications that attackers could use to infiltrate vulnerable PCs. I meant to blog about this late last week when these...
By Brian Krebs | March 30, 2006; 12:35 PM ET | Comments (8)
Non-Microsoft Patches Issued for IE Flaw
A couple of computer-security companies have separately released free patches to plug a critical security flaw in Microsoft's Internet Explorer browser that hacker groups have been exploiting to steal passwords from Windows users. The third-party fixes from Aliso Viejo, Calif.-based...
By Brian Krebs | March 28, 2006; 10:03 AM ET | Comments (56)