genpop.net

Microsoft on Tuesday again abstained from naming which of its Windows programs, if any, contain bugs that could lead to widespread “DLL load hijacking” attacks. Also on Tuesday, the company published an automated tool to make it easier for users to block attacks exploiting vulnerabilities in a host of Windows applications. [ InfoWorld's Woody Leonhard [...]

Microsoft on Tuesday again abstained from naming which of its Windows programs, if any, contain bugs that could lead to widespread “DLL load hijacking” attacks. Also on Tuesday, the company published an automated tool to make it easier for users to block attacks exploiting vulnerabilities in a host of Windows applications. [ InfoWorld's Woody Leonhard [...]

Microsoft has responded to reports of potential zero-day attacks against a large number of Windows programs by publishing a tool it said would block known exploits. However, the company declined to confirm whether any of its own applications are vulnerable, saying that it is currently investigating Microsoft-made software. [ Master your security with InfoWorld's interactive [...]

Microsoft has told a researcher that it won’t patch a problem that has left scores of Windows applications open to attack. According to a growing number of reports, crucial Windows functionality has been misused by countless developers, including Microsoft’s, leaving a large number of Windows programs vulnerable to attack because of the way they load [...]

Microsoft has known since at least February that dozens of Windows applications, including many of its own, harbor bugs that hackers can exploit to seize control of computers, an academic researcher said Sunday. At least 19 of the bugs can be exploited remotely, Taeho Kwon, a Ph.D. candidate at the University of California Davis, said [...]

Microsoft has warned customers this week that a record number of just-patched bugs will probably be exploited in the next 30 days. Of the 35 vulnerabilities that Microsoft has patched this month, it assigned 32 an exploitability rating, a score that quantifies the company’s take on whether reliable attack code will appear. Of the 32 [...]

Microsoft today said it will issue an emergency patch for the critical Windows shortcut bug on Monday, August 2. The company said it is satisfied with the quality of the “out-of-band” update — Microsoft’s term for a patch that falls outside the usual monthly delivery schedule — but also acknowledged that it has tracked an [...]

The security firm Sophos released a tool on Monday that it claimed will block any attacks trying to exploit the critical unpatched vulnerability in Windows’ shortcut files. The tool, dubbed “Sophos Windows Shortcut Exploit Protection Tool,” will protect users until Microsoft releases a permanent patch for the problem, said Chet Wisniewski, a senior security advisor [...]

The security firm Sophos released a tool on Monday that it claimed will block any attacks trying to exploit the critical unpatched vulnerability in Windows’ shortcut files. The tool, dubbed “Sophos Windows Shortcut Exploit Protection Tool,” will protect users until Microsoft releases a permanent patch for the problem, said Chet Wisniewski, a senior security advisor [...]

An anonymous group of security researchers last week published information about an unpatched Windows bug, saying that they were disclosing the vulnerability because of the way Microsoft treated a colleague. The flaw in Windows Vista and Server 2008 could be used by attackers to gain unauthorized access to a PC or cause it to crash. [...]