News

Microsoft Patch Tuesday and patch management

• September 23, 2010 23 Sep'10

  Sick of news about the monthly patch process? You need it; here's why

  Senior site editor Eric B. Parizo chides the grizzled security vets who are tired of news coverage about monthly and quarterly patches. Instead, he says, they should realize how critical it is.

• September 09, 2010 09 Sep'10

  September 2010 Microsoft security bulletins to fix 13 vulnerabilities

  Among the nine bulletins are fixes for Windows, IIS and Microsoft Office, but probably not a fix for the recently discovered IE8 CSS bug that can harvest social network data.

• August 05, 2010 05 Aug'10

  Reader overflow vulnerability to get emergency Adobe patch

  Security updates from Adobe will patch a critical flaw that was discussed at last week's Black Hat conference.

• August 05, 2010 05 Aug'10

  August Microsoft security bulletins to fix record-tying 34 vulnerabilities

  Microsoft will release 14 security bulletins this month, the most the software giant has ever released in one month.

• August 03, 2010 03 Aug'10

  TippingPoint Zero Day Initiative to push patch deadline on vendors

  TippingPoint's vulnerability disclosure team will give vulnerable vendors six months to create a patch.

• July 30, 2010 30 Jul'10

  Adobe vulnerability management: Arkin on the new threat landscape

  LAS VEGAS -- Brad Arkin and Adobe Systems Inc. have had to endure a lot of ribbing at Black Hat 2010. Arkin, senior director of product ...

• July 28, 2010 28 Jul'10

  Microsoft seeks true 'responsible' vulnerability disclosure

  In an interview at Black Hat 2010, the software giant said it doesn't see the need to join Mozilla and Google in paying security researchers who discover bugs in its products. It also announced a new mitigation toolkit and a partnership with Adobe.

• July 22, 2010 22 Jul'10

  Microsoft: Vulnerability disclosure will be coordinated, rather than 'responsible'

  While responsibility remains an imperative, it should be shared between researchers and security and software vendors, Microsoft said. Some security researchers are not impressed.

• June 08, 2010 08 Jun'10

  Microsoft emphasizes three critical updates on patch-heavy Tuesday

  During a Patch Tuesday full of almost a dozen bulletins and 34 vulnerabilities, Microsoft told customers to focus especially on three critical updates.

• May 20, 2010 20 May'10

  Shavlik moves patch management systems to the cloud

  New Web-based service is aimed at small and midsized businesses and can manage patch deployments via a browser-based console.

• April 14, 2010 14 Apr'10

  Adobe fixes 15 flaws in Reader, Acrobat

  Critical vulnerabilities affect Adobe Reader 9.3.1 and earlier versions. Latest round of patches uses new updater.

• March 30, 2010 30 Mar'10

  Microsoft emergency patch addresses IE vulnerabilities, zero-day

  Patch security professionals say that Microsoft's emergency update addressing IE vulnerabilities should be applied quickly.

• March 04, 2010 04 Mar'10

  Experts laud IPS virtual patching, but warn against misuse

  Virtual patching with intrusion prevention systems can offer a quick fix for vulnerabilities on an enterprise network, say experts at RSA Conference 2010, but the technique is no substitute for proper system and application patching.

• March 04, 2010 04 Mar'10

  Microsoft to address eight security vulnerabilities in Windows, Office

  Next week, Microsoft will issue two bulletins that address eight vulnerabilities in Windows and Microsoft Office.

• March 03, 2010 03 Mar'10

  Customer gets say during responsible vulnerability disclosure panel

  Paying customers are often the overlooked voice in disclosure debates over software vulnerabilities, but during a RSA Conference 2010 panel discussion, one made his presence felt.