Items tagged with Patch Tuesday
Windows is more secure today than it was at the beginning of the week. That is how it typically goes after the second Tuesday of each month, otherwise known as Patch Tuesday, when Microsoft doles out a collection of security updates and fixes. This particular Patch Tuesday saw Microsoft dish out 54 bug fixes, including 17 deemed Critical. As far as Patch Tuesday collections go, this one is about average, both in the overall number of fixes and those that are Critical. Of those that fell into the latter category, 15 of them addressed issues with Edge and Internet Explorer, along with technologies...
Read more...
Every second Tuesday of every month Microsoft releases a batch of security updates to keep Windows and its core services in tiptop shape. Dubbed Patch Tuesday, yesterday's release for October was a pretty big one in the grand scheme of things (though not as big as the one this past June), containing fixes for dozens vulnerabilities, among them an "important" zero-day flaw in Microsoft Office that hackers have already exploited. The issue in Office relates to memory corruption and affects all supported versions of the productivity suite. By exploiting the security hole, an attacker could send a...
Read more...
Microsoft is treating its next Patch Tuesday like a level in Serious Sam where it emerges with guns blazing. Only in this case, instead of taking out extraterrestrials who are intent on destroying all of humanity, Microsoft's mission is to neutralize more bugs than ever before. More specifically, the Patch Tuesday for June will address a record 94 vulnerabilities across multiple versions of Windows. One thing we have seen from Microsoft lately are patches for Windows XP even though it's officially a defunct operating system (at least for consumers). We saw this with the WannaCry ransomware outbreak...
Read more...
If you (or your business) for some reason are still running the initial release of the Windows 10 operating system, you might want to think about upgrading to a newer build. Windows 10 was originally launched during the summer of 2015 with version 1507. Since that time, Microsoft has introduced a number of updates including last summer’s Anniversary Update, and the Creators Update which landed last month. Given that Windows 10 v1507 is nearly two years old, Microsoft is reminding users to either upgrade or face exile from future security updates. According to Microsoft, the initial Windows 10 release...
Read more...
If you’ve been following news coming out of Redmond, Washington this week, something rather unprecedented took place. Microsoft’s regularly-scheduled Patch Tuesday, which includes the usual collection of security fixes and updates, didn’t take place on Valentine’s Day. Instead, Microsoft provided the following statement via its TechNet website: Our top priority is to provide the best possible experience for customers in maintaining and protecting their systems. This month, we discovered a last minute issue that could impact some customers and was not resolved in time for our planned updates today. After...
Read more...
What's that in the air? Could it be the smell of egg nog and pine? Nope, it's Microsoft Patch Tuesday, of course! This month's rollout is rather large and notable for a number of reasons. However, what matters most is that if you're not up-to-date yet, you'll want to take a little trip to the Windows Update section and take care of business. Speaking of business, the advice to update is imperative for those managing user PCs in the enterprise, as this rollout of patches includes a fix for a huge bug Google disclosed one week ago. This bug, called CVE-2016-7255, is a local privilege escalation flaw...
Read more...
Brace yourself, Patch Tuesday is coming. This time around, Microsoft released a total of eight security bulletins, three of which are rated Critical and the other five listed as Important. All combined, these eight security updates will patch up 24 Common Vulnerabilities and Exposures (CVEs) in Windows, Office, .NET Framework, .ASP, .NET, and Internet Explorer. Among the fixes is a patch for a vulnerability being exploited by the Sandworm Team, the name given to a group of Russian hackers who have been taking advantage of a particular zero-day security hole that's been shipping in all versions...
Read more...
IT admins take notice, you will no longer receive email notifications from Microsoft announcing Patch Tuesday security bulletins. This includes security bulletin advance notifications and summaries, as well as new security advisories and bulletins and major or minor revisions to security advisories and bulletins, Microsoft announced. This change pertains to anyone who opted into a mailing list that Microsoft set up a long while back to alert them to Patch Tuesday updates. "In lieu of email notifications, you can subscribe to one or more of the RSS feeds described on the Security TechCenter website,"...
Read more...
One could make an argument that Microsoft is the king of mixed messages. Just look at how the Redmond software giant has handled Windows XP over the years -- it was given several reprieves before finally being shunned for support, though it still received an out-of-cycle patch for Internet Explorer to address a serious zero-day bug. However, that was a one-time thing, and in a blog post regarding yesterday's Patch Tuesday roll out, Microsoft made it clear that XP is no longer supported. "For those wondering, Windows XP will not be receiving any security updates today. For some time we have been...
Read more...
We're coming up on the second Tuesday of the month, which is when Microsoft rolls out a collection of security updates for Windows and Internet Explorer. Otherwise known as "Patch Tuesday," the one that's coming up tomorrow will be relatively light compared to previous ones as it contains only five security bulletins, however two of them are deemed Critical and three Important, and several of them require a restart. The first Bulletin addresses a zero-day vulnerability affecting IE versions 9 and 10, along with other security fixes for IE versions 6 through 11. This one is deemed Critical because...
Read more...
The long awaited "Update 1" to Windows 8.1 is reportedly scheduled to arrive on the MSDN channel on April 2, 2014, and via Windows Update on April 8, which is Patch Tuesday. Perhaps not coincidentally, Windows 8.1 Update 1 rolls into town just as support for Windows XP is coming to an official close after more than 12 years.of service. Those dates come from Paul Thurrott, owner of Supersite for Windows, who posted the information on Twitter. While that doesn't qualify as being official -- it's not coming directly from Microsoft, in other words -- Thurrott is generally on top of such things. Based...
Read more...
Patch Tuesday is right around the corner (tomorrow, in fact), and in advance of its monthly update package, Microsoft is giving a heads up that this month's will contain three "Critical" patches and five labeled as "Important." A Critical rating is the most severe and indicates a vulnerability whose exploitation could allow code execution without user interaction. One of the Critical security bulletins covers all versions of Internet Explorer on every flavor of Windows. In other words, if you run Windows, you'll need to update (or should, anyway), and yes, this particular one will require a system...
Read more...
Heads-up, if you're running older versions of the Windows operating system, Microsoft Office or Microsoft Lync communication platform software. Microsoft released a security advisory noting that the TIFF (Tagged Image File Format) image handler in some of these older Microsoft software suites is subject to a vulnerability whereby "specially crafted TIFF images" could convince the user to open email messages, files or web content that could be used to exploit the host machine. Microsoft details the remote code execution vulnerability in security advisory 2896666 (evil, eh?) noting: "An attacker...
Read more...
Microsoft may need to take yet another mulligan on more Patch Tuesday updates that, for some, are causing more problems than they purport to fix. The latest round of updates were supposed to address 14 security flaws, though some users are complaining that certain patches are causing weird and frustrating problems. According to InfoWorld, at least five updates are causing issues. These include KB 2817630, KB 2810009, KB 2760411, KB 2760588, and KB 2760583. The first of those is not a security patch, but one that's intended to bring more functionality to Office 2013. However, some users are complaining...
Read more...
