security vulnerabilities

Security vulnerabilities are caused by flaws in code that are exploitable and are not caught before software is released. Learn more.

There's all sorts of interesting security research being done out there, but sometimes you just sort of shake your head.

A new report has come out that folks with fancy new smartphones that have large touchscreens may face a threat because the smudges left on the screen could indicate passwords.

It certainly makes for a good headline... but... seriously? Has this ever happened? Doubtful. How likely is it to happen?

It seems exceptionally unlikely.

html Sanitisation (defined below) has been with us for a long time, ever since the first genius who came up with the idea of allowing potentially untrustworthy third party html to be dynamically patched into their own markup.

The years have not taken this kindly, and third-party html inclusion has remained one of the most complex and underappreciated vectors for security vulnerabilities.

In this article, I take a look at some of the solutions PHP developers rely upon to perform html Sanitisation.

eSecurityPlanet: "Google is updating the stable version of its Chrome Web browser for Windows, Mac and Linux, addressing a handful of security vulnerabilities -- including four that could put users at risk simply by viewing a maliciously constructed image file."

Netstat -vat: "Pligg, which is an open source attempt at a Digg-like social networking voting site application is being updated this week for some serious security vulnerabilities."

Netstat -vat: "Apache HTTP Server 2.2.14 fixes three security vulnerabilities which could potentially have left users at risk, albeit a small risk."

Netstat -vat: "Mozilla is updating its Firefox 3.x browser to version 3.0.12 for five critical security vulnerabilities.

All of the issues have already been addressed in the latest Firefox 3.5.1 update which came out last week."

Enterprise Networking Planet: "Operating systems are always a weak spot when it comes to network security because they are riddled with bugs which lead to security vulnerabilities.

But why is it so hard to write secure operating systems and what can be done to make them more secure?"

A coalition of government, academic and private-sector security organizations have announced a list of the top 25 programming errors that are responsible for the majority of security vulnerabilities plaguing applications.