Posts

Patch Tuesday February 2016

Yet another patch Tuesday has come upon us.
Microsoft released 13 updates, some of which fix critical issues, to address vulnerabilities in their product line. Adobe on the other hand has released patches which address 22 vulnerabilities for their Adobe Flash and Adobe Acrobat/Reader products.
Oracle also pushed out a new update – Java SE 8, Update 73.

Microsoft
Adobe

Patch Tuesday November 2015

Yet another patch Tuesday has come upon us.
Microsoft released 12 updates, some of which are critical, to address vulnerabilities in their product line. Adobe on the other hand has released updates for their Adobe Flash product.

Microsoft
Adobe

Patch Tuesday October 2015

Yet another patch Tuesday has come upon us.
Microsoft released 6 patches that address 33 issues, some of which are critical. Adobe on the other hand has released updates for Reader, Acrobat and Flash which address 69 Vulnerabilities.

Microsoft
Adobe

Patch Tuesday September 2015

Yet another patch Tuesday has come upon us.
Microsoft released patches that address 12 different issues, 5 of which are critical. Adobe on the other hand has released a security update for their ShockWave application.

Microsoft
Adobe

Patch Tuesday May 2015

Another month, another patch Tuesday!
Microsoft and Adobe has both released a large amount of updates (Microsoft update fixes 46 flaws in Windows, Internet Explorer, Office and other Microsoft products), and some of these will enable malicious code execution if abused.

Also, this week’s newsletter will be postponed for next week due to holidays in Sweden.

You can find links to the updates below:
Microsoft
Adobe

Patch Tuesday April 2015

Another month, another patch Tuesday!

Microsoft released a large amount of updates, some which require special attention. One of these deal with an issue in http.sys, meaning that a lot of Internet facing services may end up being exploited unless patched, as the vulnerability is a remote code execution vulnerability. Many other issues are also covered, with some additional ones also being remote code execution vulnerabilities. Due to this, we cannot stress highly enough the need to apply these patches without waiting too long.

Oracle has also released updates for their large software catalogue, which, for example fixes vulnerabilities in their java and database software. You’re highly advised to check the link below to see if any of the software you’re using is vulnerable.

Adobe also released patches, fixing critical issues that are currently being exploited in the wild. Fixes went out for Flash, ColdFusion and Flex. Make sure you keep your computers and servers up-to-date with these patches.

More information
Microsoft
Oracle
Adobe Flash
Adobe ColdFusion
Adobe Flex

Patch Tuesday March 2015

Another month, another patch Tuesday!

On this, the third Patch Tuesday of 2015, Microsoft pushed 14 update bundles to address at least 43 separate vulnerabilities in Internet Explorer, Exchange, Office and a host of other components.

Microsoft has released a large amount of updates (14 bundles which address at least 43 separate vulnerabilities) for Internet Explorer, Exchange, Office and Windows.

As some of these vulnerabilities are listed as critical and could allow elevation of privilege, denial of service, remote code execution, or security feature bypass that allows an attacker to take control of the affected system. It is advised to upgrade as soon as possible.

UPDATE 12/3/2015:
Adobe also released and update for Adobe Flash Player now. This update is rated as a 1 on Adobe’s Severity rating; “This update resolves vulnerabilities being targeted, or which have a higher risk of being targeted, by exploit(s) in the wild for a given product version and platform. Adobe recommends administrators install the update as soon as possible. (for example, within 72 hours).”

More information:
Microsoft
Adobe

Patch Tuesday February 2015

Another month, another patch Tuesday!

Microsoft has released eight updates to address vulnerabilities in Windows, Internet Explorer and the Office package.
Adobe has released security updates to address multiple vulnerabilities in Flash Player. Check the link below and make sure you are running the latest version available.

Some of these vulnerabilities could allow elevation of privilege, denial of service, remote code execution, or security feature bypass that allows an attacker to take control of the affected system. It is advised to upgrade as soon as possible.

More information:
Microsoft
Adobe

Patch Tuesday January 2015

Another month, another patch Tuesday!

Microsoft has released eight updates to address vulnerabilities in Microsoft Windows.

Adobe has released security updates to address multiple vulnerabilities in Flash Player.

Some of these vulnerabilities could allow elevation of privilege, denial of service, remote code execution, or security feature bypass that allows an attacker to take control of the affected system. It is advised to upgrade as soon as possible.

More information:
Microsoft
Adobe

Patch Tuesday December 2014

Another month, another patch Tuesday!

Microsoft has released updates to address vulnerabilities in Exchange, Windows, Internet Explorer, and the Office suite.
Adobe has released security updates to address multiple vulnerabilities in Flash, Reader, Acrobat, and ColdFusion.

It is advised to update as soon as possible as some of these vulnerabilities could allow elevation of privilege, remote code execution, or disclosure of information – basically taking over your system.

More information:
https://technet.microsoft.com/library/security/ms14-dec
http://helpx.adobe.com/security/products/flash-player/apsb14-27.html
http://helpx.adobe.com/security/products/reader/apsb14-28.html
http://helpx.adobe.com/security/products/coldfusion/apsb14-29.html