Microsoft published yesterday a security advisory reporting a vulnerability in Internet Explorer 6 and 7. IE8 is not affected.
A buffer overflow vulnerability was disclosed last Thursday and rated "highly critical" by Secunia, but it is still unsure if attackers can successfully exploit the bug.
The Windows kernel has a vulnerability present in all versions of NT, which was first introduced in 1993.
Some vulnerabilities, security issues, and a weakness have been reported in Mozilla Firefox, which can be exploited by malicious people to disclose potentially sensitive information, bypass certain security restrictions, conduct cross-site scripting and cross-site request forgery attacks, and potentially compromise a user's system.
Some vulnerabilities have been reported in Opera, which can be exploited by malicious people to conduct spoofing and cross-site scripting attacks, bypass certain security restrictions, disclose potentially sensitive information, or potentially compromise a user's system.
A remote illegal access vulnerability exists in Microsoft Windows Live Messenger. An attacker can control the Live Messenger via constructing a malicious web page, once the victim visits this page, the attacker can control the local Live Messenger, including disclosing personal sensitive information of Live Messenger, transferring local audio and video information to remote and so on.
Despite the best efforts of the security community, the details of a critical internet vulnerability discovered by Dan Kaminsky about six months ago have leaked. Hackers are racing to produce exploit code, and network operators who haven't already patched the hole are scrambling to catch up. The whole mess is a good illustration of the problems with researching and disclosing flaws like this.
Elazar Broad has discovered some vulnerabilities in Trend Micro OfficeScan, which can be exploited by malicious people to compromise a user's system.
Apple has issued a security update for Mac OS X, which fixes multiple vulnerabilities.
Multiple vulnerabilities have been reported in Microsoft Office, which can be exploited by malicious people to compromise a user's system.