Entries Tagged as 'Open Source'
Community-led efforts sometimes deliver security fixes before developers. Should you trust these solutions, or will they make your systems less secure?
As 2005 wound down, security professionals were worried. A major Microsoft Windows vulnerability had come to light that compromised computers if users did as little as visit a malicious Web site or view images with malicious code embedded. Attacks exploiting the flaw—a vulnerability in the handling of the Windows Meta File (WMF) format—had begun appearing by New Year’s Day.
Compared with the speed of events, Microsoft responded slowly. It presented a workaround that worked only in some cases and advised worried users to update their antivirus programs. Microsoft’s patch wasn’t available until it was fully tested, on January 6.
The episode was the most significant “zero-day” attack to date. So called because security professionals have no window (zero days) to respond to a vulnerability before an attack arrives, zero-day attacks have become a significant threat in the last few years. Though it’s understandable that Microsoft would release only a well-tested patch, this was cold comfort to security-conscious users wondering if the next image they viewed would be the one to compromise their systems.
[Read more →]
Tags: Column · Consumer Tech · Open Source · PC Magazine · Security
The Windows Meta File incident suggests that open-source efforts can result in quicker fixes but pose larger issues of trust, and highlights that companies can no longer depend on patches to protect their systems.
SecurityFocus
[Read more →]
Tags: Consumer Tech · Critical infrastructure · Open Source · Research · Security · SecurityFocus
YEAR IN REVIEW: High-profile data breaches leaked more than 50 million database records in the United States, while phishing, bot networks, and targeted Trojan horses compromised millions of PCs worldwide.
SecurityFocus
[Read more →]
Tags: Consumer Tech · Cybercrime · Open Source · Research · Security · SecurityFocus · Viruses and worms
Flaw finders and hackers have taken a shine to Apple’s polished operating system, but some say that recent security problems are more than just skin deep.
SecurityFocus
[Read more →]
Tags: Consumer Tech · Open Source · Security · SecurityFocus
A three-month-old flaw in a preprocessor function for the open-source intrusion detection system may attract worm writers, but the number of vulnerable systems is likely low, security experts said on Wednesday.
SecurityFocus
[Read more →]
Tags: Open Source · Security · SecurityFocus · Viruses and worms
September 21st, 2005 · No Comments
Recent vulnerability disclosures and a biannual report noting increased flaw reports raise questions about the open-source Firefox browser’s security.
SecurityFocus
[Read more →]
Tags: Consumer Tech · Open Source · Security · SecurityFocus
More open-source software projects are gaining the benefits of the latest code-checking software, as the programs’ makers look to prove their worth.
SecurityFocus
[Read more →]
Tags: Open Source · Security · SecurityFocus
The uneven skills of driver programmers have left a legion of holes in software that ships with Windows and Linux, security experts say.
SecurityFocus
[Read more →]
Tags: Consumer Tech · Open Source · Security · SecurityFocus
Mozilla developers say that the browser had security built into the design, but that has not stopped flaw finders from pinpointing problems with Firefox.
SecurityFocus
[Read more →]
Tags: Consumer Tech · Open Source · Security · SecurityFocus
With an eye to guiding companies on which software problems to patch first, Cisco Systems, Symantec and Qualys plan to launch a joint grading system for security vulnerabilities.
CNET News.com
[Read more →]
Tags: CNET News.com · Flaws and vulnerabilities · Open Source · Security
