226 articles

A legacy bug in a legacy code: today’s problem

Microsoft has patched yet another bug in OLE, this time one that’s 19-years-old. While it is extremely surprising this bug hadn’t been discovered earlier, the crucial question here is the use of the underreviewed legacy code that developers have to drag along for decades.

Pikes in the lake: new bugs to keep us awake

Vulnerabilities vary. Some are considered critical, some – less problematic; their severity is determined by a few well-known factors such as ease of exploitability and popularity of software. But, no matter their differences they all require serious attention at a constant level, so that when the next Shellshock-like incident occurs, it won’t take cybersecurity world by surprise.

Stuxnet’s “hole”: the vulnerability is still around

Four years after the discovery of the Stuxnet worm, the primary vulnerability it had been exploiting is still around. This is mainly the problem of poorly maintained Windows XP PCs and servers, most likely inhabited by worms. In the interconnected world a neglected PC or a server is a possible problem for many people.