Security Patch Management
- January 13, 2017
News roundup: St. Jude Medical patches vulnerable medical IoT devices after a five-month controversy. Plus, the Email Privacy Act is reintroduced; Juniper warns of a firewall flaw; and more.
- January 10, 2017
Microsoft offers up a meager January 2017 Patch Tuesday release before bigger changes planned for Windows security update announcements, which are set to take effect in February.
- January 04, 2017
Google Project Zero discovers more antivirus vulnerabilities. This time, the issues are with how Kaspersky Lab handles SSL certificate validation and CA root certificates.
- December 13, 2016
Microsoft's Dec. 2016 Patch Tuesday was a fairly routine monthly entry in a year that ended up setting a new record for most Windows patch bulletins.
- November 29, 2016
Vendors get an extra 30 days to patch under Cisco Talos' new responsible disclosure guidelines, as Talos notes key differences in time to patch among vendors.
- November 18, 2016
News roundup: The latest chapter of Symantec's security struggles involves a high-severity DLL code flaw. Plus, Dyn attacker might be a lone gamer, James Clapper resigns and more.
- November 09, 2016
Google released an Android patch for the Dirty COW vulnerability, but the fix won't be part of a mandatory security update until December.
- November 08, 2016
The November 2016 Patch Tuesday includes a patch for a Windows zero-day reportedly being exploited by Russian hackers, as well as bulletins experts think may be underrated by Microsoft.
- November 03, 2016
A Windows zero-day disclosed by Google caught Microsoft between patch cycles, and experts questioned whether Microsoft downplayed the severity of the vulnerability.
- November 02, 2016
Google disclosed an unpatched Windows zero-day vulnerability, which Microsoft claims is actively being exploited by a Russian APT group connected to the DNC hack.
- October 27, 2016
Surprise! It's time, again, for another critical Adobe Flash patch to fix a remote code execution vulnerability reported by the Google Threat Analysis Group.
- October 14, 2016
News roundup: As Adobe patches 83 vulnerabilities in Flash Player, Acrobat and Reader, the good news is none have been exploited in the wild -- yet. Plus, IoT threats and more.
- October 11, 2016
Microsoft's October 2016 Patch Tuesday changes the structure of the release to the monthly rollup and starts out by taking on five zero-day flaws.
- September 21, 2016
Symantec patched another set of serious file parsing flaws in its antivirus products, which were discovered by Google Project Zero researcher Tavis Ormandy.
- September 15, 2016
Oracle's lack of response to security researchers raises more questions after a zero-day MySQL vulnerability was reported, though patches may have already been released.