Microsoft Patch Tuesday and patch management
- August 09, 2012
Microsoft said it would address ten vulnerabilities in the August 2012 Patch Tuesday, including flaws in Internet Explorer.
- July 11, 2012
Microsoft has revoked more than two dozen digital certificates used to validate the authenticity of its software.
- July 10, 2012
The Microsoft XML Core Services vulnerability is being actively targeted by cybercriminals. In addition, Microsoft issued a critical update to Internet Explorer 9.
- July 05, 2012
Microsoft will issue nine bulletins, three rated “critical” as part of its July Patch Tuesday, addressing critical flaws in Windows and Internet Explorer 9.
- June 12, 2012
This month’s Patch Tuesday release includes seven bulletins that address 26 vulnerabilities in Windows, Internet Explorer, .Net Framework and Dynamics AX.
- June 07, 2012
Microsoft’s June Patch Tuesday includes seven bulletins, three critical, affecting Windows, Internet Explorer and Microsoft Dynamics.
- May 08, 2012
Experts suggest patience when dealing with this month’s round of Microsoft updates.
- May 03, 2012
Microsoft said a member of its confidential Active Protections Program leaked information that prompted an exploit targeting a flaw patched in March.
- May 03, 2012
Microsoft said it plans to address flaws in Windows, Office, Silverlight and the .NET Framework.
- April 25, 2012
The Black Hole Exploit toolkit is behind the bulk of the HTML and Java exploits, according to version 12 of the Microsoft Security Intelligence Report.
- April 10, 2012
Microsoft repaired 11 vulnerabilities in April, including a critical update to its Internet Explorer browser and an ActiveX fix that affects a variety of software and server systems.
- April 05, 2012
Microsoft’s six bulletins include critical server repairs, Internet Explorer updates and a critical update of its .NET Framework.
- March 29, 2012
Adobe released a bulletin addressing critical flaws in Flash Player and rolled out a silent automatic update feature in Flash 11.2
- March 13, 2012
Vulnerability experts call the Microsoft Remote Desktop Protocol flaws dangerous and say they should be quickly addressed by patching admins.
- March 08, 2012
Microsoft’s March bundle of updates repairs seven vulnerabilities, including a critical Windows flaw.
- March 06, 2012
Adobe Flash Player update addresses two vulnerabilities that can be targeted by attackers to execute malicious code and obtain sensitive information.
- February 29, 2012
The beta version of the updated Secunia Personal Software Inspector was released at RSA Conference 2012. It features automatic software patching and a new interface.
- February 16, 2012
An Adobe Systems security update fixed seven critical flaws in Flash Player, including a cross-site scripting vulnerability being actively targeted by attackers.
- February 14, 2012
Flaws in Internet Explorer and the Windows C Runtime library could be used to gain access to system files and download additional malware onto a victim’s machine.
- February 09, 2012
Microsoft plans to fix coding errors in Internet Explorer, .NET Silverlight and Microsoft Office.
- February 03, 2012
Adobe security and privacy director Brad Arkin urges the security industry to develop technologies that make exploit writing costly.
- January 18, 2012
The two database patches represented a record low for repairs to Oracle’s database management system since the CPU program began in 2005.
- January 10, 2012
- January 10, 2012
Microsoft’s January 2012 Patch Tuesday included one critical security bulletin, addressing dangerous Windows Media errors that could be exploited remotely to gain access to a victim’s computer.
- December 29, 2011
A critical update affects all versions of Microsoft .NET Framework and other programming languages. The vulnerability could allow denial-of-service attacks.
- December 13, 2011
Microsoft’s 13 security bulletins included critical Windows and Windows Media Player updates.
- December 08, 2011
Microsoft is preparing to addressing 20 vulnerabilities for its December Patch Tuesday, including flaws in Internet Explorer, Windows Media Player and Microsoft Publisher
- December 07, 2011
Adobe has issued a warning about a critical zero-day vulnerability in Adobe Reader and Acrobat for Windows. An emergency security update is scheduled.
- November 08, 2011
Microsoft’s November 2011 Patch Tuesday security update features four bulletins, one critical, but no patch for the kernel-level vulnerability exploited by the Duqu Trojan.
- November 03, 2011
A full-blown Duqu zero-day patch won’t be ready for the November 2011 Patch Tuesday release, but experts say enterprises should be ready to deploy it quickly.
- October 11, 2011
Microsoft has issued eight security bulletins, two rated “critical,” for its October 2011 Patch Tuesday. It also released its 11th volume of its Security Intelligence Report.
- October 06, 2011
Microsoft’s eight security bulletins address flaws in Internet Explorer, Windows, Forefront UAG and the .NET Framework. Two bulletins are rated “critical.”
