vulnerability

Running a vulnerability assessment is more important than ever as security threats and weaknesses in applications and operating systems are a constant target for hackers and cyber criminals. The speed at which computer systems are attacked is also accelerating. For instance, when the Conficker worm was discovered in September 2008 and then released in November 2008, according to estimates the worm was able to quickly infect approximately nine to 15 million systems – even months later, machines were still infected with the worm. All it took was one single vulnerability to be exploited.

As part of Monday's iOS 4 upgrade, Apple patched a record 65 vulnerabilities in the iPhone, more than half of them critical.

Apple released iOS 4 for the iPhone 3G and 3GS, and the second- and third-generation iPod Touch on Monday shortly after 1 p.m. Eastern time, 10 a.m. Pacific time.

However, the first-generation iPhone and iPod Touch, as well as the much newer iPad, may be vulnerable to some or all of the 65 bugs. The new iOS 4 operating system, which launched yesterday, can't be installed on 2007's iPhone and iPod Touch, and the upgrade is not slated to reach iPad owners until this fall.

The bug count is a record for Apple's iPhone, surpassing the previous high mark of 46 vulnerabilities patched last summer with iPhone OS 3.0.

Read more.

Claims made of a major vulnerability in the Microsoft Windows operating system have been refuted.

Jan Fry, head of PCI at ProCheckUp Labs, claimed that the findings by 2X Software, revealed exclusively by SC Magazine yesterday, were a 'little sensationalist'. Yesterday, 2X Software said that with a simple piece of code, an operating system from Windows 7/Server 2008 versions to Windows 2000/Server 2003 could be crashed with malicious applications installed.