DigitMemo.com

Among the fixes Mozilla has released is a patch for the well-known flaw in how Firefox handles .jar files Mozilla has released an update to its Firefox browser, fixing a widely publicized flaw in the open-source software. The 2.0.0.10 update fixes a handful of memory corruption flaws that crash Firefox and a cross-site request forgery [...]

14 vulnerabilities in the FLAC file format that affect a huge range of media players on every supported operating system (Windows, Mac OS, Linux, Unix, BSD, Solaris, and even some hardware players are vulnerable). A number of vulnerable apps that use the open source libavcodec audio codec library, which in turn relies on the flawed [...]

Microsoft is warning users to avoid suspicious websites and emails after attacks were reported on an unpatched flaw in Internet Explorer 7. The company would not provide exact figures, but said that a “limited number ” of attacks had been reported. The attacks target a vulnerability in IE7′s handling of the uniform resource indicator (URI) [...]

Just hours after Adobe fixed a vulnerability in its PDF viewing applications, users became warned of a continuing security threat. Adobe Acrobat and Adobe Reader became hot programs for spammers after a glitch was discovered to exploit the program’s “mailto” command.  Hackers used this in connection with a malicious PDF code to send out bulk [...]

Hackers are actively exploiting a zero-day hole in RealNetworks’ RealPlayer media player The in-the-wild attacks, which began late last night (October 18), targets a previously unknown and unpatched ActiveX vulnerability in the way RealPlayer interacts with Microsoft’s Internet Explorer browser. Only systems on which both RealPlayer and IE have been installed are vulnerable. The flaw [...]

Microsoft is warning of yet another URL-handling bug that can lead to a system hijack. A mere two days after Patch Tuesday brought a host of remote-code execution vulnerabilities to light, Microsoft issued a security advisory warning of yet another problem: a URL-handling vulnerability that could lead to systems getting hijacked if running Internet Explorer [...]

Adobe said on Wednesday some of its programs contain yet-to-be-fixed flaws that make computers vulnerable to attack. On October 5, Adobe posted a notice on its Web site that said it had unknowingly incorporated vulnerabilities into versions of Adobe Reader and Acrobat software that could allow malicious programs to get on to a PC without [...]

An encrypted drive to be accessed without the boot-up passphrase challenge dialog, leaving data in a vulnerable state. PGP Corporation’s widely adopted Whole Disk Encryption product apparently has an encryption bypass feature that allows an encrypted drive to be accessed without the boot-up passphrase challenge dialog, leaving data in a vulnerable state if the drive [...]