security update
Microsoft to release five bulletins next week
Microsoft released advance notification for next week’s Microsoft patch and it looks like we’re getting only five bulletins. We received several comments on what …
Changes to the Java security model
The upcoming security changes in Oracle Java address three long-standing issues with the Java security model. The most significant change is how signed applets are handled. In …
Questioning Google’s disclosure timeline motivations
The presence of 0-day vulnerability exploitation is often a real and considerable threat to the Internet – particularly when very popular consumer-level software is the …
Automate your way out of patching hell
IT departments are often criticised for their remoteness from the business. One cause could be highlighted by recent research numbers from IDC, which found that as much as 70 …
Ruby on Rails bug is being exploited in the wild, researcher warns
Administrators of servers running Ruby on Rails are advised once again to upgrade to the latest versions of the framework (3.2.11, 3.1.10, 3.0.19, and 2.3.15), as a …
Microsoft fixes 33 vulnerabilities
Today for Patch Tuesday, Microsoft and Adobe are both coming out with critical fixes for a number of widely installed and attacked programs. Microsoft has 10 bulletins …
Microsoft to release 10 bulletins
It is the week before Patch Tuesday May and Microsoft has published its Advance Notification, giving us insight into what to expect next Tuesday. There will be 10 bulletins …
Self-updating apps are now banned from Google Play
Google has made added a short but very significant clause to its Google Play Developer Program Policies, banning apps downloaded from the official store to “modify, …
Exploit for recently patched Java flaw added to CrimeBoss exploit kit
If you are still using Java, you insist on updating in manually and you haven’t gotten around to installing the latest Critical Patch Update released a week ago, you are …
Most corporate computers missing critical software updates
87 percent of corporate computers are missing critical software updates that could threaten business security, according to F-Secure data from around 200,000 workstations …
Oracle plugs a host of critical Java vulnerabilities
Oracle’s Java SE Critical Patch Update for April 2013 contains 19 CVEs with CVSS base score of 10 (the highest you can go) indicating that exploiting the vulnerability …
Microsoft patches 13 vulnerabilities
April has turned out to be a rather slow month for Patch Tuesday. There are nine bulletins addressing a total of 13 vulnerabilities, but only two of the bulletins are rated …
Featured news
Resources
Don't miss
- PoC exploit for Ivanti Endpoint Manager vulnerabilities released (CVE-2024-13159)
- Account takeover detection: There’s no single tell
- Man vs. machine: Striking the perfect balance in threat intelligence
- Misconfig Mapper: Open-source tool to uncover security misconfigurations
- Why AI deployment requires a new level of governance