Articles about bug

Satya Nadella

You're doing open source wrong, Microsoft tsk-tsk-tsks at Google: Chrome security fixes made public too early

A few weeks ago, Google paid Microsoft $7,500 after Redmond's security gurus found, exploited and reported a vulnerability in the Chrome browser – a flaw that would allow malicious webpages to run malware on PCs. Now Microsoft isn't entirely happy with the way Google handled it, and having been schooled a few times on security …
Iain Thomson, 19 Oct 2017

Microsoft's fix for web graphics going AWOL? Disable your antivirus

If Internet Explorer 11 users exist, they may have noticed missing graphics in web apps. Now Microsoft has some free, helpful advice that might restore them: disable your antivirus. Microsoft's Browser Support team noted today that there are three special scenarios where Internet Explorer 11 web graphics elements are missing …
Andrew Silver, 30 Aug 2017

Bad data and new IT system bugs help knock 66% off Provident Financial share price

Software bugs and bad data in a new one-platform-to-rule-them-all IT system contributed heavily to British sub-prime loan firm Provident Financial going into near meltdown. Provident's shares crashed 66 per cent yesterday as the short-term loan company revealed that problems with its new IT system meant it could not collect …
Gareth Corfield, 23 Aug 2017
Bug

Crazy bug of the week: Gnome Files' .MSI parser runs evil VBScripts

Gnome developers, take a bow: a bug in your image thumbnailer has opened up a (not too scary, thankfully) hole for script injection. The security vulnerability was revealed this week by Nils Dagsson Moskopp here, and his advice for users is: “Delete all files in /usr/share/thumbnailers. Do not use GNOME Files. Uninstall any …
chart of Fusion debugging tool

Behold, auto-completing Android bug reports – because you're not very thorough

Auto-completion systems that attempt to finish your sentences when typing text messages or search queries can be a mixed blessing. Often, they save time. But they can also get in the way when they make incorrect guesses about intended input. In the context of software bug reporting, however, auto-completion – adding additional …
Thomas Claburn, 15 May 2017
Angry man on laptop. Illustration via Shutterstock

Cisco boxen hang after 213-and-a-half days

If you're the lucky owner of Cisco Firepower or Adaptive Security Appliance devices, check the version number and see if you need to reboot your kit. Switchzilla has discovered an operational (that is, not security) bug that makes the devices hang after continuous operation for around 18,446,400 seconds (213-and-a-half days …
Poison pill

Sloppy iOS apps expose 'encrypted' user traffic

Seventy-six iOS applications with an accumulated 18 million downloads between them are vulnerable to having their encrypted HTTPS traffic compromised. That's the assertion made by Sudo Security's Will Strafach, who turned up the bugs while developing a scanner to analyse app binaries. Strafach told The Register the problems …
plasters cover arm. photo by shutterstock

Got an OpenBSD Web server? Better patch it

OpenBSD and two of its SSL libraries need patches against a pair of denial-of-service bugs that can crash Web-facing servers. The first is in the operating system's SSL implementation, specifically in the HTTP daemon. An advisory says that daemon can be crashed with repeated SSL renegotiation. A single renegotiation thread, …
Radbot teaser image by Damon Hart-Davis

Testing times: Between some IoT code and a hard place

Radbot Every company has its ups and downs. Those downs could be exploding phones or a sudden unmovable overstock of Clinton merchandise (or conversely an uptick in Trump-the-statesman t-shirt demand). Bigger organisations can better absorb the illness of a member of staff or a surge in demand beyond all expectations, although no one …
Delta Airlines, photo by Lerner Vadim via Shutterstock

Power cut crashes Delta's worldwide flight update systems

Updated A computer outage has caused worldwide delays for thousands of passengers using Delta Airlines. The US carrier tweeted about the issues on Monday morning, blaming delayed and cancelled flights on a “computer outage." Delta, based in Atlanta, Georgia, subsequently blamed the crash on a massive power cut at 2.38am ET (7.38am …
Gavin Clarke, 8 Aug 2016
Mambo Unlimited's gold bug. Pic: Steve Caplin

OpenSSH has user enumeration bug

A bug in OpenSSH allows an attacker to check whether user names are valid on a 'net-facing server - because the Blowfish algorithm runs faster than SHA256/SHA512. The bug hasn't been fixed yet, but in his post to Full Disclosure, Verint developer Eddie Harari says OpenSSH developer Darren Tucker knows about the issue and is …
Bug

SQLite developers need to push the patch

SQLite has pushed out an update to fix a local tempfile bug, to address concerns that the bug could be exploitable beyond the merely local. The bug was found by KoreLogic and reported to the popular open source database project, before being published at Full Disclosure. The issue is that SQLite creates its tempfiles in a …
Lexus screen

Lexus cars suffer Purple Screen of Death – code bug turns the air blue

US owners of later-model Lexus cars have had a frustrating day after an over-the-air update left the entertainment and navigation systems locked in a loop of restarts and flashing purple hues. Lexus has blamed "errant data" that was broadcast to some Lexi sold after 2014, causing the system controlling navigation, audio, …
Iain Thomson, 9 Jun 2016

IBM warns of 'bug poachers' who exploit holes, steal info, demand big bucks

At least 30 companies have been hit in the past year by so-called "bug poaching," where hackers break into corporate servers, steal data, and then demand a fee for showing how it was done. The technique, spotted by IBM's Managed Security Services researchers, involves miscreants breaking into a corp's servers, typically using …
Iain Thomson, 1 Jun 2016

Apple: Another bug fix. Er, thanks, GCHQ

GCHQ’s CESG (Communications-Electronics Security Group) assurance arm was behind the report of an OS X bug to Apple that the consumer electronics giant patched last week. The UK’s signals intelligence is perhaps better known in security circles for finding and exploiting software vulnerabilities in order to spy on foreign …
John Leyden, 23 May 2016

How to get root on a Linux box, step 1: Make four billion system calls

Oh look, it's another Linux kernel bug that allows a local user to escalate themselves to root. In exploiting CVE-2016-0728, discovered by Perception Point, “patience you must have,” because you have to cycle a 32-bit integer in the kernel around to zero. That means making 4,294,967,296 system calls to exploit the …
Shawshank Redemption

Software bug sets free thousands of US prisoners too early

Washington State Department of Corrections is facing an investigation after it released more than 3,200 prisoners too early due to a software bug. "These were serious errors with serious implications," Governor Jay Inslee said in a statement. "When I learned of this I ordered [the Department of Corrections] to fix this, fix it …
Iain Thomson, 23 Dec 2015
Panic button

Cisco bitten by Java deserialisation bug, working on patch

November's high-profile Java deserialisation bug has bitten Cisco, with the company announcing vulnerabilities across the board in its huge product line. The problem is so pervasive that it reaches into the most trivial activities of the sysadmin, such as serial number assessment services. The original advisory made by …

Create a news alert about bug, or find more stories about bug.

Biting the hand that feeds IT © 1998–2018