0-day

Microsoft offers Fix it for IE zero-day, announces security update

September 20, 2012

Microsoft has released the Fix it solution for the IE zero-day memory-corruption vulnerability that is currently being exploited in attacks, and has promised a security update …

Microsoft promises fast fix for IE zero-day as new attacks are discovered

September 19, 2012

The problem of the remotely-exploitable IE zero-day memory-corruption vulnerability that is being misused in current attacks has reached a critical enough level for Microsoft …

Microsoft issues workaround for IE 0-day exploited in current attacks

September 18, 2012

Microsoft has issued a security advisory with advice on how to patch a Internet Explorer zero-day vulnerability recently spotted being exploited in the wild by attackers that …

Zero-day-loving Google hackers furiously active in last three years

September 7, 2012

The hackers behind the Aurora attacks that were discovered targeting Google, Adobe and other big U.S. companies in 2009 have seemingly been working hard ever since. Symantec …

Oracle patches Java 0-day, researchers say there’s another one

August 31, 2012

Oracle has finally issued an update for Java 7 (v 1.7.0_07) which solves the problem of the CVE-2012-4681 vulnerability (which actually consists of two distinct flaws). The …

Blackhole exploit kit got upgraded

July 2, 2012

Phoenix and Blackhole are the most popular and widely used exploit kits because their creators are always tinkering with them and pushing out update and improved attack …

Flame abused Windows Update to spread

June 4, 2012

You have probably already heard that Microsoft released an out-of-band update that revokes three rogue certificates that were used to sign a couple of modules of the recently …

Hotmail remote password reset 0-day bug found, patched

April 26, 2012

A critical security flaw affecting Microsoft’s Hotmail has been detected almost simultaneously by Vulnerability Lab researchers and a Saudi Arabia hacker and, until a …

Stuxnet was planted via infected memory stick

April 13, 2012

Although it has never been confirmed, the speculation that the Stuxnet worm was manufactured for the express reason of disrupting the production at Iran’s Natanz uranium …

0-day in Backtrack Linux found, patched

April 12, 2012

A zero-day vulnerability affecting the last version of Backtrack Linux has been spotted by a student during an Ethical Hacking class organized by the InfoSec Institute. The …

Microsoft warns of targeted attacks exploiting Windows flaw

April 11, 2012

With the April Patch Tuesday, Microsoft has issued six bulletins – four critical, two important – and has delivered patches for 11 vulnerabilities. One particular …

IE 9 hacked at Pwn2Own, Google patches Chrome bugs

March 9, 2012

After the success they had with attacking Google’s Chrome browser, the team of vulnerability researchers from French firm VUPEN has also managed to hack …