ZDNet

Apache's new security update for HTTP Server fixes two flaws

The Apache Software Foundation has released an update to address a critical flaw in its hugely popular web server that allows remote attackers to take control of a vulnerable system. The first Apache ...
Computerworld

Web server security wars: Is IIS or Apache more secure

Continuing the theme from my previous column on the relative security of Internet Information Service (IIS) vs. Apache, I’ve come across more studies to support my initial conclusion. If you remember, ...
ZDNet

Apache HTTP Server Project patches exploited zero-day vulnerability

Developers behind the Apache HTTP Server Project are urging users to apply a fix immediately to resolve a zero-day vulnerability. According to a security advisory dated October 5, the bug is known to ...
eWeek

Apache Patches Carpe Diem Vulnerability in Web Server Update

eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. Apache HTTP Web Server users are being urged to update ...
Threat Post

Apache Web Server Zero-Day Exposes Sensitive Data

The open-source project has rolled out a security fix for CVE-2021-41773, for which public cyberattack exploit code is circulating. Apache Software has quickly issued a fix for a zero-day security bug ...
Hackaday

This Week In Security: Apache Nightmare, REvil Arrests? And The Ultimate RickRoll

The Apache HTTP Server version 2.4.49 has a blistering vulnerability, and it’s already being leveraged in attacks. CVE-2021-41773 is a simple path traversal flaw, where the %2e encoding is used to ...
Bleeping Computer

Apache fixes actively exploited zero-day vulnerability, patch now

The Apache Software Foundation has released version 2.4.50 of the HTTP Web Server to address two vulnerabilities, one of which is an actively exploited path traversal and file disclosure flaw. The ...
Threat Post

Critical Apache HTTPD Server Bugs Could Lead to RCE, DoS

Don’t freak: It’s got nothing to do with Log4Shell, except it may be just as far-reaching as Log4j, given HTTPD’s tendency to tiptoe into software projects. Don’t duck at the latest mention of Apache: ...
Bleeping Computer

Apache emergency update fixes incomplete patch for exploited bug

Apache Software Foundation has released HTTP Web Server 2.4.51 after researchers discovered that a previous security update didn't correctly fix an actively exploited vulnerability. Apache HTTP Server ...
Computerworld

Opinion: Web server security: Is IIS or Apache more secure

Continuing the theme from my previous column on the relative security of Internet Information Services (IIS) vs. Apache, I’ve come across more studies to support my initial conclusion. If you remember ...
InfoWorld

Continuing the Web Server Security Wars: Is IIS or Apache More Secure?

Continuing the theme from my previous column on the relative security of Internet Information Service (IIS) vs. Apache, I’ve come across more studies to support my initial conclusion. Since a single ...