- September 22, 2011
Adobe said it is tracking reports that at least one of the coding errors is being actively targeted by attackers.
- September 13, 2011
Microsoft has issued five “important” security bulletins that address 15 flaws in Windows and Office and adds six more DigiNotar root certificates to the Windows Untrusted Certificate Store.
- September 08, 2011
Planned updates affect Microsoft Office, Excel and SharePoint Workspace 2010.
- August 09, 2011
Coding errors could enable attackers to target Windows machines remotely, gain access to sensitive data and gain complete control of a victim’s computer.
- August 04, 2011
The software giant’s August 2011 Patch Tuesday release will address 22 flaws, including two critical, in Windows, Office, Internet Explorer and Visual Studio.
- July 28, 2011
The virtualization vendor says a severe XenDesktop and XenApp security flaw needs immediate patching, or else an attacker may execute arbitrary code.
- July 12, 2011
Microsoft repaired a critical Bluetooth vulnerability and fixed more than 20 other flaws as part of its July security updates.
- July 07, 2011
The software giant plans to issue four bulletins, one rated “critical” as part of its Patch Tuesday scheduled security updates.
- June 20, 2011
Researchers detected a drive-by attack contained in malicious code hosted on a compromised restaurant website.
- June 14, 2011
Microsoft’s June Patch Tuesday includes a major security update to Internet Explorer and a repair fixing a serious SMB client bug.
- June 09, 2011
Microsoft is preparing to address 16 vulnerabilities in its Patch Tuesday bulletins next week.
- May 10, 2011
The software giant patched three vulnerabilities and revised its Exploitability Index for prioritizing patch deployments.
- May 05, 2011
Microsoft will revamp its Exploitability Index this month when it issues Patch Tuesday bulletins addressing flaws in Microsoft Windows and Office PowerPoint.
- April 12, 2011
Microsoft’s 17 bulletins repair a record 64 vulnerabilities, including four Internet Explorer flaws and several Server Message Block errors.
- April 11, 2011
Cybercriminals are actively targeting a Flash zero-day vulnerability that could cause a crash and enable an attacker to gain complete control of an affected system.
- April 07, 2011
The software giant will release a record number of patches April 12.
- March 14, 2011
A critical vulnerability in Adobe Flash Player is being targeted in attacks using Microsoft Excel files embedded with malicious Flash files.
- March 08, 2011
Microsoft issued three bulletins, one critical, repairing a DLL preloading issue affecting Windows Media Player and Windows Media Center.
- March 03, 2011
One critical and two important security bulletins are expected for Microsoft's Patch Tuesday.
- February 24, 2011
A Microsoft security advisory alerts users that an automatic update will repair a flaw in the Malware Protection Engine used across all of its antimalware products.
- February 09, 2011
Adobe addressed more than a dozen vulnerabilities in Flash Player and more than two dozen holes in Adobe Reader and Acrobat.
- February 08, 2011
Critical updates fix several serious vulnerabilities that are being targeted by attackers in the wild.
- February 03, 2011
In its advance notification, Microsoft said it would issue 12 bulletins, three critical, addressing holes in Windows, Internet Explorer, Office, Visual Studio and IIS.
- December 09, 2010
The software giant's last batch of scheduled fixes for 2010 is a "doozy" that will address critical remote code-execution flaws in Windows and IE.
- December 07, 2010
Survey finds some enterprises are overburdened with compliance issues and are using piecemeal patch testing and deployment processes.
- October 12, 2010
Huge update from Microsoft includes critical patches for Internet Explorer and fixes a flaw exploited by Stuxnet.
- September 23, 2010
Senior site editor Eric B. Parizo chides the grizzled security vets who are tired of news coverage about monthly and quarterly patches. Instead, he says, they should realize how critical it is.
- September 09, 2010
Among the nine bulletins are fixes for Windows, IIS and Microsoft Office, but probably not a fix for the recently discovered IE8 CSS bug that can harvest social network data.
- August 05, 2010
Security updates from Adobe will patch a critical flaw that was discussed at last week's Black Hat conference.
- August 05, 2010
Microsoft will release 14 security bulletins this month, the most the software giant has ever released in one month.
- August 03, 2010
TippingPoint's vulnerability disclosure team will give vulnerable vendors six months to create a patch.
- July 30, 2010
LAS VEGAS -- Brad Arkin and Adobe Systems Inc. have had to endure a lot of ribbing at Black Hat 2010. Arkin, senior director of product ...
- July 28, 2010
In an interview at Black Hat 2010, the software giant said it doesn't see the need to join Mozilla and Google in paying security researchers who discover bugs in its products. It also announced a new mitigation toolkit and a partnership with Adobe.
- July 22, 2010
While responsibility remains an imperative, it should be shared between researchers and security and software vendors, Microsoft said. Some security researchers are not impressed.
