Security Patch Management
- September 21, 2016
Symantec patched another set of serious file parsing flaws in its antivirus products, which were discovered by Google Project Zero researcher Tavis Ormandy.
- September 15, 2016
Oracle's lack of response to security researchers raises more questions after a zero-day MySQL vulnerability was reported, though patches may have already been released.
- September 14, 2016
Microsoft's Patch Tuesday will change drastically in October, and experts disagree whether the new monthly Windows rollup will make patching simpler or more of a hassle.
- September 13, 2016
Microsoft's September 2016 Patch Tuesday is what many would consider a standard bulletin release with a major focus on fixes related to web browser security.
- August 31, 2016
The antivirus industry has been under fire lately, and Microsoft's Windows 10 Anniversary update has added new troubles for antivirus software vendors.
- August 09, 2016
Microsoft's August 2016 Patch Tuesday focuses on critical browser vulnerabilities in Edge and Internet Explorer, as well as flaws with Microsoft Office and PDF Library.
- July 22, 2016
Oracle patches its biggest batch yet of security fixes in this quarter's CPU cycle.
- July 12, 2016
Adobe Reader bugs take center stage for the July 2016 Patch Tuesday, as Microsoft has a smaller bulletin list of fixes for its products.
- July 08, 2016
In this Risk & Repeat podcast, SearchSecurity editors discuss a new Google Project Zero report on yet another round of critical Symantec vulnerabilities.
- June 29, 2016
A raft of new Symantec and Norton antivirus vulnerabilities exposed by Google Project Zero are 'as bad as it gets,' according to Tavis Ormandy: RCE, no user interaction and wormable.
- June 15, 2016
SAP vulnerability patched, finally: The Java flaw was originally patched in 2010 but became the subject of an unprecedented US-CERT alert in May.
- June 14, 2016
Microsoft's June 2016 Patch Tuesday release is not the most important of the day according to experts, instead another Adobe Flash zero-day vulnerability gets the spotlight.
- May 19, 2016
The ImageTragick bug raises questions over responsible disclosure, as the flaw in the ImageMagick image-processing library exposes millions of websites to remote code execution.
- May 17, 2016
Google Project Zero disclosed a Symantec vulnerability that can be exploited with zero interaction and was described being as bad as it can possibly get.
- May 13, 2016
DHS US-CERT warns of a patched SAP Java vulnerability from 2010 that has enabled breaches at three dozen global enterprises due to configuration issues.