Security Patch Management
- June 26, 2015
New roundup: Sometimes the least of threats -- such as click fraud -- can end up being the bigger issues -- like ransomware. Plus: U.S. Navy won't let go of XP; U.S./China cyber code of conduct; and more!
- June 23, 2015
Adobe releases an emergency Flash Player patch for a zero-day flaw said to be used in a Chinese hacker group's phishing scheme.
- June 09, 2015
Microsoft's June 2015 Patch Tuesday features eight bulletins, including a critical update for Internet Explorer and Windows Media Player. Plus: Adobe releases fix for 13 Flash vulnerabilities.
- May 12, 2015
Microsoft's May 2015 Patch Tuesday has made 2015 this biggest year for patches through the first five months and is highlighted by two non-critical patches, according to experts.
- May 06, 2015
Microsoft Ignite 2015 showed that Microsoft may have rethought the Tuesday part of Patch Tuesday, but Windows Update is stronger than ever.
- April 29, 2015
Secunia's quarterly Personal Software Inspector (PSI) report shows that while OS and application patching has remained steady, users may be ignoring end-of-life software and the risks associated with it.
- April 17, 2015
A critical vulnerability in Windows HTTP.sys was detailed as part of Microsoft's April Patch Tuesday, and the flaw is already being actively exploited in the wild.
- April 16, 2015
The latest Oracle Critical Patch Update includes fixes for close to 100 vulnerabilities, but one expert says there is a critical update for Java on the desktop that needs immediate attention.
- April 14, 2015
Microsoft's April 2015 Patch Tuesday release is lighter than usual with 11 total bulletins, but experts say that system admins should immediately install a critical HTTP.sys patch for Windows Server.
- April 14, 2015
The new 'Redirect to SMB' vulnerability is an update to an 18-year-old flaw that can lead to man-in-the-middle attacks on all versions of Windows.
- March 25, 2015
Secunia's 2015 Vulnerability Report shows that better vulnerability reporting and awareness of flaws doesn't necessarily mean vendors offer more patches or focus on the most critical issues.
- March 16, 2015
Update: Microsoft has re-released Enhanced Mitigation Experience Toolkit version 5.2 to correct a bug involving IE 11.
- March 10, 2015
Microsoft's March 2015 Patch Tuesday bulletins include a fix for the FREAK vulnerability, as well as five critical fixes, but surprisingly, an expert says one of the fixes deemed non-critical actually demands immediate attention.
- March 05, 2015
The serious HTTPS FREAK exploit was thought to only affect Android, iOS, and MacOS, but Microsoft has confirmed that it also affects all supported versions of Windows.
- February 25, 2015
Google's Project Zero has added more leeway to its vulnerability disclosure policy, but industry observers are split on whether 90 days is enough time to fix software flaws, or not enough time to manage a sensitive, resource-intensive process.