bug

If you've got the skills, it can certainly pay to be a security researcher. One expert recently earned more than $100,000 after discovering a major security flaw in Microsoft's Windows 8.1 operating system. The award is part of Microsoft's "bug ... bounty" program, which the Redmond, Washington-based firm unveiled earlier this year. Google and Mozilla also employ similar programs , which allow major tech firms to save money by effectively outsourcing their security tasks to independent experts. "Mitigation Bypass Bounty" Includes $100,000 Prize The $100,000 award is part of Microsoft's ... (view more)

Facebook says six million of its users have had their personal data exposed. The issue stems from a security bug that allowed email addresses and phone numbers to be easily accessed by a user's Facebook 'friends'. The problem is associated with ... Facebook's friend recommendation algorithm, which is designed to help users find old friends, family, and contacts and establish new relationships with them. Facebook uses uploaded personal data, including email addresses and contact lists, to find new 'friends'. This system can also be used to invite friends who are not yet Facebook members to join ... (view more)

Microsoft has admitted hackers are carrying out targeted attacks to exploit a newly-discovered bug in its popular Internet Explorer web browser. The company is working on a fix, but suggests users consider technical workarounds in the meantime. The ... bug affects all versions of Internet Explorer from version 6 (which shipped with Vista) to version 9 (the current edition). It won't affect Internet Explorer 10, which will first become available with Windows 8 in late October, 2012. Eric Romang, a security researcher, discovered the bug while examining a web server used by hackers. Romang found ... (view more)

Microsoft has published details of its next batch of security updates (known as Patch Tuesday), due to download to Windows machines automatically on Tuesday, November 8 via Windows Update. The only critical update in the batch affects newer rather ... than older editions of Windows. None of the security updates to be released next Tuesday are said to patch MS Word, which is currently being exploited by the Duqu virus (a major zero-day threat ). The entire update is a bit of a surprise, say critics, because it deals with just four groups of bugs -- a far cry from recent updates that have included ... (view more)

A ten-year-old has revealed a flaw in mobile-based video games that could potentially expose these devices to a security risk. The discovery came when the youngster got bored with the pace of farming games. The self-described hacker, who has not ... revealed her real name and prefers to be known publicly as CyFi, had been playing games similar to Farmville, which allow players to set up virtual farms and often either compete or co-operate with online friends. However, partly for realism and partly to keep gamers playing, it can often take hours before planting virtual seeds leads to crops growing ... (view more)

Online phone service Skype is preparing to fix a bug in the Mac edition of the system that could allow hackers to take control of a computer remotely. The site that discovered the bug has accused Skype of dragging its heels on the issue. Gordon ... Maddern of purehacking.com says he discovered the bug entirely by mistake. He was talking to a colleague on a Skype connection about some code written for a client. To his surprise he was able to make the code run on his colleague's computer. Upon closer examination, Maddern discovered that the hack only worked where the recipient's computer was a Mac ... (view more)

Microsoft has announced that Tuesday's security update will include patches for a record-breaking 64 security problems. They include fixes for a number of particularly high profile problems announced in the past couple of months. The update will be ... made up of 17 bulletins. That ties for the record, though this will be a new highest figure for the number of individual fixes. One of the bugs that's being fixed involved a bug in the Windows Server Message Block ("SMB"), the system that controls networking and file-sharing. The bug was disclosed in February and could theoretically have ... (view more)

Hackers are actively exploiting a bug that involves both Windows and Internet Explorer. Google believes the hackers may be targeting specific users. The bug involves MHTML, which is a special format designed to combine all the different files of a ... web page, such as the coding for the text and layout, the image files and video files, into a single file. It was originally developed as a way for a user to save an entire webpage to their desktop without winding up with a messy collection of files, but can also be used as a web link. The vulnerability involves the way that Internet Explorer and ... (view more)