19/01/2012 08:00 AM

Revision Note: V3.0 (January 19, 2012): Revised to announce the release of an update for Windows Mobile 6.x, Windows Phone 7, and Windows Phone 7.5 devices.
Summary: Microsoft is aware that DigiCert Sdn. Bhd, a Malaysian subordinate certification authority (CA) under Entrust and GTE CyberTrust, has issued 22 certificates with weak 512 bit keys. These weak encryption keys, when broken, could allow an attacker to use the certificates fraudulently to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against all Web browser users including users of Internet Explorer. While this is not a vulnerability in a Microsoft product, this issue affects all supported releases of Microsoft Windows.

10/01/2012 08:00 AM

Revision Note: V2.0 (January 10, 2012): Advisory updated to reflect publication of security bulletin.
Summary: Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS12-006 to address this issue. For more information about this issue, including download links for an available security update, please review MS12-006. The vulnerability addressed is the SSL/TLS Information Disclosure Vulnerability - CVE-2011-3389.

29/12/2011 08:00 AM

Revision Note: V2.0 (December 29, 2011): Advisory updated to reflect publication of security bulletin.
Summary: Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS11-100 to address this issue. For more information about this issue, including download links for an available security update, please review MS11-100. The vulnerability addressed is the Collisions in HashTable May Cause DoS Vulnerability - CVE-2011-3414.

13/12/2011 08:00 AM

Revision Note: V2.0 (December 13, 2011): Advisory updated to reflect publication of security bulletins.
Summary: Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS11-087 to address this issue. For more information about this issue, including download links for an available security update, please review MS11-087. The vulnerability addressed is the TrueType Font Parsing Vulnerability - CVE-2011-3402.

13/12/2011 08:00 AM

Revision Note: V13.0 (December 13, 2011): Added the following Microsoft Security Bulletins to the Updates relating to Insecure Library Loading section: MS11-099, "Cumulative Security Update for Internet Explorer;" and MS11-094, "Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution."
Summary: Microsoft is aware that research has been published detailing a remote attack vector for a class of vulnerabilities that affects how applications load external libraries.

04/02/2012 11:42 AM

Win32/Stuxnet.A is CA’s detection for malicious files taking advantage of the recently discovered vulnerability in Windows Shell. The vulnerability was caused by incorrect parsing of shortcut files (files with .LNK extension). Microsoft Security Advisory (2286198) discusses this vulnerability in detail and it is also referred to as CVE-2010-2568.   Win32/Stuxnet.A propagates by infecting all connected USB drives. It copies specially crafted shortcut file detected as LNK/Stuxnet.A along ...

04/02/2012 11:42 AM

Win32/Stuxnet.A is a detection for malicious files taking advantage of the recently discovered vulnerability in Windows Shell. The vulnerability was caused by incorrect parsing of shortcut files (files with .LNK extension detected as LNK/Stuxnet.A). Microsoft Security Advisory (2286198) discusses this vulnerability in detail and it is also referred to as CVE-2010-2568.   We advise you to please visit CA Security Advisor Research blog for the latest updates: http://community.ca.com...

04/02/2012 02:15 AM

The correlations between classic arcade games like Centipede and popular mobile games like Angry Birds are undeniable: they're simple, fun, and addictive. Seamus Blackley has hired a slew of old-school game developers to try to cash in on that fact with his company Innovative Leisure.

04/02/2012 01:46 AM

Changes are a-foot again for Firefox. The beta channel can now sync add-ons, the Aurora channel completes a smoother update process, and work on the faster native UI for Android continues.

04/02/2012 01:16 AM

The big game is this Sunday and I've put together a collection of games for both iPhone and Android that let you play the role of different players on a football team.

04/02/2012 12:42 AM

Transportation design firm Motive Industries released sketches of what a pickup made of composite material could look like.

04/02/2012 12:30 AM

CNET tracks all the iPhone 5 rumors--from the likely to the crazy--that we've heard so far in 2011 and 2012.

04/02/2012 11:42 AM

04/02/2012 11:42 AM

04/02/2012 11:42 AM

04/02/2012 11:42 AM

04/02/2012 11:42 AM