Microsoft Patch Tuesday and patch management
- May 09, 2018
Microsoft's Patch Tuesday for May includes fixes for two zero-day vulnerabilities under attack, including an Internet Explorer exploit known as Double Kill.
- May 04, 2018
The timeline for the AMD patches promised to fix chipset flaws disclosed in March is being criticized, but AMD said the patches are being tested by partners and are still on track.
- April 30, 2018
The combination of a broken Oracle WebLogic vulnerability and available proof-of-concept exploit code has led threat actors to search for any servers that are at risk.
- April 18, 2018
At RSA Conference 2018, Paul Kocher, who co-discovered the Spectre flaws, discussed the chip vulnerabilities and explained why disclosure and mitigation efforts were so troubled.
- April 06, 2018
Microsoft's poor coding when forking and modifying open source UnRAR code introduced a critical Windows Defender flaw that could allow an attacker full system rights.
- April 05, 2018
No Spectre microcode patches will be coming for older Intel processors, but the newest generation of Intel CPUs will have mitigations built in when they ship later this year.
- February 21, 2018
In this week's Risk & Repeat podcast, SearchSecurity editors examine Intel's new bug bounty for side channel attacks and what it says about Meltdown and Spectre.
- February 13, 2018
Two critical flaws in Broadcom Wi-Fi chips disclosed last year were thought to affect only Apple and Android devices, but Lenovo now says ThinkPad models are vulnerable, too.
- February 05, 2018
Proofpoint researchers discovered a large Monero mining botnet that uses EternalBlue to spread, and it isn't the first time the Windows flaw has been used for cryptojacking.
- January 30, 2018
Microsoft was forced to release an out-of-band Spectre patch designed not to mitigate the vulnerability but to protect users from Intel's broken fix.
- January 26, 2018
Intel first learned of the Spectre vulnerabilities on June 1, but a confidential document shows the chipmaker didn't inform OEM partners until almost six months later.
- January 23, 2018
Intel claims it has determined why the Spectre and Meltdown patches caused issues on some chips. The vendor is working on a fix and suggests users don't patch for now.
- January 12, 2018
Customers reported the firmware Intel Meltdown patch caused reboot issues on Broadwell and Haswell chipsets, leading to a patch review by Intel.
- January 12, 2018
AMD initially believed the Spectre vulnerabilities posed "near zero risk" to its chip, but the company this week reversed course and is planning microcode updates for its products.
- January 10, 2018
Microsoft's January 2018 Patch Tuesday brings Meltdown and Spectre patches to users, except those on AMD chipsets or those with incompatible antivirus.