Browser Security News

Microsoft released fixes on Tuesday for critical vulnerabilities in Internet Explorer, including one for which exploit code has been released.

Google has been forced to release new security fixes for multiple high severity vulnerabilities in its Chrome browser which could lead to an attacker taking over a victim’s PC remotely.

Hackers using multi-exploit attack "toolkits" take defensive measures of their own against other criminals, a security researcher said today.

Research by vulnerability specialists Secunia suggests that third party applications are increasingly being used by malware writers in preference to using operating system attacks.

Internet Explorer 7 and 8’s default security settings can be unsafe for internal, intranet-based Web applications, according to newly published research.

Microsoft’s April batch of security patches are out: 8 bulletins with patches for at least 20 documented vulnerabilities.

The Ghostnet botnet attack that has successfully exploited computer systems within government networks around the globe is being driven in part by an easy-to-use malware authoring toolkit that allows for simple and rapid propagation, researchers contend.

A Proof-of-Concept (PoC) Firefox exploit that leverages a previously unknown memory corruption vulnerability in the popular browser has turned up on a well-known exploit archive site.

When Mark Dowd and Alex Sotirov demonstrated a technique for bypassing Vista’s memory protections at Black Hat last year, the security community was stunned. Microsoft officials said at the time they were working on ways to defeat the pair’s attack and now that protection has arrived, in the form of Internet Explorer 8.

worried about Windows autorun exploits, security company Panda has come up with a utility that turns the function off. There is, of course, a manual way to do this by delving into the registry using Regedit, but this seems simpler and less fraught with unwanted side effects.