Patch Management

Microsoft prepares seven patches for 20 security issues

By

The software giant said one of the seven bulletins addresses critical vulnerabilities in Word.

Light Patch Tuesday will include new encryption rule

By

Next week's monthly patch batch from Microsoft is not very burdensome, but it includes a new requirement that certificates must contain RSA key lengths of more than 1,024 bits.

Apple issues Java updates after Oracle emergency patch

By

Apple has released Java updates to patch vulnerabilities in Mac OS X Lion, Mountain Lion and Snow Leopard.

Oracle issues emergency fix for Java security vulnerabilities

By

Patch alert: In a rare, if not unprecedented, move, Oracle on Thursday issued an out-of-cycle patch for gaping holes in Java 7 that have been widely exploited to spread malware.

Java exploit in BlackHole shows immediate success

By

In light of the fast-spreading Java 7 exploit, Mozilla has become the first browser maker to suggest users disable Java functionality.

New Java exploit on the loose, unofficial patch may help

By

A new Java exploit is expected to become more widespread now that proof-of-concept code has been published. Oracle isn't scheduled to update Java until October.

GAO scolds EPA for poor security

By

In a report released this week, the federal Government Accountability Office (GAO) found that the EPA, which just announced a server breach resulting in the personal information compromise of 7,800 people, is falling short in several areas.

Microsoft, Adobe issue security updates for more than 50 bugs

By

Microsoft plugged 26 vulnerabilities, and Adobe shored up 26 of its own as part of a monster Patch Tuesday. Each company is grappling with an active exploit as well.

Microsoft set to release nine patches for 10 security bugs

By

Microsoft is prepping fixes for 10 vulnerabilities, with researchers' expecting the highest-priority fixes to involve issues in Internet Explorer and Exchange.

Reuters blog platform may still be out of date despite hack

By

WordPress is a common vector of attack because many fail to install the blogging platform's latest patches.

Oracle plans 88 security fixes on Tuesday

By

Oracle on Tuesday is planning to release 88 patches to address vulnerabilities across a wide range of the company's products, according to an announcement.

Patch Tuesday: Microsoft pushes nine fixes for 16 flaws

By

In addition to 15 other vulnerabilities, Microsoft plugged a gaping Core XML Services hole that was being used in active exploits being foisted through Internet Explorer.

Microsoft to issue nine patches, no word on XML fix

By

Microsoft's monthly security update will be comprised of nine fixes to address 16 vulnerabilities, but it is unclear if a zero-day vulnerability in XML Core Services, which is under active exploit, will be remediated.

VMware releases patches for bugs found in its products

By

VMware addressed flaws that enable attackers to carry out malicious activity.

Java updates from Oracle and Apple come on same day

By

Traditionally, Apple has taken some time to release updates for its own version of third-party software. But that may be changing if Tuesday's concurrent patches for Java are any guide.

On Patch Tuesday, Microsoft warns of zero-day attacks in IE

By

Separate of the patches it released, Microsoft on Tuesday warned of attacks underway that are targeting a zero-day vulnerability residing in XML Core Services, according to an advisory.

Microsoft patches IE, RDP security vulnerabilities

By

As part of its regularly scheduled patch release, Microsoft issued fixes for gaping vulnerabilities in Internet Explorer and Remote Desktop Protocol. The software giant also released a new feature that, in the wake of the Flame virus, enables certificates to be automatically updated.

Flash gets patched by Adobe

By

Adobe on Friday released a new version of its popular Flash Player to patch seven vulnerabilities, according to a bulletin.

Microsoft prepares seven patches to correct 25 security bugs

By

The fixes are set to address 25 vulnerabilities, covering Windows, Internet Explorer, Visual Basic for Applications, Dynamics AX and the .NET Framework.

Mozilla fixes "critical" bugs in new release of Firefox

By

Thirteen security vulnerabilities were fixed this week when Mozilla released Firefox 13.

Microsoft calls on users to fix Flame security bug

Microsoft calls on users to fix Flame security bug

By

Microsoft warned its users that the same vulnerability used to foist the Flame virus could be employed by seemingly less skillful attackers to compromise computers and plunder information.

Apple releases Safari, OS X fixes

By

Apple and Adobe this week released patches for vulnerabilities that could enable attackers to execute malicious code.

Microsoft hands out more Duqu fixes despite prior patch

By

Just when you thought all of the windows that control system recon trojan Duqu used to propagate had been roped off, the software giant releases a new set of fixes.

Major software flaws in iPhones, iPads fixed in update

By

A difficult-to-find vulnerability, disclosed in March at Google's inaugural hacker competition, was among the iOS fixes.

Twenty-three Microsoft fixes set for Patch Tuesday

By

Microsoft on Tuesday plans to dispense seven patches to correct 23 security vulnerabilities.

Flash flaw being used to deliver email based attacks

By

Adobe on Friday issued an emergency patch for a critical bug in its Flash Player software that is being used in targeted malware attacks.

Chinese firewall maker booted from Microsoft sharing program

By

The leak of details regarding a major Windows bug, which resulted in the removal of DPTech Technologies as a trusted Microsoft partner, calls into question how impervious a vulnerability sharing program can be.

Oracle lists workarounds following zero-day disclosure

By

Oracle on Monday urged customers to apply a number of technical measures so organizations can avoid falling victim to a zero-day vulnerability for which proof-of-concept code has been posted.

Researcher confused over handling of Oracle database bug

By

A security researcher who reported a vulnerability in the popular Oracle database product said Thursday that his discovery was never patched and remains wide open to attack.

Firefox and Opera unveil new security, privacy features

By

Firefox's update includes a new auto-update capability, while Opera's new release contains functionality to prevent the tracking of online users by websites.

Sign up to our newsletters

POLL