Blog

Zero-Day

April Patch Tuesday 2017

April Patch Tuesday release from Microsoft is only about a third of the size of the March release. There are a total of 46 unique vulnerabilities (CVEs) being resolved, three of which have been publicly disclosed (CVE-2017-0210, CVE-2017-0199, CVE-2017-0203) and two of those have been exploited in t

Read more...

March Patch Tuesday 2017

If you miss a Patch Tuesday things begin to accumulate.  March’s lineup makes this very apparent.  Microsoft just released two months’ worth of updates that include 18 total bulletins (Yes, I said bulletins, we will get to that), 9 Critical \ 9 Important, a total of 136 unique CVEs, 3 Zero Days, and

Read more...

March 2017 Patch Tuesday Forecast

By the end of March will anyone remember that Microsoft missed a Patch Tuesday?  I am going to go with vague memories, but overcast by so much more excitement happening this month! Be sure to check out all of Ivanti’s patch products: Patch for SCCM Patch for Windows Patch for Linux, UNIX, Mac Patch

Read more...

December Patch Tuesday 2016

December Patch Tuesday has a flurry of exploits and public disclosures. Coming in to Patch Tuesday, we already had one zero day from Mozilla (CVE-2016-9079) which updated on November 30. Today, Adobe released nine bulletins, including a critical update for Adobe Flash that resolves a zero day (CVE-

Read more...

November Patch Tuesday Forecast 2016

Since October Patch Tuesday there has been a lot of activity. Oracle released their quarterly CPU including an update for Java JRE, Adobe resolved a Zero Day in Flash Player, our tip of the month, and a quick look at what to expect next week as Patch Tuesday hits. On the Horizon Actually more of a c

Read more...

June Patch Tuesday 2016

I am chilling up in Daresbury, UK this Patch Tuesday, so instead of working through lunch I am working through dinner. ROOM SERVICE! There are two not so very surprising events this evening. First, it is raining in the UK. Second, Adobe Flash Player has a zero day! Like I said, no surprises. CVE-20

Read more...

Flash Zero Day Closure, or maybe not...

[tweetthis]#FlashPlayer #ZeroDay @MicrosoftSecurity rereleases MS16-064 include CVE-2016-4117 @shavlikprotect[/tweetthis] It was a confusing week for those tracking the Adobe Flash Player update.  Let me summarize what happened and what may still be lingering. Flash Player did announce an Advisory o

Read more...