- June 08, 2010
During a Patch Tuesday full of almost a dozen bulletins and 34 vulnerabilities, Microsoft told customers to focus especially on three critical updates.
- May 20, 2010
New Web-based service is aimed at small and midsized businesses and can manage patch deployments via a browser-based console.
- April 14, 2010
Critical vulnerabilities affect Adobe Reader 9.3.1 and earlier versions. Latest round of patches uses new updater.
- March 30, 2010
Patch security professionals say that Microsoft's emergency update addressing IE vulnerabilities should be applied quickly.
- March 04, 2010
Virtual patching with intrusion prevention systems can offer a quick fix for vulnerabilities on an enterprise network, say experts at RSA Conference 2010, but the technique is no substitute for proper system and application patching.
- March 04, 2010
Next week, Microsoft will issue two bulletins that address eight vulnerabilities in Windows and Microsoft Office.
- March 03, 2010
Paying customers are often the overlooked voice in disclosure debates over software vulnerabilities, but during a RSA Conference 2010 panel discussion, one made his presence felt.
- January 21, 2010
Vulnerabilities could allow an attacker to infect victims with malware and take control of an infected machine.
- December 08, 2009
The final regular Microsoft update of 2009 repairs five critical vulnerabilities in IE and blocks public exploit code, which surfaced in November.
- August 20, 2009
Application vendor focuses on vulnerabilities in its Web application development tools.
- August 13, 2009
Despite critical Flash and Adobe Reader updates July 30, only a fraction of Adobe users have installed them, Trusteer says. Trusteer's CEO urges better patching mechanisms.
- August 13, 2009
IT pros need to take patch management processes seriously and more dilligently understand the plethora of applications being used by end users.
- July 27, 2009
In addition to updating the public on its new security programs, the software giant is issuing a guide outlining its patching process and how to assess vulnerability data.
- July 09, 2009
Users of ColdFusion 8 can apply a patch which blocks ongoing attacks compromising websites built with the application development platform.
- July 09, 2009
The software giant said it would issue six updates including three critical, repairing two flaws being actively targeted in the wild.
- June 25, 2009
Adobe released an update to its Shockwave Flash Player to repair a critical flaw that could allow an attacker to take complete control of a system.
- June 12, 2009
Mozilla patched 11 flaws including six critical vulnerabilities that could be exploited by an attacker to gain access to system files.
- June 09, 2009
Zero-day flaws in Microsoft Internet Information Services (IIS) Web server and Internet Explorer were among 31 vulnerabilities repaired Tuesday.
- June 09, 2009
Adobe's first quarterly security patch release includes fixes for critical vulnerabilities in Adobe Reader and Adobe Acrobat.
- June 04, 2009
The software giant plans to issue six critical bulletins repairing flaws in Internet Explorer, Word, Excel and Office.
- May 21, 2009
Adobe Systems Inc. said it would bolster its patch management strategy, issuing quarterly updates for its adobe Reader and Acrobat PDF software.
- May 12, 2009
One of the PowerPoint zero-day flaws was being actively targeted by attackers.
- May 07, 2009
Attackers are actively targeting a remote code execution vulnerability in PowerPoint to take complete control of an affected system.
- April 22, 2009
Mozilla's latest browser release repairs a critical vulnerability that could have been exploited to run arbitrary code.
- April 14, 2009
Oracle's quarterly Critical Patch Update contained patches for 16 database flaws and dozens of others correcting errors in Oracle Application Server and its BEA product line.
- April 14, 2009
Microsoft is patching flaws in Excel and WordPad that are reportedly being actively exploited in the wild and could allow an attacker to gain access to sensitive data.
- March 24, 2009
The remote network software contains flaws that could be exploited to gain access to critical files.
- March 12, 2009
Security researchers and vendors tackle the issue of full and partial disclosure of vulnerability information during a panel discussion at the SOURCE Boston conference.
- March 10, 2009
A critical flaw in the Windows graphics rendering component could be exploited by an attacker to gain access to sensitive data and take control of a machine.
- March 10, 2009
The latest version of Adobe Acrobat Reader corrects a critical image handling flaw being actively exploited in the wild.
- February 25, 2009
Flaws in Adobe Flash Player could be used by an attacker to gain access to system files and take control of a computer. Adobe recommends updating to the latest version.
- February 24, 2009
"Home brew patch," blocks attempts by hackers to exploit an unpatched buffer overflow vulnerability in Adobe Reader 9.
- February 12, 2009
A coalition of more than a dozen organizations is working together to fend off the potential damage posed by the Conficker/Downadup worm.
- February 10, 2009
Memory corruption errors in IE 7 and a message processing error in Exchange leave systems vulnerable to attack, Microsoft said.