Patch Tuesday

Microsoft serves up 10 patches, including IIS and IE fixes

Dan Kaplan June 09, 2009

Microsoft on Tuesday pushed out 10 patches to correct an array of issues, many of which could result in malicious code to be executed.
 

Adobe fixes come Tuesday

Dan Kaplan June 05, 2009

Adobe's first-ever quarterly patch update is planned for Tuesday. The company announced Thursday that it expects to issue patches then for its Reader and Acrobat versions 7, 8 and 9. The move to scheduled updates comes in response to criticism Adobe received earlier this year when it took several months to fix a major zero-day PDF vulnerability in its software. Tuesday's release — and each one after — will coincide with Microsoft's monthly security update. — DK
 

Microsoft readies 10 patches for next week

Dan Kaplan June 04, 2009

Microsoft next week plans to push out 10 patches, six graded "critical" by the software giant.
 

Adobe's PDF vulnerability patched

Angela Moscaritolo May 12, 2009

Security researchers say Adobe's PDF vulnerability, which was fixed Tuesday, is more of a pressing issue than Microsoft's PowerPoint vulnerabilities fixed the same day.
 

Fourteen fixes for PowerPoint this Patch Tuesday

Angela Moscaritolo May 12, 2009

Microsoft today issued a fix for a zero-day vulnerability in PowerPoint that is currently being leveraged in ongoing attacks in the wild. In addition, the patch addresses 13 other similar vulnerabilities in the program.
 

From eight to one: PowerPoint sole fix coming from Microsoft

Dan Kaplan May 07, 2009

A fix for a critical PowerPoint flaw, originally disclosed days before April's Patch Tuesday release, is scheduled to be delivered as part of May's update from Microsoft.
 

Microsoft pushes out eight fixes for 23 bugs

Dan Kaplan April 14, 2009

Microsoft on Tuesday released eight security bulletins -- five addressing at least one vulnerability rated "critical" -- to correct a total of 23 flaws, a number of which are being publicly exploited.
 

Conficker patch rates rise

Dan Kaplan April 14, 2009

Approximately 20 percent of machines have yet to patch for the Microsoft Windows Server service vulnerability (MS08-067) that is being exploited to spread the insidious Conficker worm, according to findings from vulnerability management firm Qualys. But the company said that, based on more than 300,000 scans of customers' Windows machines, the number of unpatched machines fell from around 35 percent just before April 1, when Conficker was activated to receive additional updates from preselected domains. — DK
 

Fix for Excel zero-day may be coming from Microsoft

Dan Kaplan April 09, 2009

Microsoft is planning to deliver eight patches -- including one that addresses a security threat in Excel -- to users next week.
 

Microsoft report shows scareware, file-fomat bugs on rise

Dan Kaplan April 08, 2009

So-called scareware programs top the list of internet threats, according to Microsoft's sixth Security Intelligence Report.
 

Microsoft: The patch works

Chuck Miller March 16, 2009

Countering claims that the Web Proxy Autodiscovery Protocol (WPAD) patch Microsoft released last week was ineffective, Maarten Van Horenbeeck, Microsoft Security Response Center program manager, said in a recent blog post that the fix was valid in that "this update will protect you and it should be deployed as soon as possible." Researchers had said that even with the patch, problems remained that could be used to launch man-in-the-middle attacks on Windows DNS servers. — CAM
 

Microsoft patch may not work

Chuck Miller March 12, 2009

One of the patches issued by Microsoft this week does not fix one of the vulnerabilities it was meant to, according to PandaLabs. Bulletin MS09-008 was supposed to patch four flaws, but one of them -- related to Web Proxy Autodiscovery Protocol (WPAD) registration -- was not resolved, Panda said in a news release. Even with the patch, the bug is still active and can be used to launch man-in-the-middle attacks on Windows DNS servers, allowing an attacker to possibly access sensitive information, Panda said. — CAM
 

Microsoft patches for GDI, DNS vulnerabilities

Dan Kaplan March 10, 2009

Microsoft on Tuesday pushed out three patches to resolve eight vulnerabilities, including issues with GDI and DNS.
 

