Dennis Fisher

Microsoft Corp. this week again changed the severity rating of a recently discovered vulnerability after a security researcher showed the company that the problem was more serious than Microsoft officials originally thought. The company last week upgraded the severity rating of a different flaw in Internet Explorer. The vulnerability in question this time around lies […]

Microsoft Corp. Thursday released fixes for eight new vulnerabilities in its Virtual machine software, the most serious of which gives attackers the ability to take control of vulnerable PCs. The Microsoft VM is used to run Java applets in Windows environments and ships with most versions of Windows and Internet Explorer. The most dangerous of […]

The MITRE Corp. on Tuesday announced the availability of a new language designed to make it easier for researchers to define and explain the vulnerabilities that they find in software. Known as the Open Vulnerability Assessment Language, the budding standard is built upon MITREs well-known description of vulnerabilities, the Common Vulnerabilities and Exposures database. Whenever […]

NEW YORK—The federal governments effort to integrate 22 different organizations into the new Department of Homeland Security faces major technological, privacy and security hurdles, a Bush administration official said Wednesday. The construction of the new department is being slowed by a lack of interoperability among agencies systems and the complex task of deciding how the […]

For overworked administrators, the weekly flood of patches for new vulnerabilities can quickly lead to a vicious cycle of trying to solve the latest crisis. In the end, it does little to enhance the security of their networks. Every time news of a new flaw emerges, administrators must quickly decide whether any of the hundreds […]

As security specialists continue to scramble to make sense of the flood of data from their network devices, a trio of vendors this week will introduce security event management solutions that reduce the workload of IT staffs. The releases from ArcSight Inc., Network Intelligence Corp. and OpenService Inc. include active response functionality that enables administrators […]

A hacker group recently released a novel license agreement for its software that gives end users the power to enforce the pact and to sue governments and other entities that misuse it. The organization, in Lubbock, Texas, said the Hacktivismo Enhanced-Source Software License Agreement, or HESSLA, is designed to prevent governments, corporations and other organizations […]

Microsoft Corp. on Friday upgraded the severity rating of its most recent cumulative patch for Internet Explorer after a security researcher posted to a mailing list information that showed a new flaw was more serious than the software giant realized. The patch, released last Wednesday, fixes a vulnerability in IE 5.5 and 6.0 in the […]

VeriSign Inc. on Thursday announced a new service designed to enable the secure delivery of software and updates over the Internet. The new Trusted Content Delivery service relies on digital certificates and digital signatures to guarantee the authenticity and integrity of code delivered online. The solution includes a proprietary client and server, each of which […]

A security expert is taking Microsoft Corp. to task for what he says is a deliberate effort to downplay the severity of a newly discovered vulnerability in Internet Explorer. Microsoft on Wednesday released a cumulative patch for IE, which also fixes a new flaw that the company said could allow a Web site to access […]