XP End of Support Options

The end of support for Windows XP has disastrous potential for those who do not prepare for it. Anyone still on the OS can expect an onslaught of malware after April 8th, 2014 – the date Microsoft will no longer ship security patches for XP.

Any bad guy out there with an XP exploit will likely sit on it until EOS for obvious reasons – it’s simply more profitable for them.

> Read More

Past, Present and Future of Endpoint Security

In the throes of holiday shopping season, 110 million Target customers woke to the news that cleverly placed malware had pilfered their credit- and debit card numbers, along with other sensitive data. We aren’t yet certain who was behind the massive attack on Target and, evidently other large retailers, or how the heist was orchestrated.

> Read More

Patch Tuesday Delivers MS Graphics Patch But Leaves Out XP and Windows 2003 Vulnerability

Microsoft released 11 bulletins for the final Patch Tuesday of the year. In 2013 we saw a total of 106 bulletins which is an increase of 22% over 2012’s total count.

December’s patches include 5 critical, 6 important and they cover 24 CVEs. As promised, Microsoft addressed the Graphics Components vulnerability in bulletin MS13-096.

> Read More

Patch Tuesday Fix for MS Graphics Component Issue But Otherwise Little Holiday Joy for XP and Windows 2003 Users

December’s Patch Tuesday will include 11 security bulletins:

5 Critical
6 Important

These 11 bulletins bring us to the close of 2013 with 106 Bulletins released by Microsoft, up from last year’s 83.

On Tuesday, Microsoft will address the vulnerability documented by the November Microsoft Graphics Components advisory 2896666.

> Read More

October Patch Tuesday Includes IE Patch and 7 Others

Microsoft released 8 patches this October Patch Tuesday – 4 are critical and 4 important. Two pieces of good news this month – the IE vulnerability Microsoft released a fix-it for last month will be included in this month’s crop of patches and the bulk of the October issues do not impact the current code base.

> Read More

Microsoft Releases Security Advisory and Fix It for IE

Microsoft is aware of targeted attacks that attempt to exploit the vulnerability in Internet Explorer 8 and 9. With the additional security that is available in IE 10 and 11 users should be less concerned. Applying the Microsoft Fix it solution, “CVE-2013-3893 MSHTML Shim Workaround,” prevents the exploitation of this issue. Get the Fix It solution here: http://support.microsoft.com/kb/2887505

The good news is there is a Fix It to apply and there are a number of mitigating factors you can employ,

> Read More

Apple Fingerprint Scanner: Game Changer or Game Over?

Apple’s announcement of the company’s new iPhone 5S comes equipped with a fingerprint scanner has the potential to be a real game changer for personal device security – if it’s done right. There are two factors that will determine the real success of this new feature, which has undeniable potential. First, reliability and second,

> Read More

A September to Remember This Patch Tuesday

UPDATE September 16, 2013: Due to installations problems and some re-targeting issues, Microsoft re-issued a few patches last week. Get the new updates on the Microsoft blog.

This is definitely a September to remember – last year at this time Microsoft released only 2 bulletins and both were only rated Important.

> Read More

Current Codebase Spared Critical Issues This Patch Tuesday

4 Critical  10 Important 

Microsoft is readying the release of 14 bulletins this September Patch Tuesday. Four are considered critical and the remaining 10 important. Internet Explorer, Windows XP and Windows 2003 will take the brunt of this month which is something we hopefully will see more of as the XP end-of-life date of April 8,

> Read More

Keep Calm and Patch On This Patch Tuesday

Microsoft released 8 security bulletins this Patch Tuesday. At first glance, that may seem like a high number but the good news is, at this time, none of the vulnerabilities have been under active attack. While 3 bulletins are considered critical with the balance important, two should be your top priority. MS13-059 is an Internet Explorer issue with 11 vulnerabilities.

> Read More

The Danger of Open Access to University IP

When I saw last week’s New York Times story about the problems universities are experiencing with cyber attacks, my first thought was one of surprise. Wasn’t this kind of story published years ago? Hackers are opportunistic and universities pride themselves on providing free and open access to materials. Cyber attacks on research universities have been happening for some time.

> Read More