Srizbi detection added

Dan Kaplan February 11, 2009

Microsoft has added detection for the infectious Srizbi malware family to its Software Removal Tool, released Tuesday with the company's monthly patches. Srizbi is a trojan downloader or rootkit that propagates through malicious emails. If recipients fall victim, their machines become part of a botnet, whose chief goal is to deliver spam. In October, Microsoft added similar detection for the Rustock bot malware. — DK
 

Patch Tuesday: Microsoft fixes "critical" flaws in Exchange, IE

Dan Kaplan February 10, 2009

Microsoft on Tuesday pushed out four patches for eight vulnerabilities.
 

Four Microsoft fixes planned for Patch Tuesday

Dan Kaplan February 05, 2009

Microsoft is planning four patches -- two rated "critical -- in Tuesday's monthly security update.
 

Removing admin rights can stem Microsoft exploits

Angela Moscaritolo February 05, 2009

Eliminating administrator rights -- the default setting on most Windows machines -- can stop the spread of malware, a new study has found.
 

Downadup worm infection rate may have peaked

Dan Kaplan January 23, 2009

The spread of the pervasive Downadup worm appears to have reached its peak, but removal remains a concern.
 

No end in sight for massive Windows worm outbreak

Dan Kaplan January 16, 2009

The Downadup worm is the biggest corporate virus outbreak since Nimda, having infected some six million machines this week.
 

Microsoft lends removal help to fend off worm outbreak

Dan Kaplan January 14, 2009

Microsoft's latest update to its Software Removal Tool includes detection and removal capabilities for a fast-spreading worm, which infected an estimated one million computers in one day this week.
 

Patch Tuesday: Microsoft fixes SMB protocol flaw

Chuck Miller January 13, 2009

Microsoft on Tuesday issued a single "critical" security bulletin to address three vulnerabilities.
 

Light patch load to start year from Microsoft

Dan Kaplan January 08, 2009

After a December whopper, Microsoft plans to release one patch next week.
 

Microsoft warns of SQL Server vulnerability

Dan Kaplan December 23, 2008

Exploit code has been published for a new vulnerability in Microsoft SQL Server.
 

Microsoft says Vista, IE7 defenses can overcome poor code

Dan Kaplan December 19, 2008

The newest Microsoft operating system and web browser, when used in conjunction, can stem the latest Internet Explorer exploit.
 

Microsoft readies emergency fix for Internet Explorer bug

Dan Kaplan December 16, 2008

Microsoft announced on Tuesday that it will issue an emergency fix on Wednesday for a dangerous zero-day vulnerability in Internet Explorer.
 

Internet Explorer zero-day infection rates grow

Dan Kaplan December 15, 2008

Attacks exploiting an unpatched vulnerability in Internet Explorer spread quickly over the weekend, according to Microsoft.
 

Microsoft's holiday present: Eight patches, 28 vulnerabilities

Dan Kaplan December 09, 2008

Microsoft has closed out the year with a mammoth security update -- fixing 28 vulnerabilities, many of them Office and web flaws.
 

Eight Microsoft fixes planned for Patch Tuesday

Dan Kaplan December 04, 2008

Microsoft expects to push out eight patches next week, six to plug "critical" vulnerabilities.
 

Microsoft doles out two patches for four flaws

Dan Kaplan November 11, 2008

Microsoft on Tuesday shipped two patches to shore up four vulnerabilities.
 

Microsoft preps two patches for Tuesday

Dan Kaplan November 06, 2008

Security administrators may get a respite on Tuesday, with Microsoft planning to release only two patches, one deemed "critical."
 

Latest News

« Previous
Next »
Popular Topics
Analyst Reports & Industry Surveys Anti Spam Anti Virus Application Security Breaches & Exposures Browser Flaws Browsers And Security CAN-SPAM Act Compliance Data Loss Prevention Data Theft Security DDoS Endpoint Protection External Threats Facebook Government Industry Surveys Lawbreakers & Cybercrime Malware Privacy Social Networks Spam Spam Techniques Trojans Vulnerabilities & Flaws