Garża

VMware Fixes Privilege Escalation Vulnerability | threatpost

Virtualization software maker VMware issued an update last Thursday resolving a virtual machine communication interface (VMCI) vulnerability in its ESX Server, Workstation, Fusion and View products that could lead to a privilege escalation if unpatched. According to the VMware security advisory, a local attacker could potentially exploit a control code handling vulnerability in vmci.sys in order [...]

Google Garża 14 Nuqqasijiet fl Chrome 23 | threatpost

Google tkun rilaxxata Chrome 23, l-aħħar verżjoni tal-browser tagħha, li tinkludi jiffissa għall 12 vulnerabbiltajiet fil-verżjoni Windows u żewġ difetti oħra li huma speċifiċi biss għall Mac OS X. Il-kumpanija wkoll jingħatawx $9,000 fil premjijiet lil riċerkaturi ta 'sigurtà li rrappurtaw l-vulnerabbiltajiet. Six of the vulnerabilities fixed by Google [...]

Adobe Garża Vulnerabilitajiet Memorja Kritika fil Flash Player, AIR | threatpost

Adobe has repaired a number of critical vulnerabilities in Flash Player that could lead to system crashes or remote attackers controlling computers running compromised software. Ebda wieħed mill-vulnerabbiltajiet qed jiġu sfruttati, Adobe qal, u żied li l-utenti għandhom jaġġornaw Flash Player. Verżjoni 11.4.402.287 u qabel huma affettwati fuq il-Windows u Apple Macintosh. Hemm ukoll jiffissa [...]

Garża Mozilla Cross-sit scripting Nuqqasijiet fl Firefox | threatpost

Mozilla is delivering security updates fast and furious this month, the latest coming late last week when a new version of Firefox repaired three vulnerabilities related to the Location object. The Location object is supported by all major browsers and contains information about the URL being requested. The vulnerabilities were closed in Firefox 16.0.2, Firefox ESR 10.0.10, [...]

Riċerkatur Develops Garża għall Java Zero-Jum, Puts Pressjoni fuq Oracle biex Twassil Waħħal tagħha | threatpost

A riċerkatur garanzija tkun ippreżentata lill Oracle garża qal ħadet lilu 30 minuta sabiex tipproduċi li tiswija vulnerabbiltà żero jum bħalissa esposti fl Java SE. Huwa jittama azzjonijiet tiegħu se tixpruna Oracle li joħroġ garża barra mill-medda għall-vulnerabilità sandbox-ħarba, rather than wait for the February 2013 Critical Patch Update as Oracle earlier [...]

Oracle Garża Aġġornament għall Inkludi 109 Garża | threatpost

Buckle up Oracle administrators for 109 patches coming your way tomorrow. Oracle’s quarterly Critical Patch Update is due, and the company is releasing fixes for security vulnerabilities across most of its enterprise products, addressing a host of remotely exploitable flaws. This comes a little more than a month after exploits of a serious zero-day vulnerability in Java were [...]

HTTPS Kullimkien 3.0 Meħlus | threatpost

The EFF has released an updated version of its popular HTTPS Everywhere browser plugin, which enables users to automatically connect over HTTPS to many sites. The newest version of the extension now supports more than 1,500 siti. The EFF developed HTTPS Everywhere in collaboration with The Tor Project and it’s designed to protect users’ communications by default, [...]

Aġġornamenti Google Chrome għall Android, Jiffissa Vulnerabilitajiet Diversi | threatpost

Google ħarġet aġġornament tas-sigurtà għas-sistema operattiva tagħha Chrome fuq mezzi Android, soluzzjoni 7 ta 'riskju medju vulnerabbiltajiet u jħallsu total ta' $3,500 fil premjijiet għal żewġ riċerkaturi. On the Google Chrome Blog, software engineer Jay Civelli wrote that the update strengthens Chrome for Android’s sandbox technology as well as resolving seven other moderate bugs. [...]

Apache tinjora Internet Explorer 10′i do-ma-track header | L-Sigurtà H

It-tilwima madwar ssettjar ta 'default għall- “do-ma-track” (DNT) header in Microsoft’s Internet Explorer 10 (IE10) web browser huwa jeskalaw: the source code of the open source Apache HTTP web server now includes a patch that completely ignores the DNT header if it has been sent by IE10. Awtur Il-garża l-, Adobe impjegat Roy T. Fielding, qal [...]

