Tag: patch
-
Microsoft issues emergency patch
Out-of-cycle update fixes serious, wormable flaw. Microsoft has issued an emergency update to cover a serious vulnerability in the Windows Server service, breaking its usual monthly ‘Patch Tuesday’ cycle of security fixes. The flaw was considered serious enough to merit an urgent patch release, although Microsoft will only confirm having seen the usual ‘limited, targeted’…
-
DNS flaw exploitation danger growing
Slow patchers targeted by sophisticated attacks. The serious vulnerability in the implementation of DNS systems has been targeted by malicious attacks, as security watchers have been predicting since the flaw was first disclosed. With many developers and service providers yet to implement patching regimes for the issue, those still leaving their servers open for spoofing…
-
Patch Tuesday sees serious DNS flaws fixed
Nothing marked critical, but some very important patches issued. Microsoft ‘s latest ‘Patch Tuesday’ round of security updates for once contains no bulletins marked as ‘critical’, but some of the four updates labelled ‘important’ address major issues posing serious threats to web users worldwide. Two of the patches fix problems with Exchange Server and Windows…
-
Microsoft releases latest Patch Tuesday fixes
7 vulnerabilities, 3 critical, addressed in June security update. Microsoft has issued its monthly ‘Patch Tuesday’ set of security fixes, with seven separate areas covered of which three are flagged as ‘critical’ and could expose vulnerable systems to remote code execution. The most serious areas affected are the DirectX multimedia system, the Windows Bluetooth stack,…
-
Latest Patch Tuesday update released
Microsoft announces five ‘critical’ vulnerabilities need fixing. Microsoft has issued its monthly ‘Patch Tuesday’ security bulletin, with five ‘critical’ and three ‘important’ patches made available. The more serious flaws are vulnerabilities in MS Project and the scripting engines for VBScript and JScript , problems with ActiveX and GDI , and the usual cumulative update fixing…
-
Latest Patch Tuesday release
March’s Patch Tuesday sees four ‘critical’ updates. Microsoft has released its monthly ‘Patch Tuesday’ security bulletin. This month the bulletin features four ‘critical’ updates, all of which apply to different components of the Office suite of products, and all of which fix vulnerabilities that allow remote code execution on a machine running the affected software.…
-
Cisco announces ‘Patch Wednesdays’
Cisco set to embark on regular release cycle. Following a trend set by Microsoft ‘s monthly ‘Patch Tuesdays’ and Oracle ‘s quarterly security updates, networking giant Cisco has announced it will release patches for its Internetwork Operating System ( IOS ) on fixed dates. The patches, which Cisco calls ‘Security Advisories’, will be released on…
-
Microsoft research revives ‘friendly worm’ ideas
Malware techniques proposed as update-spreading method. A group of Microsoft researchers have put forward proposals to use worm techniques to spread patches and updates across networks, reopening an age-old debate on the possibility of ‘beneficial malware’. The research, to be presented at the INFOCOM conference in April by a team from Microsoft ‘s Cambridge, UK,…
-
Bumper Patch Tuesday short of one patch
Excel remains vulnerable as expected fix is dropped. Microsoft has issued its monthly ‘Patch Tuesday’ set of security updates, with a larger than usual crop of patches for a variety of products, including several for the Office range and Internet Explorer browser. However, one significant patch – for a vulnerability in Excel – was withdrawn…
-
More PDF exploits seen in wild
Adobe Reader and Acrobat flaws open way for further document attacks. A string of vulnerabilities in Adobe ‘s PDF viewing and editing software, disclosed late last week by Adobe and iDefense , have been exploited by malicious attacks using PDF files to launch malware. The flaws, which include several buffer overflows, a library path vulnerability…