Tag: patch

May 08

Upgrade for security patches? Ask Slashdot: Why Won’t Companies Upgrade Old Software? – Slashdot

Ask Slashdot: Why Won’t Companies Upgrade Old Software? – Slashdot.

Apr 29

Yet another unpatched security hole found in Java | Naked Security

Yet another unpatched security hole found in Java | Naked Security.

Apr 15

Microsoft tells all Windows 7 users to uninstall security patch, after some PCs fail to restart | Naked Security

Microsoft tells all Windows 7 users to uninstall security patch, after some PCs fail to restart | Naked Security.

Mar 07

Google patches bug that allows attackers to slip past two-factor authentication | Naked Security

Google patches bug that allows attackers to slip past two-factor authentication | Naked Security.

Feb 13

VMWare security hole – it sounds like you need the patch, even if it’s not clear why | Naked Security

VMWare security hole – it sounds like you need the patch, even if it’s not clear why | Naked Security.

Jan 17

Microsoft to release an emergency security patch for Internet Explorer zero day flaw | Naked Security

Microsoft to release an emergency security patch for Internet Explorer zero day flaw | Naked Security.

Sep 22

Emergency security patch issued by Microsoft to squash Internet Explorer zero day exploit | Naked Security

Emergency security patch issued by Microsoft to squash Internet Explorer zero day exploit | Naked Security.

Sep 17

More than half of Androids have unpatched security holes, research claims | Naked Security

More than half of Androids have unpatched security holes, research claims | Naked Security.

Jun 19

Danger! Unpatched Microsoft security vulnerability being actively exploited | Naked Security

Danger! Unpatched Microsoft security vulnerability being actively exploited | Naked Security.

Jun 13

Anatomy of a bug – the MySQL authentication disaster (patch now!) | Naked Security

You could have the hardest-to-guess password, salted and hashed thousands of times, and still be at risk.

 

That happened about a year ago at Dropbox, for instance, when the file-sharing site inadvertently removed its authentication validation altogether for a few hours. Anyone could use any password.

It’s happened again, this time with a more corporate angle.

Open source database giant MySQL (and its post-Oracle fork, MariaDB) contained a bug which meant that your password might be checked correctly only 255 out of every 256 times. One in 256 times, anything might get you in

Anatomy of a bug – the MySQL authentication disaster (patch now!) | Naked Security.