Dennis Fisher

Nearly a week after information on the problem was leaked on the Internet, Adobe Systems Inc. and CERT on Wednesday put out statements warning of a vulnerability in several software packages used to read Adobe PDF files on Unix machines. The flaw allows a remote attacker to execute code on a vulnerable machine with the […]

A new Trojan that has been making its way around the Internet in recent weeks continues to baffle security experts, who have been unable to get a good handle on its behavior. The Trojan apparently made its first appearance around May 16 and began randomly scanning Internet-connected machines. The scanning was slow at first but […]

As part of its effort to build on its core security platform, Computer Associates International Inc. on Monday announced a new content filtering solution. The eTrust Secure Content Management product is designed to work closely with the companys antivirus and other security applications and can be managed through the same interface. The system relies on […]

An anonymous member of a security mailing list on Friday posted an advisory that was taken from the CERT Coordination Center. The advisory, which concerns a flaw in some Adobe PDF file readers, is in the format of a submission from a researcher to CERT, not that of a bulletin from CERT to the general […]

Several third-party device drivers that ship with Windows Server 2003 contain a vulnerability that causes them to leak potentially sensitive data during TCP transmissions. The flaw does not affect Microsoft Corp. drivers; it has been found only in drivers provided by outside vendors. The vulnerability is similar to a class of flaws first described in […]

When Microsoft Corp. announced last week plans to buy the anti-virus technology of a little-known Romanian software maker, many in the AV community quickly predicted an end to Microsofts month-old alliance with several AV vendors. However, while the acquisition signals Microsofts desire to move deeper into the security market, company officials in Redmond, Wash., said […]

As IT staffs continue to look for ways to stretch their security budgets, vendors are readying new products that combine multiple security functions in a single offering. Nokia Corp. and Broadcom Corp. next week will introduce products that take discrete capabilities normally found in several different devices or applications and weave them together. Although the […]

Until recently, software security vulnerabilities were discovered mostly by chance and by developers, security specialists or other professionals. Once the flaw was discovered, news about it spread slowly and typically by word of mouth on bulletin boards or perhaps the occasional security lecture. The huge network of security researchers—independent or otherwise—who race to find the […]

As IT staffs continue to look for ways to stretch their security budgets, vendors are readying new products that combine multiple security functions in a single offering. Nokia Corp. and Broadcom Corp. next week will introduce products that take discrete capabilities normally found in several different devices or applications and weave them together. Although the […]

Security researchers believe they have identified a new breed of Trojan horse that is infecting machines on the Internet, possibly in preparation for a larger coordinated attack. However, experts have been unable to pin down many of the details of the programs behavior and are unsure how many machines might be compromised by the Trojan. […]