Security Patch Management
- January 29, 2016
A new OpenSSL patch fixes a severe encryption flaw and strengthens the protocol against the Logjam vulnerability.
- January 26, 2016
Fortinet denies that a vulnerability found in many of its products is a true backdoor, but finds that the flaw is more widespread than once thought.
- January 14, 2016
A Microsoft Silverlight patch becomes more important as researchers claim it may be a Hacking Team zero day that has been known for years.
- January 12, 2016
Microsoft's January 2016 Patch Tuesday started the year with the IE end of life for older versions of the browser and an important address-spoofing patch.
- December 30, 2015
Just weeks after its biggest security update of the year, Adobe issued emergency patches for a new round of Flash bugs, including one already being exploited by attackers.
- December 08, 2015
Microsoft's December 2015 Patch Tuesday brought a number of fixes to Windows, including a patch for a DNS query bug and zero-day flaws in the Windows kernel and Microsoft Office.
- November 13, 2015
News roundup: WebSphere, JBoss, Jenkins and more hit by Java vulnerability in an open source library. Plus, SAP HANA deals with critical vulnerabilities, and more.
- November 11, 2015
Microsoft's November 2015 Patch Tuesday delivers 12 total bulletins, four of which are critical, and one issue with font handling that angers one expert.
- November 10, 2015
The NSA published its vulnerability disclosure policy, which aims to balance intelligence benefits with security, but experts said the policy raises more questions than it answers.
- October 22, 2015
Oracle patches 154 flaws in its quarterly update. Experts said patches need to be released faster, but Oracle stands by its release schedule.
- October 19, 2015
Adobe has released an emergency patch for Flash zero-day vulnerabilities that have been exploited in the wild in attacks on foreign affairs ministries.
- October 13, 2015
Microsoft's October 2015 Patch Tuesday has the fewest number of bulletins of any release this year, and is also the first of the year to not feature any patches related to zero-day exploits.
- October 01, 2015
A new study has found that although flaws are most likely to be exploited within 60 days of discovery, companies can take between 100 and 120 days for vulnerability remediation.
- September 08, 2015
Microsoft's September 2015 Patch Tuesday is available now and includes five critical bulletins, two of which tackle remote code execution flaws affecting Microsoft Office.
- August 19, 2015
One week after Patch Tuesday, an out-of-band Microsoft security patch is available for a critical flaw in Internet Explorer that affects all supported versions of Windows and Windows Server.