vulnerability

Microsoft's new app-dev tool sifts through application code to highlight common expressions or functions that could bog down a system if attackers hit them with the right bogus requests.

With several stable and easy to use exploit examples circulating, the current Active-X threat is likely to make its way into mass exploitation, says Brent Huston, CEO and Security Evangelist for Microsolved, Inc. In a Campfire Chat this afternoon, Huston led a discussion on issues around this threat and urged security professionals to start building awareness in their organizations.

A dangerous and unpatched vulnerability in Adobe's PDF-reading software has been around a lot longer than previously realized.

Cisco Wednesday issued a security alert warning of a quartet of vulnerabilities affecting all of its wireless LAN controllers, including the Catalyst 6500 and 7600 wireless modules, with software version 4.2 or higher.

The computer worm that exploits a months-old Windows bug has infected more than a million PCs in the past 24 hours, security firm F-Secure said Wednesday.

Just days after patching a critical flaw in its Internet Explorer browser, Microsoft is now warning users of a serious bug in its SQL Server database software.

Microsoft today said it's investigating reports of a new vulnerability in IE that did not get patched in yesterday's massive update.

An Austrian security vendor has found a vulnerability in Windows Vista that could possibly allow an attacker to run unauthorized code on a PC.

In my testing of five sandbox security clients -- Authentium's SafeCentral, Check Point's ZoneAlarm ForceField, Prevx, Sandboxie, and SoftSphere Technologies' DefenseWall HIPS -- I exposed all the products to dozens of malicious attacks, both well known and not so well known. Two malware programs, in particular, stretched the various competitors to their breaking points: the Adobe Flash clipboard hijack exploit and the XP Antivirus malware program.

Two Princeton University academics have found a type of coding flaw on several prominent Web sites that could jeopardize personal data and in one alarming case, drain a bank account.

To help you determine whether a particular alert is worthy of Chicken Little or is truly dangerous, here are translations for some of the most common threat terms.