Microsoft has delayed the release of this month’s security updates. Just minutes before the scheduled updates release, they provided a short statement on TechNet announcing a delay. No new timeline has been provided for the February updates but we will continue monitoring the situation and provide an update on the blog and in a bulletin to our customers when we learn more.
The big news in today’s January Patch Tuesday is that this release marks the end of the 12-year Patch Tuesday update cycle as we know it. Last month, Microsoft announced impending changes to their security update process, which is set to begin in February. Before jumping into more detail on what the coming year will look like for your patch team however,
Because everyone deserves a little good news this time of year, let’s start this month’s Patch Tuesday analysis on the bright side. In the 12 security updates released by Microsoft today, there are currently no active exploits. However, the 6 bulletins that have been rated critical are executed when an unsuspecting user opens a malicious file.
November Patch Tuesday is forced to share the spotlight this month. It’s Election Day in the U.S. and likely on the minds of most people. However, Microsoft also released 14 security updates today, 6 of which are rated critical. Thankfully, there is just one active exploit on an older version of Windows this month so once you’ve cast your vote,
Cyber criminals have plenty of opportunity this month with 5 vulnerabilities now under active exploit, 2 of which are shared. Microsoft has released 10 bulletins this October Patch Tuesday to address those and other vulnerabilities found in both current and old code. Quick response will be of particular importance this month.
As is often the case,
The lazy days of summer are definitely over as Microsoft released 14 bulletins in today’s September Patch Tuesday. There are 7 updates rated critical so it is time to get to work. The bulletins also include an update for Adobe Flash Player that’s important for most Windows users to address so all in all,
It’s the time of year where back to school is on the minds of many. As your brain shifts out of summer vacation mode, remember the cardinal rule of security and put it into practice: don’t provide administrative access to anyone who doesn’t absolutely have to have it. Users should ALWAYS have the least privilege they need for their jobs.
A little bit of good news on the patch front this month. Microsoft issued 11 updates today, 6 of which are critical, but none of the 40 unique vulnerabilities are under active attack. The software maker is using what is likely a brief reprieve to clean up old code so if you’re using Vista,
Don’t take off on that summer vacation just yet – Microsoft released another 16 security bulletins in today’s June Patch Tuesday and 5 of those are rated critical. While there are quite a few updates to be made, both on the client and server side, across a broad range of legacy and current code, the good news is none of them are under active exploit.
It wasn’t that long ago we were debating the value (improved productivity; increased employee satisfaction) personal mobile devices could bring to the enterprise, beyond BlackBerry Enterprise Server. Note I say ‘could.’ Just a few short years ago, we were still discussing whether or not organizations should allow employees to rely on mobile devices for work and whether that would come via personally owned devices or a fleet of pre-approved devices owned and managed by the organization.
Microsoft released 16 bulletins for May Patch Tuesday today – 8 of which are critical. It’s a big month overall with more than 30 CVEs addressed in total. There are also two zero days included that demand your quick attention.
If your users still use Internet Explorer, make sure MS16-051 gets applied right away.
If you pay any attention to infosec headlines, you’ve likely seen it’s once again that time of year when Verizon releases its Data Breach Investigations Report (DBIR). The 9th annual report was released yesterday and while much of it isn’t surprising, it is entirely disheartening.
A quick review of the findings show cybercrime continues to target what hackers obviously deem the weakest link in the chain,
Microsoft released 13 bulletins for April Patch Tuesday today; 6 of which are rated critical. Thirty vulnerabilities have been addressed in total and the software impacted is widespread. Perhaps most importantly, there are also zero-days in the mix. To avoid compromise, IT should get these updates made quickly.
First on your list of priorities this month should be the security update for Adobe Flash.