security flaws

Most fuzz-testing tools use the blackbox approach of throwing random inputs at a program without knowledge of the code.

For the last two years, Microsoft has used a whitebox fuzz-testing method developed by Microsoft Research to reduce security flaws in its Windows x86 software.

Microsoft's security team announced late last month that it is investigating two proof-of-concept flaws in Microsoft's Web-related software.

Note: this article was supposed to be released on November 3rd, but I was not able to finish and release it in time. So don't wonder if the tense in the article is not correct.

Security vulnerabilities are caused by flaws in code that are exploitable and are not caught before software is released. Learn more.

eSecurityPlanet: "Google is updating the stable version of its Chrome Web browser for Windows, Mac and Linux, addressing a handful of security vulnerabilities -- including four that could put users at risk simply by viewing a maliciously constructed image file."

Netstat -vat: "The first update to PHP 5.3 is now available providing 5 security fixes in addition a long list of bug fixes to the popular open source dynamic language."

On the eve of its July security patch release, Redmond issued a security advisory on flaws in the ActiveX control function -- the second such advisory in as many weeks.

According to PHP.net, the latest release in the PHP 5.2.x series is now available for Windows users - PHP 5.2.9-2.