Internet Explorer

(get it in RSS or Atom)

Monday review - the hot 26 stories of the week

dow-250

Make sure you're up to date with everything we wrote in the last seven days - it's weekly roundup time.

Browsers pwned, Korean megabreach, hackers phoiled, and Chet Chat turns 4! [VIDEO]

2014-03-15-pwned-250

Which browser plugin withstood PWN2OWN? How big was the latest South Korean megabreach? What happens when hackers attack phishers?

Find out in 60 Second Security...

Patching XP, Flappy Bird malware, Tesco passwords leaked - 60 Sec Security [VIDEO]

2014-02-15-really-250

Did you really think XP would go patch-free? Is Flappy Bird really dead? Did you really use the same password on more than one site?

60 Sec Security - 15 Feb 2014

SSCC 133 - Prize unicorns, Android malware, 2FA, Attack reports and Vote For Us! [PODCAST]

sscc-133-thumb-250

Chet and Duck review the week's news in their informed and entertainingly serious style, discussing the prizes on offer at this year's PWN2OWN competition, talking about a new twist in Android malware, and reviewing the latest attack reports from Yahoo and Target...

PWN2OWN 2014 - Find the "exploit unicorn" and win $150,000

unicorn-250

It's called PWN2OWN because if you successfully pwn, or hack into, the competition laptop, you own it *literally* - you get to take it home with you.

But there's also $645,000 in cash up for grabs, including a Grand Prize for finding, wait for it, an "exploit unicorn"...

Microsoft Patch Tuesday - get ready to patch and reboot the lot, including Server Core

pt-dec-2013-250

This month really is an omnibus update: all platforms are affected, from XP to 8.1 and from Server 2003 to 2012, including stripped-down Server Core installs.

It looks as though the NDPROXY.SYS kernel bug in XP might be fixed, but, then again, it might not...

Sophos Techknow - The End of XP [PODCAST]

techknow-logo-170-of-250-at-0250x0250

Welcome to Techknow, the podcast in which Sophos experts debate, explore and explain the often baffling world of computer security.

In "The End of XP", Duck and Chet investigate the what, the why and the how of dealing with the impending end of support for Windows XP in 2014.

Microsoft leads the way, setting new cryptographic defaults

ts-cracked-250

Microsoft is upping its game with regards to cryptographic standards. By discontinuing support for the older, weak RC4 cipher and putting Certificate Authorities on note to migrate to SHA-2, it seems to be leading the way to be ready for the future, rather than reacting.

Patch Tuesday November 2013 - Microsoft, Adobe and Google

Patch Tuesday

November's Patch Tuesday includes updates not just from Microsoft, but Adobe and Google as well. Critical patches for Internet Explorer, Chrome and Adobe Flash Player lead the way this month.

Microsoft Patch Tuesday - three critical updates coming, but no TIFF zero-day fix yet

pt-2013-11-12-250

November's patch Tuesday is coming up this week, and Microsoft's usual "announcement that doesn't say an awful lot" is out to help us prepare.

What we do know is that the latest TIFF image zero-day vulnerability *isn't* fixed yet...

Anatomy of an exploit - inside the CVE-2013-3893 Internet Explorer zero-day - Part 2

3893-2-250

Part Two of our examination of an IE exploit.

This is a great read if you want to get a feeling for how cybercrooks think. (Don't worry if you aren't technical: it's clear and jargon-free.)

Anatomy of an exploit - inside the CVE-2013-3893 Internet Explorer zero-day - Part 1

3893-1-250

The latest IE zero-day explained.

This is a great read if you want to get a feeling for how cybercrooks think.

(Don't worry if you aren't technical: we've kept the code and jargon to a minimum.)

Microsoft Patch Tuesday - get ready for a bumper Tenth Birthday edition!

pt-oct-500

This month's Patch Tuesday will be the tenth anniversary of Microsoft's regular security bulletins.

Paul Ducklin takes you through what's in store...

Copying fingerprints, Firefox trusted, Facebook not, Yahoo recycles - 60 Sec Security [VIDEO]

2013-09-28-60ss-thumb-250

How do you copy fingerprints? Which is the most trustworthy browser? Who will use Facebook for payments? How long does an email address live?

Satisfy your curiosity with this week's 60 Second Security!

Firefox burns Chrome in our trustworthy browser poll

Chrome burns

About a month ago I asked Naked Security readers: Which web browser do you trust? Your answer was emphatic: it's Firefox, and it accrued almost twice the number of votes of its nearest rival, Google Chrome.

Internet Explorer zero-day exploit prompts Microsoft to publish emergency Fix it

Microsoft releases fix for Internet Explorer security hole, full patch coming Friday

Microsoft has published an out of band security advisory for users of Internet Explorer to warn about a new zero-day attack being used in the wild. IE users are advised to use Microsoft's Fix it or EMET tool to protect against exploitation until a permanent fix is released.

PWN2OWN for mobile devices - $300,000 in prizes for stealing data, eavesdropping or making covert calls

zdi-250

There's $300,000 up for grabs at HP's Mobile Pwn2Own contest to be held in Tokyo in November 2013.

Paul Ducklin runs through the options of how to get your hands on the cash...

Which web browser do you trust? [Poll]

which-browser-do-you-trust

We no longer choose our web browsers based on bells and whistles. These days its all about privacy and security and we'd like to know which browser (and which vendor) you trust to be your companion on the web.

Patch Tuesday for August 2013 - 3 critical, 5 important

Patch Tuesday

Patch Tuesday for August 2013 includes three critical fixes and five important ones. The focus for this month is certainly the Internet Explorer cumulative patch which fixes 11 vulnerabilities and all versions, including 11 beta.

Chrome, Firefox display plain-text passwords with a few clicks

Chrome, Firefox display plain-text passwords with a few clicks

An ongoing catfight has boiled up regarding whether these are features or security fright-fests, particularly given that the nontechnical masses aren't liable to know that they can, for example, tell Google not to store passwords or set up a master password in Firefox.