Security Patch Management
- November 13, 2015
News roundup: WebSphere, JBoss, Jenkins and more hit by Java vulnerability in an open source library. Plus, SAP HANA deals with critical vulnerabilities, and more.
- November 11, 2015
Microsoft's November 2015 Patch Tuesday delivers 12 total bulletins, four of which are critical, and one issue with font handling that angers one expert.
- November 10, 2015
The NSA published its vulnerability disclosure policy, which aims to balance intelligence benefits with security, but experts said the policy raises more questions than it answers.
- October 22, 2015
Oracle patches 154 flaws in its quarterly update. Experts said patches need to be released faster, but Oracle stands by its release schedule.
- October 19, 2015
Adobe has released an emergency patch for Flash zero-day vulnerabilities that have been exploited in the wild in attacks on foreign affairs ministries.
- October 13, 2015
Microsoft's October 2015 Patch Tuesday has the fewest number of bulletins of any release this year, and is also the first of the year to not feature any patches related to zero-day exploits.
- October 01, 2015
A new study has found that although flaws are most likely to be exploited within 60 days of discovery, companies can take between 100 and 120 days for vulnerability remediation.
- September 08, 2015
Microsoft's September 2015 Patch Tuesday is available now and includes five critical bulletins, two of which tackle remote code execution flaws affecting Microsoft Office.
- August 19, 2015
One week after Patch Tuesday, an out-of-band Microsoft security patch is available for a critical flaw in Internet Explorer that affects all supported versions of Windows and Windows Server.
- August 11, 2015
Microsoft's August 2015 Patch Tuesday may not be as packed with danger as a typical release, according to one expert, but does include critical bulletins for Microsoft Office and even one for the new Edge browser.
- August 07, 2015
News roundup: ICANN confirmed its members' credentials were stolen Wednesday, forcing the nonprofit to enforce a site-wide password reset. Plus: VPN provider being used for APTs; Thunderstrike strikes again; Windows 10 security in its first week.
- July 24, 2015
HP's Zero Day Initiative has disclosed four critical vulnerabilities found in Internet Explorer that could lead to remote code execution, but mistakenly labeled them as affecting Windows desktop rather than Windows Phone.
- July 21, 2015
A Windows zero-day affecting a wide swath of Microsoft products has been found in the Hacking Team data leak, so Microsoft has released an out-of-band patch to fix the vulnerability.
- July 15, 2015
Researchers discovered two more vulnerabilities in Adobe Flash player stemming from the breach of Italian surveillance software vendor Hacking Team.
- July 14, 2015
July 2015's Patch Tuesday shows both Microsoft and Adobe working fast to patch four Hacking Team zero-day vulnerabilities exposed in the past week.