bugs

“FREAK” security hole affects even Windows after all

“FREAK” security hole affects even Windows after all

Microsoft almost had it good. Long lambasted for being so easily hacked, it was almost believed that the company's operating system, at least those well-patched and up to date ones, were immune to the latest security vulnerability causing worry over the Internet. As it turns out, however, it just isn't the case. Microsoft published a security advisory informing users that the version of Internet Explorer running on many versions of the Windows OS are susceptible to this FREAK attack, with no word on when a patch will be rolled out.

Continue Reading

Spot.me Apple Pay to Android app can pose a security risk

Spot.me Apple Pay to Android app can pose a security risk

For all their advertised benefits, these rising mobile payment systems are pretty much walled gardens of their own. But what if you wanted to use that fancy new wireless system to pay, not just a merchant, but a friend? There's a new app on Android that proposes to do just that and it even lets Apple Pay users join the game. But while Spot.me sounds like a really neat and social thing, it might actually be more trouble than it's worth from a security point of view.

Continue Reading

90s US “weaker encryption” policy comes back to haunt it

90s US “weaker encryption” policy comes back to haunt it

The US government has been fighting against recent efforts in the tech industry to strengthen security measures, especially against government snooping. In essence, it wants a backdoor into services and devices in order to get access to crucial information it needs to fight crime and terrorism. Apparently, this has been done before and looks like the government needs to take heed from that. A security policy enacted decades ago has found its way back to the US and is compromising the security of secure websites, including some of the government's own.

Continue Reading

Linux C library exploit affects all systems dating back 2000

Linux C library exploit affects all systems dating back 2000

Sometimes, the price of popularity is more scrutiny. As the Linux operating system, and open source in general, gets more and more coverage in mainstream media and news, a lot of security holes, and big ones at that, are being exposed, or at the very least sensationalized. After the "Shellshock" bug last September, which was reported to be even worse than the "Heartbleed" bug of the open source OpenSSL vulnerability, comes a "GHOST" security exploit that affects almost all Linux systems that date all the way back to 2000.

Continue Reading

Google’s Project Zero targets OS X with three new exploits

Google’s Project Zero targets OS X with three new exploits

Google’s Project Zero has released more 0day vulnerabilities, and is this time aiming for Apple. Over the past few days, Project Zero has slowly released some exploits found in OS X Yosemite. The vulnerability exposure team at Google first provides their findings to the company in charge of the software. After that time, they’ve got 90 days to fix it before Google’s Project Zero team publishes it to the world. While Microsoft was responsive to Google’s release, Apple is much more tight-lipped.

Continue Reading

Impossibly difficult Super Mario cheat glitch pulled off

Impossibly difficult Super Mario cheat glitch pulled off

The classics are making a comeback, and in more ways than one. Super Mario, one of the most beloved gaming franchises in the world, is back in the press, not because of a hot new game or a retro old game, but because of how people are stretching the game beyond what the developers intended. Like giving it a brain to play itself. Now a high-profile YouTuber is earning views because of how he managed to hit a very intricate glitch that let him finish Super Mario World in just 6 minute, without facing the final boss.

Continue Reading

Steam on Linux bug can delete all user’s files

Steam on Linux bug can delete all user’s files

No software bug is more egregious than one that can potentially wipe out users' precious files without warning or indication. Some Linux users are finding this out the hard way when they discovered that their Steam client was silently deleting files starting from the very root directory all the way into the deepest folders. While the system's files might remain intact because of how Linux security policies work, user data are left unprotected, making this serious flaw even more personal and frightening.

Continue Reading

Microsoft knocks Google’s vulnerability disclosure attitude

Microsoft knocks Google’s vulnerability disclosure attitude

We're used to rival companies trading blows, subtly or otherwise, to gain an upper hand, but there are times when the criticism becomes real and serious. Like the case of Microsoft Security Response Center senior director Chris Betz, who has taken to the company blog to slam Google's Project Zero vulnerability management. The heart of the issue is that Google publicly disclosed a serious security exploit two days before Microsoft could roll out its fix, even when Redmond explicitly asked Google to temporarily suspend its 90-day policy.

Continue Reading

Apple delivers first ever automatic software update to Macs

Apple delivers first ever automatic software update to Macs

There are bug fixes and there are bug fixes. And then there are bug fixes so severe that they need to be plugged up immediately. But no matter how fast software providers try to patch up things on their end, bad users habits sometimes mean that these patches don't get downloaded or applied immediately, if at all. That is why Apple is making use of a feature it already had launched two years ago to deliver a critical bug fix to Mac users without them having to lift a finger.

Continue Reading

AT&T pulls Nexus 6 from stores due to software bug

AT&T pulls Nexus 6 from stores due to software bug

The Nexus 6 is pretty difficult to come by. Google only releases stock in stages, and carriers are just now getting the device. On top of all that, some can’t even figure out pricing, which recently caused last-place Sprint to issue contract credits for over-charging customers. Now, AT&T has run dead into the Nexus wall, and have chosen to return all Nexus 6 inventory to Motorola. The reason? Software! Motorola evidently shipped the wrong software to AT&T, though it’s not clear what the issue was.

 

Continue Reading

1 2 3 4 5 6