Heise Security

Firefox 3.6.9 now supports a server header which can help to prevent clickjacking. The new version also fixes 14 vulnerabilities, including the DLL vulnerability in the Windows version

At the beginning of the week, a cross-site request forgery hole could be exploited to automatically send spam e-mails via Facebook

Apple has released versions 5.02 and 4.1.2 of Safari, security updates that address several critical vulnerabilities in the company's WebKit-based browser

The kiosk mode for Windows will only remain available for downloading until the end of this year. In June 2011, Microsoft will largely discontinue support

Source code which can be used on programmable developer boards to circumvent the Playstation 3's security systems, analogous to a PS3 Jailbreak, has been released under the name PSGroove

An ancient vulnerability in Internet Explorer allows attackers to access confidential data by importing web pages as style sheets

The TrueCrypt release team has released the first update to version 7.0 of its open source, cross platform, disk encryption tool, addressing a bug that caused some systems to crash when using custom storage device controller drivers

Zeven pretends to be the browsers malware blocker to encourage the user to install a "recommended" update, which turns out to be a rogue antivirus application

Adobe's Flash Player potentially allows web pages to access a computer's web cam and microphone. Using a remote man-in-the-middle attack, the player's settings can be modified so they allow arbitrary web pages to access these components

The free HAVP proxy, combined with free virus scanners for Linux, reduces the risk of falling prey to attacks when browsing the internet on a Windows PC. Its installation is anything but rocket science

Canonical released a beta for Ubuntu 10.10, version 3.0 of Ruby on Rails arrived, Google released Chrome 6 and a number of companies released open source-based tablets aimed at competing with Apple's iPad. India gave RIM two more months, IBM revised its X-Force security report and the source code for hacking PS3 game consoles arrived online

The tool allows users and IT professionals to harden existing software against known attacks - without the need to recompile

On the second anniversary of the release of the first version of Chrome, Google has released version 6 of its Chrome web browser into the stable and beta channels which also closes critical holes

Source code which can be used on programmable developer boards to circumvent the Playstation 3's security systems, analogous to a PS3 Jailbreak, has been released under the name PSGroove

The Wireshark project has released version 1.4.0 of its open source, cross-platform network protocol analyser, adding and updating a number of new features and dropping support for Windows 2000 systems

All of the holes are contained in WebKit and can be exploited to compromise systems

Outdated programs make it easy for attackers to compromise a system. The newly released beta of version 2.0 of Secunia's Personal Software Inspector (PSI) not only sniffs out vulnerable software, it also updates some programs automatically

Microsoft has released a 'fix-it' which automatically creates the registry entry required to protect against the DLL vulnerability

A forgotten parameter which has been dormant in QuickTime's ActiveX control for 9 years and is still present in the current version can reportedly be exploited to inject malicious code

A report by IBM said that Google left every third critical hole unpatched in the first half of 2010. IBM have now admitted their mistake and corrected their report