Patch Tuesday, June 2014 delivers seven advisories, of them, two critical, five important – one of which is the seldom seen “tampering” type.
Did you know that Outlook and many other email and mobile messaging Android apps store your emails and messages on the device's SD card, unencrypted, and accessible to any third-party app that is permitted to access the card's contents? Couple that with the (widely given) permission to access the Internet, and your potentially confidential conversations might be exfiltrated and stored on remote servers for attackers to peruse and misuse.
HP's Zero Day Initiative has published details about a zero-day vulnerability affecting Microsoft Internet Explorer 8 which the Redmond giant apparently has no intention to fix.
"Silverlight exploits are the drive-by flavor of the month," claim Cisco researchers.
When Microsoft issued an out-of-band security update to patch the zero day Internet Explorer vulnerability on May 1, it was revealed by researchers from security company FireEye that the bug was being actively exploited by attackers targeting US-based defense and financial firms.