Patch Management

Patch madness! 273 vulnerabilities from four vendors in one week

Patch madness! 273 vulnerabilities from four vendors in one week

By

When it comes to fixing vulnerabilities, this week will be hard to beat with just four vendors issuing a total of 273 patches. The big question is does that mean we are getting more, or less, secure?

How to solve a problem like security update apathy?

How to solve a problem like security update apathy?

By

When a high percentage of users have unpatched systems and unpatched programs, as found in a recent Secunia report, can you protect them from themselves?

ICYMI: Aviation risk; netgear patch delay; legal threats; android malware variants; SSL weakness

ICYMI: Aviation risk; netgear patch delay; legal threats; android malware variants; SSL weakness

By

This week's In Case You Missed It (ICYMI): Aviation risk warning; netgear patch delay; vulnerability disclosure -legal threats; android SMS malware variants; SSL weakness exploited for phishing.

Heartburn: 200,000 devices 'still susceptible' to Heartbleed bug

Heartburn: 200,000 devices 'still susceptible' to Heartbleed bug

By

As the patching cycle becomes ever longer, some experts are pushing for mandatory security updating of critical IoT devices.

Zero-day exploit hits fully patched Macs

Zero-day exploit hits fully patched Macs

By

OS X 10.10 has a vulnerability that allows hackers to install malware without system passwords

Stuxnet flaw remained unpatched for four years

Stuxnet flaw remained unpatched for four years

By

In its latest 'Patch Tuesday' notice, Microsoft issued 14 security bulletins including fixes for the Freak flaw and the Stuxnet worm - which was thought to have been patched five years ago.

Wiping the flaws: Why it's time to get smarter about patch management

Wiping the flaws: Why it's time to get smarter about patch management

Monolithic operating systems will attract attackers, and speed to market will trump security, so expect patches and be intelligent about how vulnerabilities are fixed says Raimund Genes.

18 of 25 top vulnerable mobile apps remain unpatched

By

The McAfee Labs Threats Report: February 2015 demonstrates how failure to patch is leaving mobile apps exposed to SSL vulnerabilities.

CISOs: Out of step with their own security teams?

CISOs: Out of step with their own security teams?

By

CISOs are increasingly taking on greater management responsibilities - but are they as a result being divorced from their firm's true security maturity and the tools needed to avoid being breached?

Microsoft's Patch Tuesday preview will no longer be made public

Microsoft's Patch Tuesday preview will no longer be made public

By

Microsoft said the change to its patching was made because customers no longer use the previewing system the same way they did in the past.

Who polices the security service?

Who polices the security service?

Questions need to be asked of Patch Tuesday and Microsoft's approach to it, says Robert Brown.

Microsoft issues out-of-band patch to Windows Kerberos

Microsoft issues out-of-band patch to Windows Kerberos

By

Microsoft has very unusually released an `out-of-band' security patch to fix a vulnerability in Windows - and Windows Server - that hackers are reportedly exploiting to compromise IT networks.

300,000 servers still vulnerable to Heartbleed bug

300,000 servers still vulnerable to Heartbleed bug

By

Two-and-a-half months on from the discovery of the Heartbleed bug affecting OpenSSL security, and one security researcher claims that the flaw still affects 300,000 servers.

Breaking the refresh cycle

Breaking the refresh cycle

The cycle of updating software at the end of life has, itself, reached its end of life with managed services the way ahead says Kevin Linsell

Internet of Things - Top Ten concerns

Internet of Things - Top Ten concerns

Mark O'Neill suggests that his top ten potential vulnerabilities of the Internet of Things (IoT), need to be considered now, before mass deployment.

Patching: the unlocked door

Patching: the unlocked door

With Windows XP fast approaching its end-of-support deadline, many firms are going to be at risk of attack, reports Kate O'Flaherty.

Microsoft rushes out patches to stay ahead of cyber crooks

Microsoft rushes out patches to stay ahead of cyber crooks

By

Microsoft's latest Patch Tuesday security fixes for its products included two last-minute updates that show the company rushing to respond to the escalating pace of cyber attacks.

Patch Tuesday update addresses 24 bugs, including exploited TIFF zero-day

Patch Tuesday update addresses 24 bugs, including exploited TIFF zero-day

By

Microsoft's Patch Tuesday update has been released, giving users a highly anticipated fix for a TIFF zero-day flaw and 23 other bugs affecting company software.

Users do not apply Java patch despite its availability

Users do not apply Java patch despite its availability

By

A recent Java update was only downloaded by seven per cent of users.

Oracle makes plans for Java security

Oracle makes plans for Java security

By

Oracle has said that making Java more secure is a priority, as it lines up regular patch updates.

GFI Software adds patch management to cloud offering

By

GFI Software has added a patch management capability to its GFI Cloud offering.

VMware sells Shavlik product portfolio to LANDesk Software

By

Systems management vendor LANDesk Software has acquired VMware's Protect product family of IT management solutions.

Microsoft releases nine bulletins, but no Pwn2Own fixes

Microsoft releases nine bulletins, but no Pwn2Own fixes

By

Microsoft issued nine bulletins to fix 14 vulnerabilities this week; however it left several known flaws unpatched.

Microsoft issues seven bulletins for Patch Tuesday, but nothing for Pwn2Own vulnerability

Microsoft issues seven bulletins for Patch Tuesday, but nothing for Pwn2Own vulnerability

By

Microsoft released seven bulletins last night, containing four patches rated as critical, to fix 20 vulnerabilities.

SC Webcasts UK

Sign up to our newsletters

FOLLOW US