Third party patch and vulnerability roundup: October 2014

Here we go again – another end-of-month has rolled around and it’s time to check out the security updates, other than those issued by Microsoft on Patch Tuesday, that have hit the streets since last we met here.

Continue reading

It’s Fiesta time! (And that’s not a good thing)

If you’ve neglected to apply the October patches released by Adobe for their Flash Player, attackers might be partying down with your computers.

Continue reading

OLE again: Microsoft Security Advisory warns of remote code execution risk

Today (October 21) Microsoft put out another security advisory regarding OLE. Once again, opening a maliciously crafted Office file could expose a system to attack if someone exploits this vulnerability.

Continue reading

Oh, no – not again: More patch problems rear their ugly heads

It seems October is bringing brand new troubles for those who were brave enough to install the Microsoft Patch Tuesday patches immediately after release.

Continue reading

SSL 3.0 vulnerability poses widespread threat

POODLE is an industry-wide threat because it’s a vulnerability in the SSL 3.0 protocol, which is supported by almost all web browsers on all platforms.

Continue reading

October Patch Tuesday roundup

This month brings us eight security bulletins from Microsoft (not nine as previously reported). Only three of the eight patches are rated critical and those three pertain to remote code execution vulnerabilities.

Continue reading

How much do you trust technology?

Machines are analyzing the data and making many of the decisions that used to be the province of human beings. In some cases, this has had very positive results; in others, not so much.

Continue reading

October Advance Notification: Time for nine

We have a medium-sized slate of patches: nine in all, three of which have been given a severity rating of critical; all of those are remote code execution issues – as are the vast majority of critical patches. One is rated moderate, and the remaining five are classified as important.

Continue reading

Apple issues patch for BASH

Apple has now issued its own patch for OS X Lion, Mountain Lion and Mavericks. It’s called OS X bash Update 1.0 and it can be downloaded from the Apple web site. The update is also available for OS X Lion Server.

Continue reading

Third-party patch and vulnerabilities roundup – September 2014

It’s been an interesting month on the patch and vulnerability front, starting from BASH, also known as Shellshock; going on to the release of iOS 8 and the resulting fiasco in which Apple released a fix that caused even bigger problems; and Adobe delaying the release of its patches. More here!

Continue reading