Microsoft Patch Tuesday and patch management
- February 15, 2019
Google this week attributed security improvements in Google Play to both automated processes and human reviewers. The improvements include stopping bad apps from being published.
- February 08, 2019
New bug fix releases for both iOS and macOS include the anticipated FaceTime patch for the serious eavesdropping flaw in group chats as well as fixes for two iOS zero-days.
- December 21, 2018
News roundup: Microsoft issues an emergency patch for an Internet Explorer bug exploited in the wild. Plus, authorities indict three individuals for 'stresser' services, and more.
- November 12, 2018
Researchers discover major manufacturers poorly implemented SSD encryption, allowing easy access to data, and Microsoft BitLocker made the issue worse.
- October 26, 2018
The vendor requirements for Android are a strange and mysterious thing but a new leak claims Google has added language to force manufacturers to push more regular Android security updates. ...
- September 18, 2018
Unpatched systems are still being targeted by the WannaMine cryptojacker, despite warnings and global cyberattacks using the EternalBlue exploit leaked from the NSA.
- September 12, 2018
Microsoft's September 2018 Patch Tuesday release included a fix for the Windows ALPC vulnerability that was exploited in the wild for about two weeks before being patched.
- July 20, 2018
News roundup: Critical Cisco vulnerabilities in Policy Suite products were patched this week. Plus, Venmo's API is set to public, exposing a trove of customer data, and more.
- June 14, 2018
Microsoft's unspoken patch management policy has been codified in the new Security Servicing Commitment, which outlines what flaws will be patched monthly and which will be in Windows updates.
- June 13, 2018
A Windows DNS patch for both desktops and servers headlines Microsoft's June 2018 Patch Tuesday, but the release also includes mitigations for Spectre v4 and more.
- June 01, 2018
A Yokogawa Stardom vulnerability leaves industrial control systems in critical infrastructure around the world at risk because of hardcoded credentials in the software.
- May 09, 2018
Microsoft's Patch Tuesday for May includes fixes for two zero-day vulnerabilities under attack, including an Internet Explorer exploit known as Double Kill.
- May 04, 2018
The timeline for the AMD patches promised to fix chipset flaws disclosed in March is being criticized, but AMD said the patches are being tested by partners and are still on track.
- April 30, 2018
The combination of a broken Oracle WebLogic vulnerability and available proof-of-concept exploit code has led threat actors to search for any servers that are at risk.
- April 18, 2018
At RSA Conference 2018, Paul Kocher, who co-discovered the Spectre flaws, discussed the chip vulnerabilities and explained why disclosure and mitigation efforts were so troubled.