Adobe Overshadows ‘Last’ Microsoft Patch Tuesday

In the last Patch Tuesday before users may upgrade their Windows operating systems to Windows 10 on July 29 and subsequently enlist a changed patching process, we have 14 updates to deal with from Microsoft that address 59 total vulnerabilities. Equally as important however are the three 0-days in Adobe Flash Player and an impending 193 new fixes from Oracle,

> Read More

Infosec Haiku

Anata no joho sekyuritei konshu no haiku

Huge Month for Patches —
  and Much More
Time to Patch It Up


### Notes ###
* Thanks to Ms. Etsuko vdH for the translation.
* Thanks to everyone who’ve contributed their haikus …

> Read More

Critical Updates for Adobe Reader and Acrobat Released – You Can Breathe Again

You can stop holding your breath now, the wait is over.

Adobe has released security updates for Acrobat and its PDF Reader software fixing critical vulnerabilities in its Windows and Mac software.

Last week, on Patch Tuesday, Adobe explained that although it was releasing security patches for Flash Player and AIR,

> Read More

Busy Patch Tuesday for May Including More for IE

Microsoft is set to release more bulletins next week than we’ve seen in in the last few Patch Tuesdays, and the impact looks to be significant. The May patch load will include 8 bulletins, 2 of which are rated critical. The busy month comes just one-week after the out-of-band patch for IE, MS14-021,

> Read More

Got Adobe Reader on your Android device? You Had Best Update it ASAP

A critical security vulnerability has been found in Adobe Reader Mobile, the version of the popular PDF Reader developed for the Android operating system, which could lead to remote hackers compromising documents stored on your Android device and its SD memory card.

If you were feeling smug that you had managed to avoid the Heartbleed flaw affecting  up to 50 million Android users because you’re not running Android 4.1.1 of Jellybean,

> Read More

Isn’t It Time Oracle Gave Us Monthly Security Updates for Java?

In some ways, it could be argued that Java is an incredible success.

I’m serious. Stop laughing at the back.

You see, according to Oracle, Java’s developer, the product is used on over 3 billion different devices worldwide. That *is* impressive.

But, for those of us concerned with securing systems and keeping computer data safe,

> Read More

February Patch Tuesday to Include 5 Bulletins; Adobe Rushes Flash Fix

Microsoft will release 5 bulletins next week for February Patch Tuesday; 2 are rated critical and 3 are important. These bulletins address vulnerabilities in Windows Security Software, and the .NET framework. For the first time in a long time, there won’t be a patch for Internet Explorer. Although Microsoft has said they target IE cumulative updates every other month,

> Read More

October Patch Tuesday Includes IE Patch and 7 Others

Microsoft released 8 patches this October Patch Tuesday – 4 are critical and 4 important. Two pieces of good news this month – the IE vulnerability Microsoft released a fix-it for last month will be included in this month’s crop of patches and the bulk of the October issues do not impact the current code base.

> Read More

Nothing Pretty About Fireworks Delivered From Microsoft This Patch Tuesday

IT admins may have taken the Fourth off to enjoy some fireworks, but they’ll be very busy this week patching their systems. It’s not a pretty Patch Tuesday this month with 7 bulletins, 6 of which are critical. That brings our total of critical bulletins for the year to 22, which is fairly high, considering Microsoft released only 34 critical bulletins for the entire calendar year of 2012.

> Read More

Ten Bulletins This May Patch Tuesday; But Don’t Get Excited

While 10 patches covering 33 vulnerabilities may seem like a high number, it isn’t all bad news for IT professionals this May Patch Tuesday. Only two of the 10 patches released today are critical and both impact Microsoft Windows and Internet Explorer. The two critical-rated patches address the IE 8 zero-day that made news after attacking a website belonging to the U.S.

> Read More

Patch Tuesday Not Too Taxing For IT This Month, Despite Heavy Patch Count

It’s another heavy month of patches this month from Microsoft. There are 9 bulletins, with 2 critical and 7 important. While 9 may seem like a lot, there are a few pieces of good news this month. First, there are only 2 critical bulletins and most of the patches are rated important. Second, most of the impact is on the legacy code base,

> Read More

No Luck o’ the Irish for IT this St. Patty’s Day

IT admins can’t seem to catch a break this year. First, the never ending stream of Java issues that has kept folks on their toes since January. Now they’ve got another busy month of patches ahead of them, with 7 total patches from Microsoft, 4 of which are critical. However, once again the issues outside of Microsoft will likely eclipse the Patch Tuesday patches this month.

> Read More

Microsoft Serves Up a Turkey for Thanksgiving this Patch Tuesday

IT administrators may find they don’t have much to be thankful for this Thanksgiving with a disruptive Patch Tuesday headed their way. With 6 Microsoft bulletins, 4 of which are critical and some restarts required, along with a host of other issues, IT can expect a disruptive Patch Tuesday this month.

Right off the top,

> Read More

Sensational Headlines or Real Threats?

Yesterday, I was joined by a great group of IT security industry pros for a discussion on the recent, highly-sophisticated cyber attacks that continue to make headlines by hitting major U.S. banks and global companies like Saudi Aramco, Adobe and others. Dialing up the rhetoric on these spectacular headlines, the Pentagon jumped in last week with strong language from  U.S.

> Read More