It’s “In the Wild” Patch Tuesday

This is the most active Patch Tuesday in quite some time.  A quick look at the numbers show that the next few days will be busy ones for IT teams:

  • Eight total security bulletins released
  • Bulletins cover 23 separate vulnerabilities, with 13 (57%) of the vulnerabilities garnering a “1” (highest) rating on Microsoft’s exploitability scale
  • Microsoft indicates that there is active exploit code in the wild for 6 (26%) of the 23 vulnerabilities
  • From a business disruption standpoint,

> Read More

All Quiet On The Eastern Front as it Relates to Conficker

Latest network traffic in China indciates that Conficker will not materialize into the overhyped sensation that it tuned out to be; however, Conficker turned out to be a very important lesson for everyone.

Conficker is an aggressively spreading computer worm that has been laying down a powerful botnet infrastructure that can then be managed by malicious controllers.

> Read More

There is No Quick Fix to Good Patching & Remediation

Considering that over 90 percent of cyber attacks exploit known security flaws, vulnerability management has never had greater importance than today when it comes to managing risks.  It remains the single most effective security defense a company can undertake to manage its greatest amount of risk with the lowest possible cost.

While the current economic conditions might lull companies into being reactive by going with a discounted or free solution,

> Read More

Ongoing Microsoft MS08-067 RPC Issues Could Haunt Those Who Didn’t Patch

While the patch for MS08-067 has been available since October 2008, it is still proving to be an issue today. For those who failed to heed the warning and patch when Microsoft released it, you might want to pay attention.  New variants continue to appear in the wild, indicating that hackers are confidant that users will foolishly continue to avoid patching their systems for that particular exploit. 

> Read More