Google Alert - Vulnerabilities

=== News - 10 new results for [Vulnerabilities] ===

Steam vulnerability can lead to remote insertion of malicious code
Ars Technica
By getting a user to click a link to a specially formed Steam URL, an
attacker can remotely exploit buffer overflow bugs and other
vulnerabilities in various Steam games and in Steam itself to create and
run malicious code on a target's machine, as ...
<http://arstechnica.com/security/2012/10/steam-vulnerability-can-lead-to-remote-insertion-of-malicious-code/>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://arstechnica.com/security/2012/10/steam-vulnerability-can-lead-to-remote-insertion-of-malicious-code/&hl=en&geo=us>

Apple updates Java for OS X
CNET
Apple has released a couple of Java updates for OS X, which bring the
supported Java SE 6 runtime to the latest version (1.6.0_37) in order to
tackle multiple vulnerabilities that were found in Java 1.6.0_35, the last
version of Apple's Java runtime ...
<http://reviews.cnet.com/8301-13727_7-57533879-263/apple-updates-java-for-os-x/>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://reviews.cnet.com/8301-13727_7-57533879-263/apple-updates-java-for-os-x/&hl=en&geo=us>

What Huawei, ZTE Must Do To Regain Trust
InformationWeek
A recently issued U.S. congressional report has cast a shadow on Chinese
telecom equipment makers Huawei and ZTE. Because neither company answered
congressional queries to the satisfaction of U.S. lawmakers, the report
concludes that the two ...
<http://www.informationweek.com/security/vulnerabilities/what-huawei-zte-must-do-to-regain-trust/240009190>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.informationweek.com/security/vulnerabilities/what-huawei-zte-must-do-to-regain-trust/240009190&hl=en&geo=us>

Symantec study highlights complexity of risks posed by zero-day exploits
TechTarget
"While the average duration is approximately 10 months, the fact that all
but one of the vulnerabilities disclosed after 2010 remained unknown for
more than 16 months suggests that we may be underestimating the duration of
zero-day attacks, as the data ...
<http://searchsecurity.techtarget.com/news/2240166975/Symantec-study-highlights-complexity-of-the-risk-posed-by-zero-day-exploits>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://searchsecurity.techtarget.com/news/2240166975/Symantec-study-highlights-complexity-of-the-risk-posed-by-zero-day-exploits&hl=en&geo=us>

Adobe Bolsters Security In Reader, Acrobat XI
Dark Reading
The move will make it more difficult for an attacker to exploit
vulnerabilities, Choudhury explains. The company also added the Adobe PDF
Whitelisting Framework, which allows administrators to selectively enable
advanced functionality, such as ...
<http://www.darkreading.com/vulnerability-management/167901026/security/application-security/240009265/adobe-bolsters-security-in-reader-acrobat-xi.html>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.darkreading.com/vulnerability-management/167901026/security/application-security/240009265/adobe-bolsters-security-in-reader-acrobat-xi.html&hl=en&geo=us>

UPDATE 2-White House-ordered review found no evidence of Huawei spying ...
Chicago Tribune
Found vulnerabilities in Huawei gear that pose security risk * Cyber
experts differ on whether vulnerabilities were deliberately inserted (Adds
ZTE comment) By Joseph Menn SAN FRANCISCO, Oct 17 (Reuters) - A White
House-ordered review of security risks ...
<http://www.chicagotribune.com/sns-rt-huawei-spying-update-2-exclusivel1e8li034-20121017,0,342452.story>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.chicagotribune.com/sns-rt-huawei-spying-update-2-exclusivel1e8li034-20121017,0,342452.story&hl=en&geo=us>

Oracle Leaves Fix for Java SE Zero Day Until February Patch Update
Threatpost (blog)
Oracle will not patch a critical sandbox escape vulnerability in Java SE
versions 5, 6 and 7 until its February Critical Patch Update, according to
the researcher who discovered the flaw. Adam Gowdiak of Polish security
firm Security Explorations told ...
<http://threatpost.com/en_us/blogs/oracle-leaves-fix-java-se-zero-day-until-february-patch-update-101712>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://threatpost.com/en_us/blogs/oracle-leaves-fix-java-se-zero-day-until-february-patch-update-101712&hl=en&geo=us>

Salient Federal Solutions to Present at Cyber Security Seminar and IT Expo
on ...
The Herald | HeraldOnline.com
They are not gaining the benefits IPv6 implementations, yet they are
exposed to cyber security vulnerabilities associated with IPv6," says
Helms. "We have identified the vulnerabilities associated with the
deployment of IPv6 enabled devices and have ...
<http://www.heraldonline.com/2012/10/17/4343322/salient-federal-solutions-to-present.html>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.heraldonline.com/2012/10/17/4343322/salient-federal-solutions-to-present.html&hl=en&geo=us>

Solar panel management systems vulnerable to attack, DHS warns
TechSpot
The U.S. Department of Homeland Security has issued another industrial
control warning (pdf) regarding critical vulnerabilities found across a
number of solar panel systems. Affected systems can be easily exploited
using "proof of concept" code ...
<http://www.techspot.com/news/50525-solar-panel-management-systems-vulnerable-to-attack-dhs-warns.html>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.techspot.com/news/50525-solar-panel-management-systems-vulnerable-to-attack-dhs-warns.html&hl=en&geo=us>

Microsoft engineer crafts exploitability index tool
SC Magazine Australia
A Microsoft exploit expert has designed a prototype tool based on an
experimental model to help more accurately determine exploitability of
memory-safe vulnerabilities. Security analysts currently have a tough job
determining the threat level of those ...
<http://www.scmagazine.com.au/News/319565,microsoft-engineer-crafts-exploitability-index-tool.aspx>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.scmagazine.com.au/News/319565,microsoft-engineer-crafts-exploitability-index-tool.aspx&hl=en&geo=us>

This once a day Google Alert is brought to you by Google.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Delete this Google Alert:
http://www.google.com/alerts/remove?hl=en&gl=us&source=alertsmail&s=AB2Xq4h73uDuUaTj8-CUHcryQFnZut4U2bzcgRg

Create another Google Alert:
http://www.google.com/alerts?hl=en&gl=us&source=alertsmail

Sign in to manage your alerts:
http://www.google.com/alerts/manage?hl=en&gl=us&source=alertsmail