Ina Fried in Mobile on October 3, 2011 at 10:30 am PT
Taiwanese cellphone maker HTC said today it is investigating a claim that its devices can leak all kinds of information to Android apps that are granted even modest permissions.
John Paczkowski in Mobile on August 2, 2011 at 8:07 pm PT
If you own an Android smartphone, you’re more than twice as likely to encounter malware today than you were six months ago.
News Byte
John Paczkowski in News on July 15, 2011 at 5:30 pm PT
Responding to
an alert issued last week by Germany’s Federal Office for Information Security, Apple has patched a potentially dangerous PDF-related security vulnerability in MobileSafari.
This morning the company issued iOS 4.3.4, an incremental update that corrects a flaw that could have been exploited by a malicious PDF file.
News Byte
John Murrell in News on July 7, 2011 at 10:09 am PT
Apple said Thursday it was
working on a fix for a security hole in the operating system of the iPhone and iPad. On Wednesday, German authorities warned that the iOS vulnerability, exploited through a malicious PDF file, could give criminals access to personal data. Apple didn’t specify when the software update would be ready.
Ina Fried in Mobile on May 17, 2011 at 2:20 pm PT
A recently outlined vulnerability in Android highlights the danger of connecting mobile devices to unencrypted Wi-Fi locations as well as the slow path with which software updates make their way to smartphone owners.
Although Google closed the hole in question in both the Gingerbread and Honeycomb releases of Android, the overwhelming majority of devices are still vulnerable.
Arik Hesseldahl in Enterprise on January 28, 2011 at 2:40 pm PT
Ever heard of MHTML? No? Well, Microsoft says Internet Explorer users should turn it off for a while until the company figures out how to fix this latest vulnerability in Windows.
Voices
Spencer E. Ante, Reporter, The Wall Street Journal in News on November 3, 2010 at 2:45 pm PT
Internet-payment provider PayPal said its iPhone application contained a security flaw that could allow a hacker to access users’ accounts and has rushed out an update to correct the problem.
The hole stems from the app’s failure to confirm the authenticity of PayPal’s website when communicating over the Internet–a basic lapse that the security researcher who found the flaw said would allow someone to intercept passwords from unsuspecting users.
John Paczkowski in News on August 5, 2010 at 2:19 pm PT
Microsoft is going to issue enough patches to make a quilt next week–34 in all. Come August 10, “Patch Tuesday,” the company will deliver 14 bulletins, eight of them critical. Evidently that’s a new record.
News Byte
John Paczkowski in News on July 28, 2010 at 6:05 am PT
Another product refresh from Apple this morning–Safari 5.0.1, which adds support for third-party extensions to the browser. Debuting along with it is
the Safari Extensions Gallery, a showcase of about 100 extensions from the likes of Amazon, eBay, The New York Times, MLB and Twitter. Also included in this point release,
a fix for that
autofill vulnerability revealed last week.
John Paczkowski in News on July 23, 2010 at 10:18 am PT
Security researchers looking to make a buck digging up browser vulnerabilities can ignore Internet Explorer, because Microsoft isn’t going to pay them for their work. Though Google and Mozilla recently raised the bounties they pay for bugs discovered in their browsers, their Redmond rival has no plans to follow suit.
