Microsoft has released 14 updates today, resolving 55 distinct vulnerabilities including three publicly disclosed vulnerabilities. Microsoft also updated ADV180002 and ADV180012 regarding Meltdown and Spectre variants. ADV180002 looks like it just received some housekeeping so for variants 1 (CVE-20
Most of the excitement may already have passed with Adobe’s Flash Player release on June 7th. The discovery of a Zero Day vulnerability (CVE-2018-5002) being exploited in the wild resulted in a Flash Player update (APSB18-19) which included the fix for the exploited vulnerability and three others.
Microsoft has released their Patch Tuesday update and it includes quite the lineup this month. 66 unique CVEs are being resolved this month. This includes two zero-day vulnerabilities and two public disclosures. The updates this month affect Microsoft Windows, Internet Explorer, Edge, Office, .Net F
Microsoft has released updates today including 65 vulnerability fixes. While there are no Zero Day exploits in the April patch release, there were a couple of Zero Days identified between March and April Patch Tuesdays, which we will mention in a moment. There is one public disclosure this month in
Nobody on their deathbed has ever said, "I wish I had spent more time at the office." The same can be said in regards to security. "I wish I spent more time responding to security breaches," is a sentence not likely to be said by anyone, unless the person works for a security firm contracted to resp
Microsoft has released 14 updates this month including updates for all supported Windows Operating Systems, versions of IE, Office, SharePoint, and Exchange server. There are also ASP.NET Core, Chakra Core, and PowerShell Core updates. These do not have a patch package to update, but new binaries a
Microsoft has released a pretty typical lineup this month. All the Operating System updates, Internet Explorer, Flash for IE, Edge, Office, and SharePoint are accounted for in February. There are a total of 50 unique vulnerabilities being resolved by Microsoft this month with one public disclosure.
Trust is a big concern. Who would you trust to give you parenting advice? Who would you trust for financial guidance? More and more we should be very careful about who we trust for cybersecurity guidance. How you do validate guidance and more importantly the resolution to a security vulnerability, t
January Patch Tuesday Update Episode II A long time ago (last Thursday), in a development team far far away (Redmond), a band of developers acted early in a surprise attack to thwart the forces of evil by releasing a series of Operating System updates for the Windows platform. These OS updates help