Offering regional and national programs, CIO (and CSO) events bring together some of the most respected names and thought leaders in information technology and security. Presented by CIOs and other senior level executives, these invitation-only programs offer timely topics and strong networking. Learn More »
Social Responsibility's Strategic Benefits
December 15, 11:30 AM - 12:30 PM US/Eastern (GMT-5)
Join Ed Granger-Happ, CIO of Save the Children, for a discussion of how creating an organization that is socially responsible improves staffing, retention, leadership development and overall corporate health.
Working With and Communicating to Your Board of Directors
January 13, 2009, 4:00 PM - 5:00 PM US/Eastern (GMT-5)
CIO panelists who will share tips and experiences working with their boards: Twila Day of SYSCO; Jeff O'Hare, West Corp.; Marc West, formerly with H&R Block.
IT's Role in Growing Mid-Market Companies
January 14, 4:00 PM - 5:00 PM ET (GMT-5)
Mid-market Council members will share their companies' stories and challenges in driving or coping with growth. Panelists represent Veterinary Pet Insurance, Medicis Pharmaceutical, and Intrax Cultural Exchange.
Learn more about the CIO Executive Council »
Apply today for a FREE subscription to CIO Magazine!
April 16, 2008 — IDG News Service —
Apple has issued a security patch for its Safari Web browser, fixing the flaw that earned one security researcher US$10,000 at the CanSecWest security conference.
The flaw was exploited by Independent Security Evaluators Researcher Charlie Miller to gain access to a MacBook Air computer three weeks ago. It lies in the WebKit open-source HTML rendering engine used by Safari and several other Mac OS X programs.
The bug lay in the way WebKit would process certain specially crafted JavaScript commands. In order to exploit the flaw, Miller had to first make the contest organizers visit a special Web site that contained his malicious JavaScript code.
There was one other winner in the CanSecWest PWN 2 OWN contest, which invited hackers to try to break into Windows, Mac and Linux computers. Shane Macaulay, a researcher with the Security Objectives consultancy, hacked into a Vista machine using an Adobe Flash Player bug, which was patched last week.
WebKit is also part of Apple's Dashboard and Mail software. An Apple spokesman could not say whether users of those products were also at risk from this attack.
In an e-mail interview, Miller said anything that used an older version of WebKit would be vulnerable. This might include Linux browsers and mobile-phone browsers, he said.
A second WebKit flaw, patched Wednesday, could lead to a cross-site scripting attack, in which an attacker can do things such as steal the login credentials or log the keystrokes of a victim.
Both the Windows and Mac OS X versions of Safari are vulnerable to these WebKit flaws, Apple said in its security advisory.
The Safari 3.1.1 update also includes fixes for a pair of Safari-for-Windows vulnerabilities that could possibly be exploited by attackers to run unauthorized software on a victim's computer and to make a fake phishing Web page appear to have a legitimate Web address.
Copyright © 2008 IDG News Service. All rights reserved. IDG News Service is a trademark of International Data Group, Inc.
Operational Excellence Is Key to Maximizing IT Investments
Learning from BPM Leaders
Optimizing Infrastructure Control
File Integrity Monitoring: Secure Your Virtual and Physical IT Environments
Configuration Assessment: Choosing the Right Solution
Effective Security with a Continuous Approach to ISO 27001 Compliance
Data Protection: Challenges for the Traveling User
Revolutionizing Endpoint Security with a Single Agent
Gartner on Data Deduplication Cost Savings
Optimizing Wide-Area Data Services Webcast
Dashboard Strategies for Business Users
Raising the Bar on Business Service Delivery: Best Practices in Application Performance
Resource Alerts
Get instant email notifications by topic when white papers, webcasts, and case studies are added to our library.
Clearwire, Sprint Close WiMax Deal
Netbooks: Small, Cheap -- and Fast?
Clearwire, Sprint Close WiMax Deal
'Social Mobile' Applications: the Missing Book
Vista SP2 Due Next April, Says Report
Fear of More Attacks Could Hurt Business in India
London Hospitals Almost Back Online After Worm Infection
Google Earth Used By Terrorists in India Attacks
Microsoft and Yahoo Dismiss Report of Search Deal
China'S NetDragon Teams with EA on Online Game
Just the basics, please. Sometimes we all need a refresher or we need to make sure our team and our colleagues are all on the same page.
Over 25 tutorials on everything from business intelligence to virtualization.
- CIO|
- Computerworld|
- CSO|
- DEMO|
- Game Pro|
- Games.net|
- IDG|
- IDG UK|
- IDG Connect|
- IDG Tech Network |
- IDG World Expo|
- Industry Standard|
- InfoWorld|
- ITworld|
- JavaWorld|
- LinuxWorld|
- MacUser|
- Macworld|
- Network World|
- PC World|
- Playlist|
- CIO UK|
- CIO Germany|
- CIO China|
- CIO Sweden|
- CIO Australia|
- Other CIO Sites
