Security Management Strategies for the CIO
Email Alerts
-
Microsoft patches 12 Office flaws with critical updates
Attackers could take complete control of machines running versions of Microsoft Office, the software giant warned Tuesday. Four critical updates were released to fix 12 flaws. Article
-
Inside MSRC: Microsoft Excel patches plug serious phishing risk
Microsoft's Bill Sisk explains why a number of vulnerabilities in Excel should be patched to reduce the risk of dangerous phishing attacks. Column
-
Two-tier distributed systems vs. three-tier distributed systems
Mike Rothman discusses the pros and cons of using two-tier distribution systems vs. thee-tier distributed systems. Ask the Expert
-
Should enterprises use open source productivity suites?
Many IT administrators remain wary of open source software, often citing its lack of any warranty protection. Expert Michael Cobb explains why enterprise pros shouldn't worry too much about giving the free tools a try. Ask the Expert
-
Developing a patch management policy for third-party applications
Enterprises may push the latest critical Windows patches once a month, but here's a dirty little secret: Most organizations don't bother patching their third-party applications. The diversity of client-side software -- including everything from Acrob... Tip
-
Microsoft warns of Excel zero-day flaw
Attackers are actively exploiting a zero-day flaw in Microsoft's Excel spreadsheet program, and users are being warned not to open files sent from unknown and untrusted sources. Article
-
A new twist on PCI DSS: Visa's Payment Application Best Practices
The Payment Card Industry (PCI) Security Standards Council is poised to issue another mandate, this time adding Visa's Payment Application Best Practices (PABP) into the compliance mix. New contributor Stephen Cobb examines Visa's controls and how bu... Tip
-
McAfee plugs flaw
McAfee's E-Business Server contains a flaw that could be exploited to cause a DoS attack. Article
-
Should a Java Runtime Environment (JRE) be kept up to date?
Critical security flaws are often discovered in Java Runtime Environment implementations. Unfortunately, most users don't apply any appropriate patches. Ed Skoudis reveals the security risks posed by a vulnerable JRE. Ask the Expert
-
Exploit code targets RealPlayer, researchers warn
A zero-day flaw in the latest version of RealPlayer can be actively targeted with working exploit code, according to researchers at US-CERT. Article