One of the seven updates was tagged “critical,” the highest threat ranking in Microsoft’s four-step system, while the others were marked “important,” the second-highest rating, even though some of them could conceivably be exploited by attackers to plant malware on users’ PCs. View full post on could security – Yahoo!…
Microsoft Releases Emergency Patch for ASP.NET Flaw
The update was released approximately two weeks before the company’s regularly scheduled security update. View full post on eSecurityPlanet RSS Feed View full post on National Cyber Security
Adobe Reader zero-day patch due today
Adobe is set to release a patch today for an older version of the Reader PDF viewer to stymie attacks like those aimed at major defence contractors earlier this month. Nine days ago, the company confirmed a critical bug in Reader and promised to fix the flaw in Reader and…
Microsoft Patch Tuesday – December 2011
“From Redmond with Love” Recently, I had a chance to talk with Katie Moussouris, leader of the Security Community Outreach and Strategy team at Microsoft. The interview helped me realize that Microsoft has a lot to offer when it comes to not just fixing vulnerabilities in their own products, but…
Microsoft to patch 20 vulnerabilities just in time for X’mas
Microsoft will issue 14 security bulletins next week to patch 20 vulnerabilities in Windows, Internet Explorer (IE), Office, and Windows Media Player. Among the patches will likely be ones to plug the hole used by the Duqu intelligence-gathering Trojan, and to fix the SSL (secure socket layer) 3.0 and TLS…
RealPlayer update addresses 19 CVEs. Patch it! Remember that Exploit kits can exploit vulnerable client apps. http://service.real.com/realplayer/security/11182011_player/en/, (Tue, Nov 22nd)
Login here to post a comment. Diary Archives Article source: http://isc.sans.edu/diary.html?storyid=12082&rss View full post on National Cyber Security
ISC issues temporary patch for zero-day BIND 9 DNS server flaw
A temporary patch has been released for BIND 9 DNS servers, mitigating a zero-day vulnerability causing server crashes. It’s unclear if exploits are in the wild. <img alt="ISC issues temporary patch for zero-day BIND 9 DNS server flaw, Blog, Server, Flaw, TEMPORARY, issues, zeroday, patch, BIND"height="0" width="0" border="0" style="display:none" src="http://segment-pixel.invitemedia.com/pixel?code=TechBiz…
No Duqu zero-day patch yet, but Microsoft offers workaround
A full-blown Duqu zero-day patch won?t be ready for the November 2011 Patch Tuesday release, but experts say enterprises should be ready to deploy it quickly. <img alt="No Duqu zero-day patch yet, but Microsoft offers workaround, Blog, Microsoft, Offers, zeroday, patch, Duqu, workaround"height="0" width="0" border="0" style="display:none" src="http://segment-pixel.invitemedia.com/pixel?code=TechBiz &partnerID=167&key=segment”/> View full…
Microsoft Patch Tuesday Roundup – October 2011
This month Microsoft released 8 security bulletins, including patches for some interesting vulnerabilities. For example, MS11-075, MS11-076, and MS11-077 all address a type of vulnerability triggered by a user accessing a file share. In Microsoft’s own words the user must “open a legitimate file that is located in the same…
Microsoft to patch 23 vulnerabilities next week
Microsoft will ship eight security updates next week to patch 23 vulnerabilities in Windows, Internet Explorer (IE) and several other products in its portfolio, the company announced this morning. Microsoft sketched out the upcoming patches in an advanced notice of Patch Tuesday’s line-up. Two of the eight updates, which Microsoft…