Microsoft Releases 4 Security Updates — Smallest Patch Tuesday Ever!

In Brief Microsoft has issued its first Patch Tuesday for 2017, and it's one of the smallest ever monthly patch releases for the company, with only four security updates to address vulnerabilities in its Windows operating system as well as Adobe Flash Player. Meanwhile, Adobe has also released...

Microsoft Issues Record Low Number of Patch Tuesday Bulletins

Microsoft’s first Patch Tuesday update of 2017 is one of the smallest in the history of the program with four bulletins released today, including three rated important along with Adobe’s monthly Flash Player update for Internet Explorer and Edge, which was rated critical by the vendor. The...

Adobe Patches 31 Vulnerabilities, Flash Zero-Day Under Attack

Adobe patched 31 vulnerabilities across nine different product lines Tuesday morning, including a zero-day vulnerability in Flash Player the company claims is being used in targeted attacks against Internet Explorer users on Windows. That vulnerability CVE-2016-7892 is one of 16 bugs in Flash tha...

Microsoft Patches Windows Zero-Day Flaw Disclosed by Google

Microsoft was very upset with Google last week when its Threat Analysis Group publically disclosed a critical Windows kernel vulnerability CVE-2016-7255 that had yet to be patched. The company criticized Google's move, claiming that the disclosure of the vulnerability, which was being exploited i...

Adobe Patches Nine Code Execution Flaws in Flash Player

Two weeks after rushing out an emergency patch for a zero-day vulnerability, Adobe today released another Flash Player security update. The new release patched nine vulnerabilities, all of which expose the host system to remote code execution. Adobe said it is not aware of public exploits against...

Microsoft Patches 5 Zero-Day Vulnerabilities Being Exploited in the Wild

Microsoft has released its monthly Patch Tuesday update including a total of 10 security bulletin, and you are required to apply the whole package of patches altogether, whether you like it or not. That's because the company is kicking off a controversial new all-or-nothing patch model this month...

Microsoft Fixes 47 Vulnerabilities with September Patch Tuesday

Microsoft patched 47 vulnerabilities as part of 14 security bulletins, seven critical, with its monthly Patch Tuesday updates today. The company is warning users that if left unpatched, 10 of the issues can lead to remote execution. The updates resolve issues in Microsoft Windows, Office, Office...

Adobe Patches 29 Vulnerabilities in Flash Player

After a month free of Flash Player fixes and emergency patches, Adobe today resumed its monthly ritual of releasing a security update for the maligned software. Today’s update patched 29 issues, most of which enabled remote code execution attacks on the host system. Adobe also updated its Air SDK...

Latest Windows UAC Bypass Permits Code Execution

Less than a month after disclosing a Windows User Account Control bypass, researcher Matt Nelson today published another attack that circumvents the security feature and leaves no traces on the hard disk. This time, the bypass relies on Event Viewer eventvwr.exe, a native Windows feature used to...

Microsoft June Patch Tuesday Fixes 44 Vulnerabilities

Microsoft pushed out 16 bulletins on Tuesday addressing 44 different vulnerabilities in its software, including Windows, Exchange Server, Office, Edge, and Internet Explorer. Five of the bulletins have been branded critical because each vulnerability associated with them could be used to carry ou...

FireEye Details Microsoft Zero Day Attack on 100 Companies

More than 100 North American companies were attacked by crooks exploiting a Windows zero day vulnerability. The attacks began in early March and involved the zero day vulnerability CVE-2016-0167 reported and partially fixed in April’s Patch Tuesday security bulletins by Microsoft. The zero day wa...

May 2016 Microsoft Patch Tuesday Security Bulletins

Microsoft released a hefty load of security bulletins today, which included a patch for a JScript and VBScript scripting engine vulnerability being publicly exploited. The flaw is addressed in its own bulletin, MS16-053, but users need to pay attention to, and apply MS16-051 as well since the...

Badlock Bug in Samba SMB Protocol

Despite the Badlock hype machine cranked up high, we don’t know much about this impending soul-crushing vulnerability other than it could be bad, it could be in the Windows Server Message Block and it already has its own requisite logo and website. Nonetheless, we have a little more than two week...

End of Life for Internet Explorer 8, 9 and 10

Microsoft has started the year with an announcement that, effective Jan. 12, 2016, support for all older versions of Internet Explorer IE will come to an end known as an EoL, or End of Life. The affected versions are Internet Explorer 7, 8, 9, and 10. What this means for users is that Microsoft...

December 2015 Microsoft Patch Tuesday Security Bulletins

Forgive your local Windows admin if they’re a little shy on holiday cheer in the coming days. Blame instead Microsoft for foisting upon them on Tuesday 71 security patches, including two for vulnerabilities in Office and the Windows kernel currently under attack. Microsoft also issued a separate...

November 2015 Patch Tuesday Brings 12 Updates, Four Critical

Microsoft today pushed out 12 bulletins as part of November’s Patch Tuesday, including four critical updates, all of which can lead to remote code execution. The update is rounded out by fixes for Windows, Lync, .NET, and Skype for Business, but there are two critical fixes that affect browsers o...

Emergency Adobe Flash Zero Day Patch Arrives Ahead of Schedule

Adobe has decided to patch the zero day vulnerability that was disclosed in Flash Player earlier this week today — instead of next week as originally scheduled. According to a security bulletin Adobe posted this morning the update actually fixes three vulnerabilities in the software, but the most...

October 2015 Microsoft Patch Tuesday Security Bulletins

Microsoft’s monthly release of security bulletins today is a relatively light load of patches to be tested and deployed. The real news, however, could be in a separate advisory in which it continues to deprecate the outdated RC4 encryption algorithm. Following its initial advisory in May that...

October 2015 Adobe Reader, Acrobat Flash Patches

Adobe today released a jumbo-sized Patch Tuesday update for Reader, Acrobat, and Flash, addressing a combined 69 critical vulnerabilities in the software, many which can lead to information disclosure and code execution. The company warned about the bugs via a blog post at its Product Security...

Microsoft issues Security Patches for Windows 10 and Edge Browser

Updated your PCs to Windows 10? Now it’s time to patch your Windows 10 software. Microsoft has issued its monthly Patch Tuesday by releasing 14 security bulletins, nearly half of it address vulnerabilities in its latest operating system, Windows 10. Four of them are marked critical, affecting...