#1 Trusted Cybersecurity News Platform
Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Cybersecurity

IE Zero-day | Breaking Cybersecurity News | The Hacker News

Category — IE Zero-day
Microsoft and Adobe Rolls Out Critical Security Updates - Patch Now!

Microsoft and Adobe Rolls Out Critical Security Updates - Patch Now!

Sep 14, 2016
In Brief You should not miss this month's Patch Updates, as it brings fixes for critical issues in Adobe Flash Player, iOS, Xcode, the Apple Watch, Windows, Internet Explorer, and the Edge browser. Adobe has rolled out a critical update to address several issues, most of which are Remote Code Execution flaws, in its widely-used Adobe Flash Player for Windows, Macintosh, Linux and ChromeOS. Whereas, Microsoft has released 14 security updates to fix a total of 50 vulnerabilities in Windows and related software. First of all, if you have Adobe Flash Player installed and have not yet updated your software plugin, you are playing with fire. Critical Flash Vulnerabilities Affect Windows, Mac, Linux and ChromeOS Adobe has released its l atest round of security patches to address critical vulnerabilities in Adobe Flash Player for Windows, Mac OS X, Linux and ChromeOS. The Flash vulnerabilities could potentially allow an attacker to take control of the vulnerable system. So, users are
Microsoft pushes Emergency Patch for Zero-Day Internet Explorer Flaw

Microsoft pushes Emergency Patch for Zero-Day Internet Explorer Flaw

Aug 19, 2015
It's time to immediately patch your Internet Explorer – Once again! Microsoft has issued an emergency out-of-band patch for all supported versions of Internet Explorer browser, to fix a critical security flaw that hackers are actively exploiting to hijack control of targeted computers. The Zero-Day flaw (assigned CVE-2015-2502 ) is a Remote Code Execution vulnerability that could be exploited when a user visits a booby-trapped website or open a malicious email on an affected machine. The security bug actually resides in the way Internet Explorer handles objects in memory. If successfully exploited, a hacker could gain the same user privileges as the current user. Therefore, users running administrator accounts on their machines as well as systems where IE is frequently used, like workstations or terminal servers, are particularly at the most risk from this vulnerability. Critical Zero-Day Vulnerability "An attacker who successfully exploited th
The New Effective Way to Prevent Account Takeovers

The New Effective Way to Prevent Account Takeovers

Sep 04, 2024SaaS Security / Browser Security
Account takeover attacks have emerged as one of the most persistent and damaging threats to cloud-based SaaS environments. Yet despite significant investments in traditional security measures, many organizations continue to struggle with preventing these attacks. A new report, " Why Account Takeover Attacks Still Succeed, and Why the Browser is Your Secret Weapon in Stopping Them " argues that the browser is the primary battleground where account takeover attacks unfold and, thus, where they should be neutralized. The report also provides effective guidance for mitigating the account takeover risk.  Below are some of the key points raised in the report: The Role of the Browser in Account Takeovers According to the report, the SaaS kill chain takes advantage of the fundamental components that are contained within the browser. For account takeover, these include: Executed Web Pages - Attackers can create phishing login pages or use MiTM over legitimate web pages to harve
New Zero-Day Vulnerability CVE-2014-1776 Affects all Versions of Internet Explorer Browser

New Zero-Day Vulnerability CVE-2014-1776 Affects all Versions of Internet Explorer Browser

Apr 27, 2014
Microsoft confirmed a new Zero Day critical vulnerability in its browser Internet Explorer . Flaw affects all versions of Internet Explorer, starting with IE version 6 and including IE version 11. In a Security Advisory ( 2963983 ) released yesterday, Microsoft acknowledges a zero-day Internet Explorer vulnerability ( CVE-2014-177 6) is being used in targeted attacks by APT groups, but the currently active attack campaigns are targeting IE9, IE10 and IE11. INTERNET EXPLORER 0-DAY VULNERABILITY (CVE-2014-1776) According to Advisory, Internet Explorer is vulnerable to Remote Code Execution, which resides ' in the way that Internet Explorer accesses an object in memory that has been deleted or has not been properly allocated. ' Microsoft said. Microsoft Investigation team is currently working with FireEye Security experts, and dubbed the ongoing targeted campaign as " Operation Clandestine Fox ". In a blogpost , FireEye explained that an attacker c
cyber security

Secure Your Network: 40% Face Full Takeover Risk

websitePicus SecurityEndpoint Security / Attack Surface
Understand and address the critical risks in your network to prevent takeovers.
Expert Insights / Articles Videos
Cybersecurity Resources