Tag: patch tuesday
-
The ghost of Stuxnet past
Microsoft patches .LNK vulnerability after 2010 patch was found to be incomplete. Mention Stuxnet and you’ll have many a security researcher’s attention. The worm, which was discovered in 2010, used a number of zero-day vulnerabilities to reach its target: air-gapped Windows PCs at the Natanz nuclear plant in Iran. Most prominent among these was CVE-2010-2568…
-
Microsoft no longer publishes advance notifications for its Patch Tuesdays
Company unhappy with Google going full disclosure on privilege escalation vulnerability. Tomorrow is the second Tuesday of the month and, as most people reading this blog will know, this means Microsoft will release security updates for its software products. But this “Patch Tuesday” will be slightly different from previous ones, as the company has stopped…
-
Microsoft to publish security bulletins in CVRF format
Standard will streamline process of reviewing patches. Software giant Microsoft has announced that it has started to publish its monthly security bulletins in the CVRF format. CVRF, or Common Vulnerability Reporting Framework, is a standard developed by the Industry Consortium for Advancement of Security on the Internet (ICASI), which was founded in 2008 to address…
-
Hefty Patch Tuesday bulletin rounds off bumper year
No sign of an end to vulnerability glut. Microsoft released its monthly Patch Tuesday security bulletin yesterday, with details of a hefty 17 alerts covering 40 separate vulnerabilities. Although only two of this month’s haul were marked as ‘Critical’, many others could be used to launch malicious attacks on vulnerable systems. The Critical alerts included…
-
Security fixes from Apple and Microsoft
100 security fixes in latest OS X update; three MS security updates in this month’s patch release. The latest release of Mac operating system OS X ( Mac OS X v10.6.5 ) contains over 100 security updates, including fixes for vulnerabilities in Apache , the Flash Player plug-in, Image Capture and MySQL . A range…
-
Giant patch release from Microsoft, Oracle
Record Patch Tuesday combines with swathe of extra fixes for corporates. It’s a busy week for corporate admins as Microsoft ‘s monthly Patch Tuesday security bulletin, containing a bumper 16 separate alerts covering nearly 50 separate vulnerabilities in the company’s software range, emerged the same day as a similarly sizeable raft of fixes from Oracle…
-
Extra-large crop of updates for Patch Tuesday
Fourteen security alerts from Microsoft join two from Adobe. Microsoft ‘s monthly Patch Tuesday security bulletins came out this week, featuring a chunky 14 separate alerts with many covering multiple issues. Eight of the new alerts were rated ‘Critical’, with the remaining six marked as ‘Important’. In addition to Microsoft ‘s updates, Adobe also released…
-
Patches come thick and fast in major update spree
Monthly and out-of-band issues flood admins’ to-do lists. The release of this month’s Patch Tuesday security bulletins from Microsoft , with a fairly average 10 alerts covering 34 separate vulnerabilities, is accompanied by a number of additional fixes and updates which will keep security admins busy this week. Adobe has announced plans to provide an…
-
Patch Tuesday release includes 13 bulletins
26 vulnerabilities featured in sizeable update set. After a relatively quiet January, administrators are faced with a hefty workload this week as Microsoft ‘s monthly Patch Tuesday security release featured 13 updates covering 26 separate issues with Windows and other Microsoft software. In five bulletins labelled ‘Critical’, remote code execution problems with TCP/IP, SMB clients,…
-
IE zero-day bug fixed in Patch Tuesday updates
Serious browser bug main feature of monthly alerts, Adobe Flash issue also patched. Microsoft has released the December Patch Tuesday security bulletin, with a total of six alerts. The most significant issue covered is a serious vulnerability in the Internet Explorer browser software. Three of the six bulletins were marked as ‘Critical’, with vulnerabilities in…