Patch News, Articles and Updates
Mozilla pushed out two security patches for Firefox on Oct. 20 rated as potentially having a high impact on users of the popular browser.
Cisco released security updates for several products, one of which fixes a flaw that could allow remote execution if exploited.
An APT group has distinguished itself employing PowerShell in its coding platform used to distribute malware.
Oracle released its latest batch of patches on Tuesday to address 253 security vulnerabilities for 76 products.
A recent study found that security teams should stay vigilant to ensure open-source software is secure.
Sierra Wireless issued a warning to users urging them to change their default factory credentials.
An Italian researcher who discovered a bug in IBM WebSphere and then worked with the company for two months on fixing the flaw, had his research censored by Big Blue.
Heap overflow, out-of-bounds read and unallocated memory free operation vulnerabilities were addressed with a patch.
Microsoft today issued 10 bulletins covering 45 vulnerabilities, including 5 zero days for this month's Patch Tuesday update, the first using the company's new update methodology.
Adobe's October Patch Tuesday roll out featured three bulletins covering 84 vulnerabilities for Flash Player, Reader, Acrobat and Creative Cloud Desktop Application with all but one being rated as critical.
Users had complained Windows 10 Anniversary wouldn't install on their computers.
A number of vulnerabilities found in an industrial automation device could allow hackers to take control of machinery.
Cisco Talos researchers spotted a remote code execution vulnerability in the FreeImage Library XMP Image Handling affecting version 3.17.0.
ISC released an update Tuesday for a high-severity security flaw affecting open source software that implements DNS protocols.
Tesla has releases a major firmware update in response to a video posted by a group of Chinese researchers that displayed a series of vulnerabilities the electric car company's vehicles.
The Electronic Frontier Foundation (EFF) is criticizing HP for using a security update to also install a function that when recognizing a non-HP printer cartridge triggers a printer to shut down.
The Drupal Security Team issued updates for a pair of critical flaws, one allowing remote code execution and another giving access to parts of the system without full administrative permissions.
Security researcher Arun Sureshkumar earned $16,000 after disclosing a vulnerability in Facebook Business Manager that, if exploited, could have allowed attackers to take over a targeted victim's Facebook page.
Google Chrome released a stable channel update for its desktop applications for Windows, Mac and Linux.
Microsoft's September Patch Tuesday offering that rolled out today is the last to be delivered under this update system with the company moving to a "monthly rollup" delivery mechanism starting in October, something not all industry insiders see as a positive move.
Information security researcher Dawid Golunski spotted several critical vulnerabilities in MySQL.
September's Patch Tuesday kicked off with a notification from Adobe that it has made available security updates for Adobe Digital Editions, AIR SDK & Compiler and Flash Player, which alone had 29 critical vulnerabilities.
Bloggers using the WordPress platform are "strongly encouraged" to update their sites immediately to address persistent XSS issues.
Google has released patches for 57 security vulnerabilities affecting Android devices. Eight of the flaws were issued a "critical" rating.
Last week, Apple issued security updates to patch a serious flaw affecting iPhone and iPad users. Yesterday it addressed a similar flaw on its desktops.
On the same day that Cisco issued 12 advisories addressing vulnerabilities in its product line -all but one resolved via updates - Google yesterday announced the stable release of Chrome 53, which contains 33 of its own security fixes.
Adobe today has released security hotfixes for a critical information disclosure vulnerability that exists in ColdFusion versions 10 and 11, across all platforms.
A series of flaws affecting the consumer security suite Kaspersky Internet Security was patched by Kaspersky Lab.
Accellion Kiteworks appliance versions prior to kw2016.03.00 contain multiple vulnerabilities which can allow an attacker to conduct cross-site scripting attacks or to view limited sets of files.
Cisco updated a security advisory for a remote code execution vulnerability affecting the SNMP application-layer protocol.