Stories by: Erik Larkin

Mozilla yesterday released updates for its Firefox Web browser to shore up vulnerabilities in the 3.5.x and 3.0.x browser versions.

As cloud computing speeds ahead, privacy protections are too often being left in the dust.

Today's post-holiday Patch Tuesday included just one bulletin, which is rated critical only for Windows 2000, but Adobe also released a must-have Reader update.

Rootkits, a type of stealth technology used by malware malefactors, attempt to hide in the dark corners of an infected PC and evade detection. A new post out today from the Microsoft Malware Protection Center shines the spotlight on the evil tools.

Crooks are once again exploiting the zero-day hole in Adobe Reader and Acrobat to install a remote-control Trojan on victim machines.

The experimental Fishbowl for Facebook application connects you with all your Facebook data without a browser. Its layout differs somewhat from what you'd get on the Web page, but it's otherwise pretty similar.

For two years as a researcher with security company FireEye, Atif Mushtaq worked to keep Mega-D bot malware from infecting clients' networks. In the process, he learned how its controllers operated it.

If you're concerned about the privacy implications of reading digital books, take a look at a nice guide put up yesterday by the Electronic Frontier Foundation.

The FireFound add-on for the Firefox browser adds tracking and remote wipe features that can help with lost or stolen computers.

A dangerous vulnerability in Internet Explorer 6 and 7 became publicly known before a fix was available, raising the specter of a high-risk zero-day attack. The bug involves the way IE handles Cascading Style Sheets (CSS) objects, and could let an attacker run any command on a targeted Windows XP, Vista, Server 2003, or Server 2008 PC. Bad guys have already posted sample attack code online. IE 8 is not affected. For more information, see Microsoft Security Advisory 977981.Meanwhile, a bug in the way Windows handles Embedded OpenType could allow a baddie to take over vulnerable Windows XP, 2000, or Server 2003 computers via malicious Websites or poisoned Office documents. The bug can't harm Vista or Server 2008, and doesn't affect Windows 7. Read Microsoft Security Bulletin MS09-065 for details.