Highways England seeks vendor to replace Windows 2003-based pavement management systems


Whoever came up with the SWEEP acronym can have a job at El Reg

Highways England, the authority responsible for the nation's roads and related infrastructure, is asking tech vendors to bid for a project worth up to £15m to replace its ageing pavement information management systems.…

JET engine flaws can crash Microsoft's IIS, SQL Server, say Palo Alto researchers


Trio claim database queries can lead to remote code execution

Black Hat Asia  A trio of researchers at Palo Alto Networks has detailed vulnerabilities in the JET database engine, and demonstrated how those flaws can be exploited to ultimately execute malicious code on systems running Microsoft’s SQL Server and Internet Information Services web server.…

‘Unauthorized API’ in VMware cost management tool can be exploited to hijack appliances


Remote code execution possible on vRealize Business for Cloud – which knows a lot about your private and public platforms

VMware has admitted its vRealize Business for Cloud product includes an “unauthorised VAMI API” that can be exploited to achieve remote code execution on the virtual appliance. The security flaw is rated critical, scoring 9.8 on the ten-point Common Vulnerability Scoring System.…

Signal banned for booking obviously targeted ads? That story's too good to be true, Facebook claims


Antisocial giant dismisses chat app rival's 'stunt' in escalating war of words

Encrypted messaging service Signal on Tuesday made a show of trolling Instagram and its parent company Facebook by creating ads that incorporated audience targeting categories into its ad copy.…