Microsoft Patch Tuesday and patch management
- November 12, 2018
Researchers discover major manufacturers poorly implemented SSD encryption, allowing easy access to data, and Microsoft BitLocker made the issue worse.
- October 26, 2018
The vendor requirements for Android are a strange and mysterious thing but a new leak claims Google has added language to force manufacturers to push more regular Android security updates. ...
- September 18, 2018
Unpatched systems are still being targeted by the WannaMine cryptojacker, despite warnings and global cyberattacks using the EternalBlue exploit leaked from the NSA.
- September 12, 2018
Microsoft's September 2018 Patch Tuesday release included a fix for the Windows ALPC vulnerability that was exploited in the wild for about two weeks before being patched.
- July 20, 2018
News roundup: Critical Cisco vulnerabilities in Policy Suite products were patched this week. Plus, Venmo's API is set to public, exposing a trove of customer data, and more.
- June 14, 2018
Microsoft's unspoken patch management policy has been codified in the new Security Servicing Commitment, which outlines what flaws will be patched monthly and which will be in Windows updates.
- June 13, 2018
A Windows DNS patch for both desktops and servers headlines Microsoft's June 2018 Patch Tuesday, but the release also includes mitigations for Spectre v4 and more.
- June 01, 2018
A Yokogawa Stardom vulnerability leaves industrial control systems in critical infrastructure around the world at risk because of hardcoded credentials in the software.
- May 09, 2018
Microsoft's Patch Tuesday for May includes fixes for two zero-day vulnerabilities under attack, including an Internet Explorer exploit known as Double Kill.
- May 04, 2018
The timeline for the AMD patches promised to fix chipset flaws disclosed in March is being criticized, but AMD said the patches are being tested by partners and are still on track.
- April 30, 2018
The combination of a broken Oracle WebLogic vulnerability and available proof-of-concept exploit code has led threat actors to search for any servers that are at risk.
- April 18, 2018
At RSA Conference 2018, Paul Kocher, who co-discovered the Spectre flaws, discussed the chip vulnerabilities and explained why disclosure and mitigation efforts were so troubled.
- April 06, 2018
Microsoft's poor coding when forking and modifying open source UnRAR code introduced a critical Windows Defender flaw that could allow an attacker full system rights.
- April 05, 2018
No Spectre microcode patches will be coming for older Intel processors, but the newest generation of Intel CPUs will have mitigations built in when they ship later this year.
- February 21, 2018
In this week's Risk & Repeat podcast, SearchSecurity editors examine Intel's new bug bounty for side channel attacks and what it says about Meltdown and Spectre.