Security Patch Management
- February 25, 2015
Google's Project Zero has added more leeway to its vulnerability disclosure policy, but industry observers are split on whether 90 days is enough time to fix software flaws, or not enough time to manage a sensitive, resource-intensive process.
- February 10, 2015
Microsoft's February 2015 Patch Tuesday release offers three critical fixes, including one for a dangerous Group Policy vulnerability, but does not patch a recently revealed IE XSS zero-day flaw.
- February 06, 2015
News roundup: With the proposed 2016 federal budget and push for a national data breach law, Washington may finally care about cybersecurity. Plus: Coviello to retire; Flash patched again; Sony Pictures breached by Russians and loses its co-chair.
- February 02, 2015
Trend Micro discovered a new zero-day bug in Adobe Flash that is being actively exploited in the wild. Adobe promises a patch for the vulnerability this week.
- January 30, 2015
News roundup: YouTube announced it has stopped using Flash by default in favor of HTML5. Is this the long-awaited end for Flash? Plus: Java was the riskiest software in 2014; BEC scam cost $215 last year; NFL data interceptions.
- January 26, 2015
Adobe's latest Flash zero day patch came Saturday, just two days after reports that the vulnerability was being exploited by drive-by-download attacks.
- January 23, 2015
News roundup: An of onslaught Adobe, Oracle, OpenSSL, Chrome and Firefox patches highlights the sad state of software security in 2015. Plus, security budgets increasing; HealthCare.gov security woes; false-positive alerts cost millions annually.
- January 19, 2015
For the third time in one month, Microsoft couldn't meet Google's 90-day public disclosure deadline, leading to Project Zero's disclosure, though experts say this Windows zero-day vulnerability may have little value to attackers.
- January 13, 2015
Microsoft's January 2015 Patch Tuesday updates include a critical Windows update for Telnet, and a fix for a controversial Windows 8.1 flaw disclosed two weeks ago. Plus: An expert says Adobe's critical Flash Player fix demands immediate attention.
- December 09, 2014
Capping a busy year of software updates, Microsoft's December 2014 Patch Tuesday release delivers three critical bulletins; separately Adobe offers a pair of critical fixes.