Internet Explorer

(get it in RSS or Atom)

Microsoft and Adobe have 0-days, AOL breached, and we win an award! 60 Sec Security [VIDEO]

2014-03-05-thumb-0250

Are two zero-days better than one? What happened to AOL's user database? And is that another award that Naked Security just won?

Find out in 60 Sec Security for 03 May 2014...

That was quick! Microsoft patches the "1776" hole in Internet Explorer

1776-250

The Internet Explorer zero-day bug that made the headlines a few days ago went by the nerdy name of CVE-2014-1776.

The good news? No need to wait until next Patch Tuesday for a fix - Microsoft has issued one already.

SSCC 145 - Zero-days x2, fixing Heartbleed x2, and security-by-design [PODCAST]

sscc145-thumb-250

An 0-day in IE and an 0-day in Flash; two approaches to fixing OpenSSL after Heartbleed; how to get a free pass to Infosec Europe 2014; and why security happens by design and not by accident!

Join Chet and Duck for another podcast in the weekly Chet Chat series...

Monday review - the hot 26 stories of the week

dow-250

Make sure you're up to date with everything we wrote in the last seven days - it's weekly roundup time.

Browsers pwned, Korean megabreach, hackers phoiled, and Chet Chat turns 4! [VIDEO]

2014-03-15-pwned-250

Which browser plugin withstood PWN2OWN? How big was the latest South Korean megabreach? What happens when hackers attack phishers?

Find out in 60 Second Security...

Patching XP, Flappy Bird malware, Tesco passwords leaked - 60 Sec Security [VIDEO]

2014-02-15-really-250

Did you really think XP would go patch-free? Is Flappy Bird really dead? Did you really use the same password on more than one site?

60 Sec Security - 15 Feb 2014

SSCC 133 - Prize unicorns, Android malware, 2FA, Attack reports and Vote For Us! [PODCAST]

sscc-133-thumb-250

Chet and Duck review the week's news in their informed and entertainingly serious style, discussing the prizes on offer at this year's PWN2OWN competition, talking about a new twist in Android malware, and reviewing the latest attack reports from Yahoo and Target...

PWN2OWN 2014 - Find the "exploit unicorn" and win $150,000

unicorn-250

It's called PWN2OWN because if you successfully pwn, or hack into, the competition laptop, you own it *literally* - you get to take it home with you.

But there's also $645,000 in cash up for grabs, including a Grand Prize for finding, wait for it, an "exploit unicorn"...

Microsoft Patch Tuesday - get ready to patch and reboot the lot, including Server Core

pt-dec-2013-250

This month really is an omnibus update: all platforms are affected, from XP to 8.1 and from Server 2003 to 2012, including stripped-down Server Core installs.

It looks as though the NDPROXY.SYS kernel bug in XP might be fixed, but, then again, it might not...

Sophos Techknow - The End of XP [PODCAST]

techknow-logo-250-150

Welcome to Techknow, the podcast in which Sophos experts debate, explore and explain the often baffling world of computer security.

In "The End of XP", Duck and Chet investigate the what, the why and the how of dealing with the impending end of support for Windows XP in 2014.

Microsoft leads the way, setting new cryptographic defaults

ts-cracked-250

Microsoft is upping its game with regards to cryptographic standards. By discontinuing support for the older, weak RC4 cipher and putting Certificate Authorities on note to migrate to SHA-2, it seems to be leading the way to be ready for the future, rather than reacting.

Patch Tuesday November 2013 - Microsoft, Adobe and Google

Patch Tuesday

November's Patch Tuesday includes updates not just from Microsoft, but Adobe and Google as well. Critical patches for Internet Explorer, Chrome and Adobe Flash Player lead the way this month.

Microsoft Patch Tuesday - three critical updates coming, but no TIFF zero-day fix yet

pt-2013-11-12-250

November's patch Tuesday is coming up this week, and Microsoft's usual "announcement that doesn't say an awful lot" is out to help us prepare.

What we do know is that the latest TIFF image zero-day vulnerability *isn't* fixed yet...

Anatomy of an exploit - inside the CVE-2013-3893 Internet Explorer zero-day - Part 2

3893-2-250

Part Two of our examination of an IE exploit.

This is a great read if you want to get a feeling for how cybercrooks think. (Don't worry if you aren't technical: it's clear and jargon-free.)

Anatomy of an exploit - inside the CVE-2013-3893 Internet Explorer zero-day - Part 1

3893-1-250

The latest IE zero-day explained.

This is a great read if you want to get a feeling for how cybercrooks think.

(Don't worry if you aren't technical: we've kept the code and jargon to a minimum.)

Microsoft Patch Tuesday - get ready for a bumper Tenth Birthday edition!

pt-oct-500

This month's Patch Tuesday will be the tenth anniversary of Microsoft's regular security bulletins.

Paul Ducklin takes you through what's in store...

Copying fingerprints, Firefox trusted, Facebook not, Yahoo recycles - 60 Sec Security [VIDEO]

2013-09-28-60ss-thumb-250

How do you copy fingerprints? Which is the most trustworthy browser? Who will use Facebook for payments? How long does an email address live?

Satisfy your curiosity with this week's 60 Second Security!

Firefox burns Chrome in our trustworthy browser poll

Chrome burns

About a month ago I asked Naked Security readers: Which web browser do you trust? Your answer was emphatic: it's Firefox, and it accrued almost twice the number of votes of its nearest rival, Google Chrome.

Internet Explorer zero-day exploit prompts Microsoft to publish emergency Fix it

Microsoft releases fix for Internet Explorer security hole, full patch coming Friday

Microsoft has published an out of band security advisory for users of Internet Explorer to warn about a new zero-day attack being used in the wild. IE users are advised to use Microsoft's Fix it or EMET tool to protect against exploitation until a permanent fix is released.

PWN2OWN for mobile devices - $300,000 in prizes for stealing data, eavesdropping or making covert calls

zdi-250

There's $300,000 up for grabs at HP's Mobile Pwn2Own contest to be held in Tokyo in November 2013.

Paul Ducklin runs through the options of how to get your hands on the cash...