A Delayed Start for Microsoft’s Security Bulletin Replacement Program

Microsoft has delayed the release of this month’s security updates.  Just minutes before the scheduled updates release, they provided a short statement on TechNet announcing a delay.  No new timeline has been provided for the February updates but we will continue monitoring the situation and provide an update on the blog and in a bulletin to our customers when we learn more.

> Read More

A New Year Signals the End of Patch Tuesday As We Know It

The big news in today’s January Patch Tuesday is that this release marks the end of the 12-year Patch Tuesday update cycle as we know it. Last month, Microsoft announced impending changes to their security update process, which is set to begin in February. Before jumping into more detail on what the coming year will look like for your patch team however,

> Read More

2016 Closes Out Patch Tuesday with 12 December Updates

Because everyone deserves a little good news this time of year, let’s start this month’s Patch Tuesday analysis on the bright side. In the 12 security updates released by Microsoft today, there are currently no active exploits. However, the 6 bulletins that have been rated critical are executed when an unsuspecting user opens a malicious file.

> Read More

November Patch Tuesday: Election Style

November Patch Tuesday is forced to share the spotlight this month. It’s Election Day in the U.S. and likely on the minds of most people. However, Microsoft also released 14 security updates today, 6 of which are rated critical. Thankfully, there is just one active exploit on an older version of Windows this month so once you’ve cast your vote,

> Read More

14 Bulletins for September Patch Tuesday

The lazy days of summer are definitely over as Microsoft released 14 bulletins in today’s September Patch Tuesday. There are 7 updates rated critical so it is time to get to work. The bulletins also include an update for Adobe Flash Player that’s important for most Windows users to address so all in all,

> Read More

Back to School with August Patch Tuesday

It’s the time of year where back to school is on the minds of many. As your brain shifts out of summer vacation mode, remember the cardinal rule of security and put it into practice: don’t provide administrative access to anyone who doesn’t absolutely have to have it. Users should ALWAYS have the least privilege they need for their jobs. 

> Read More

Another 16 Updates for June Patch Tuesday

Don’t take off on that summer vacation just yet – Microsoft released another 16 security bulletins in today’s June Patch Tuesday and 5 of those are rated critical. While there are quite a few updates to be made, both on the client and server side, across a broad range of legacy and current code, the good news is none of them are under active exploit.

> Read More

The (Sad) Case for BYOD Management

It wasn’t that long ago we were debating the value (improved productivity; increased employee satisfaction) personal mobile devices could bring to the enterprise, beyond BlackBerry Enterprise Server. Note I say ‘could.’ Just a few short years ago, we were still discussing whether or not organizations should allow employees to rely on mobile devices for work and whether that would come via personally owned devices or a fleet of pre-approved devices owned and managed by the organization.

> Read More

People Weak Link in Security Chain, Says New Report

If you pay any attention to infosec headlines, you’ve likely seen it’s once again that time of year when Verizon releases its Data Breach Investigations Report (DBIR). The 9th annual report was released yesterday and while much of it isn’t surprising, it is entirely disheartening.

A quick review of the findings show cybercrime continues to target what hackers obviously deem the weakest link in the chain,

> Read More

Zero-Days Make April a Critical Patch Tuesday

Microsoft released 13 bulletins for April Patch Tuesday today; 6 of which are rated critical. Thirty vulnerabilities have been addressed in total and the software impacted is widespread. Perhaps most importantly, there are also zero-days in the mix. To avoid compromise, IT should get these updates made quickly.

First on your list of priorities this month should be the security update for Adobe Flash.

> Read More