It seems that as the market share of Firefox increases the more and more the product is being targeted by malware authors. We have malware packs and similar beginning to include specific Firefox exploits to allow the compromise and infection of the systems of Firefox users.

It seems that the DNSChanger malware are attempting to utilise another interesting approach to ensuring that their victims are royally shafted.

On the 7th December the PHP Group removed from distribution their 5.2.7 release of the PHP due to the version containing a serious security-bypass weakness.

Well the last official patch Tuesday of 2008 and we have an early Christmas present of Eight advisory releases from Redmond this year.

A few days ago a new vulnerability was discovered in Internet Explorer 7.0 that was being actively exploited using sites hosted within China.

Well a little update on the new Internet Explorer XML Handling Zero Day. Firstly it seems this issue is now confirmed by Microsoft Security Response Center and they are investigating and monitoring the active exploitation of the issue.

IST has published details of the first round candidates for the SHA-3 competition.

Mozilla have released Firefox 2.0.0.19 and 3.0.5, Thunderbird 2.0.0.19, and SeaMonkey 1.1.14 to address a number of security vulnerabilities.

It seems the bad guys have been hard at it trying to come up with creative ways to compromise users systems running Internet Explorer using the recently discovered Zero Day vulnerability that was initially discovered through the handling of XML.

Microsoft have released a fix today for the Internet Explorer Binding Issue that has been exploited in the wild for the past month or so.