Aġġornamenti Mozilla Firefox 15 biex jiffissaw il-problema browsing privat | L-Sigurtà H

Mozilla tkun rilaxxata aġġornament għall-verżjoni 15 ta 'Firefox biex tikkoreġi bug fil-karatteristika tal-browser web Browsing Privat. Browsing Privat hija maħsuba biex jippermettu lill-utenti jibbrawżjaw il-internet mingħajr iffrankar xi data dwar is-siti u l-paġni li ħadthom miżjura. Madankollu żball fil-Firefox riċenti 15.0 Stqarrija fisser li Firefox [...]

Mozilla Firefox Releases 15 With New Invisible Updater | threatpost

Boasting a new silent updater and an optimized memory management system, Mozilla pushed out Firefox 15 this week, the latest build of its flagship browser. Following similar steps taken by Adobe and Google with its Flash, Reader and Chrome products, Firefox’s new updater will now perform updates in the background, saving users from those pesky, sometimes intrusive notifications. Mozilla debuted a silent [...]

Kwistjonijiet Oracle maġġuri Java jiffissaw sigurtà; jirrakkomanda azzjoni immedjata | ZDNet

Oracle has just released an update that is intended to patch up three “vulnerabbiltajiet distinti iżda relatati” kif ukoll kwistjoni oħra ta 'sigurtà serju dwar Java taħdem fuq browsers desktop. B'mod aktar speċifiku, l-toqob ta 'sigurtà jistgħu jiġu sfruttati fuq netwerk mingħajr il-bżonn ta' username u password jekk utent unsuspecting tkun qed taħdem rilaxx affettwati b'mod [...]

WhatsApp m'għadhomx jibgħat test sempliċi | L-Sigurtà H

Popular messaging service WhatsApp no longer sends its users’ messaġġi test sempliċi. WhatsApp, li jappoġġja pjattaformi kollha smartphone kbar, stabbiliet ruħha bħala sostitut SMS għal ħafna utenti matul l-aħħar ftit snin. An FAQ entry from the company behind the application states that the latest version of the WhatsApp client now uses encryption. Huwa ċar kif [...]

Firefox 17 jagħmlu add-ons aktar siguri | L-Sigurtà H

As suggested by some of its developers back in 2010, the Firefox browser will introduce enhanced separation between add-ons and the rest of the browser. With the change, which is planned to take effect with the release of Firefox 17, scripts on web pages will only be able to access the data belonging to add-ons if they are included in [...]

Boffins zapped ’2,000 bugs’ from Curiosity’s 2 MILLION lines of code | Ir-Reġistru

Billion-dollar laser-firing nuke tank – what could go wrong? With a $2.5bn price tag, a 350-million mile journey and 2 million lines of C and some C++ code, the only bugs NASA wants its Curiosity rover to find are those possibly beneath the Martian surface. And it may not be a particularly glamorous job, iżda [...]

Billion-dollar laser-firing nuke tank – what could go wrong?

With a $2.5bn price tag, a 350-million mile journey and 2 million lines of C and some C++ code, the only bugs NASA wants its Curiosity rover to find are those possibly beneath the Martian surface.

And it may not be a particularly glamorous job, but software analysis outfit Coverity was the company tasked with “ensuring that every software defect is found and fixed before launch”.

Roughly 2,000 bugs were zapped in the rover’s code, estimates Andy Chou, the chief technical officer of Coverity, although NASA is schtum on the exact figures.

“For typical software (which this clearly isn’t), it’s not unusual to find approximately 1 defect for every thousand lines of code,” Chou said. “For a project with 2 million lines of code, it would therefore not be unusual for Coverity to be able to find about 2,000 defects.”

The company’s static analysis tool was used to examine the source code written by NASA’s Jet Propulsion Laboratory scientists – specifically the systems that guided Curiosity’s flight to the Red Planet and are now running all of the laser-armed robot’s onboard functions. F'dan l-istadju, every bug correction is vital – after all, there’s no service desk on Mars.

Aqra aktar: Ir-Reġistru