Patch/Configuration Management, Vulnerability Management

Redmond explains Explorer updates

March 2, 2006

Microsoft issued a non-security update Tuesday to clarify two recent updates for Internet Explorer.

On Feb. 14, the computing giant released a critical security update for a web browser vulnerability that could allow remote code execution. The flaw targets Internet Explorer 5.01 Service Pack 4 on Windows 2000.

Meanwhile, on Tuesday, along with the non-security update, Microsoft released an ActiveX update for Windows XP Service Pack 2 and for Windows Server 2003 Service Pack 1.

"We want to help customers understand the difference between the security update and the non-security update," Tuesday's advisory said.

Microsoft added that the non-security update replaces previous Microsoft security updates for Internet Explorer.

Dan Kaplan

Vulnerability Management

Apple patches TCC bypass vulnerability

SC StaffDecember 19, 2024

The vulnerability, tracked as CVE-2024-44131, was discovered in the FileProvider component and has been fixed in iOS 18, iPadOS 18, and macOS Sequoia 15 through improved validation of symbolic links.

concept of leaky software, data with a tap sticking out.3d illustration

Data Security

Misconfiguration exposes Virtavo security cam user data

SC StaffDecember 18, 2024

Over 8.7 million records, many of which are duplicates, were discovered within the server, including user phone numbers, network information, device identifiers, performance metrics, and other personal details, according to Cybernews researchers.