Microsoft Recalls Patch Tuesday Exchange Update

Microsoft today announced the recall of a security patch for Exchange Server published on Tuesday that was originally slated for release in the November edition of its monthly Patch Tuesday releases. This is the second straight month that Microsoft has had to pull a security bulletin after...

December 2014 Microsoft Patch Tuesday Security Bulletins

Microsoft exits 2014 the way it came in to the year, with a relatively quiet set of Patch Tuesday security bulletins. As promised last week, Microsoft released seven bulletins today, three of them rated critical, meaning the chance of exploit and remote code execution is high. Microsoft also...

December 2014 Microsoft Patch Tuesday Advance Notification

Microsoft made patch news on two fronts last month with an unusual emergency patch for a critical vulnerability in Kerberos, and for a missing fix for an Exchange bug that was promised in its November advanced notification. In the December advance notification, released today, an elevation...

Project Zero Patch Tuesday roundup, November 2014

Posted by Chris Evans, Registrar of Bugs It’s been about a week since Patch Tuesday, and the Project Zero reports mentioned in the various advisories are now public. We won’t always be writing a Patch Tuesday roundup, but we often will when we believe there is a sufficiently varied and interestin...

Microsoft to Release Critical Out-of-Band Windows Patch

UPDATE–Microsoft on Tuesday released a rare out-of-band patch for a critical vulnerability in several versions of Windows and Windows Server, including Windows 8 and 8.1. The Ms14-068 vulnerability is a flaw in the Kerberos implementation in Windows that could enable an attacker to elevate his...

Adobe Patches 18 Vulnerabilities in Flash

Adobe pushed out security updates for Flash Player this afternoon, addressing 18 different vulnerabilities, all critical, that could allow an attacker to take control of an affected system running the multimedia platform according to a security bulletin posted today. The Patch Tuesday updates,...

November 2014 Microsoft Patch Tuesday Security Bulletins

A busy Microsoft Patch Tuesday arrived today with an extra sense of urgency and a complication. Among 14 bulletins, four of which are rated critical by Microsoft, is a patch for the OLE zero-day vulnerability being used in a number of targeted attacks. The zero-day is being spread via email...

Microsoft to Issue 16 Security Patches and 60 Other Updates

Microsoft has this time quite a big pile of security patches in its November 2014 Patch Tuesday, which will address almost 60 non-security updates for its Windows OS along with 16 security updates. The software giant released Advance Notification for 16 security bulletins, the most in more than...

November 2014 Microsoft Patch Tuesday Security Bulletins

Microsoft today provided its Patch Tuesday advanced notification, giving IT managers a head’s up about 16 bulletins that are scheduled to be delivered next week, including five rated critical for remote code execution and privilege escalation issues. The heavy patch load is an anomaly for 2014,...

Microsoft's announcement to fix the OLE remote code execution vulnerability-vulnerability warning-the black bar safety net

In last month's“patch Tuesday”in Microsoft's Update Patch for the OLE allow remote code execution were fixed. We had thought that the vulnerability has been fixed, but may in fact be more than we imagined more complicated. Microsoft today once again revolve around the vulnerability issued a safet...

Microsoft Extends SHA-2, TLS Support for Windows

One by one, tech companies have been tossing aside the SHA-1 cryptographic algorithm like the unreliable collision-prone mess that it is. Microsoft was among the first to steer its customers away from SHA-1 and established an internal edict that its developers would no longer use it for...

Fixes for IE, Flash Player in October Patch Tuesday Release

Microsoft and Adobe issued their monthly patch Tuesday releases today, and Microsoft posted eight bulletins, three of which are considered critical including the now-monthly cumulative Internet Explorer update, addressing 24 vulnerabilities in various products. Adobe has fixes for three...

October 2014 Microsoft Patch Tuesday security bulletins

Microsoft on Tuesday will push out its first set of patches since it announced the dissolution of the Trustworthy Computing group that gave birth to Patch Tuesday. The monthly patch cycle was just one output from TwC, which was formed in the ashes of Code Red, Nimda and hundreds of other network...

Microsoft to Patch Critical Internet Explorer Vulnerability Next Week

You all won't have forget about the dodgy update released by Microsoft in its last month’s Patch Tuesday Updates which was responsible for crippling users’ computers - specially users running Windows 7 PCs with the 64bit version - with the infamous “Blue Screens of Death.” The company fixed the...

September 2014 Microsoft Patch Tuesday advance notification

Microsoft today announced a relatively light load of patches will be delivered on Patch Tuesday next week, along with some numbers that demonstrate public vulnerability disclosures continue to rise. Four security bulletins, one rated critical, are scheduled to be released next Tuesday. In what’s...

Microsoft Re-Releases Broken Security Patch MS14-045

Microsoft today re-released security bulletin MS14-045, which was pulled shortly after the August Patch Tuesday updates because a number of users reported crashes and blue screens. The patch was removed from Windows Update on Aug. 15, three days after it was released as part of Microsoft’s monthl...

August 2014 Microsoft Patch Tuesday Security Bulletins

Microsoft today released its monthly Patch Tuesday Security Bulletins, and the top priority is another cumulative update for Internet Explorer; this one patches 26 vulnerabilities, including one that’s been publicly reported, Microsoft said, and is likely being exploited. All of them are rated...

August 2014 Adobe Patch Tuesday security updates

Adobe today released an out-of-band patch for a zero-day vulnerability in Adobe Reader and Acrobat that has been leveraged in targeted attacks. Kaspersky Lab Global Research and Analysis Team director Costin Raiu is credited with reporting the vulnerability. Details were not announced, but Raiu...

IE to Block Older ActiveX Controls, Starting with Java

Next week’s Microsoft Patch Tuesday security bulletins will not only bring nine new security bulletins but also an update to Internet Explorer that blocks outdated ActiveX controls, starting with Java. Notifications will flag the older ActiveX controls and users will have the option to update the...

Microsoft July 2014 Patch Tuesday fixes 29 IE Vulnerabilities

Microsoft today issued two critical-, three important-, and one moderate-rated security bulletins in the July edition of its monthly Patch Tuesday release. The updates address 29 security vulnerabilities in the company’s Windows operating system, Internet Explorer browser, and server software. Th...