Oracle's quarterly Patch Tuesday updates are out.
Java gets 37 fixes, 35 of them what Oracle calls "Remote Exploit without Authentication".
The silver lining? No Heartbleed bug in Java Standard Edition...
The date's been in our diaries since 2007.
But even with seven years to prepare for it, you'll be forgiven for approaching the April 2014 Patch Tuesday with a bit of a lump in your throat.
How long did Apple leave holes in Safari? What punishment can a convicted support call scammer expect? And what happens when a liquor store springs a leak?
Find out in 60 Second Security. the security news video that only takes a minute...
In all the excitement over the End of Windows XP and next Tuesday's Ultimate Update...
...we sort of forgot to write about Apple.
Here's the scoop on the lates OS X Safari browser update, patching 27 vulnerabilities.
What should you do about the latest Word zero-day? What does Mr Rockefeller think of SnapChat? And is that MS-DOS I see before me?
Watch 60 Sec Security for 29 March 2014, and find out!
How bad is the latest Microsoft Word 0-day? Does OS X really need patching less often than Windows? What does Gmail's move to HTTPS-only really mean? And if WhatsApp has privacy coded into its DNA, is it coded into its app, too?
Chet and Duck get stuck in...
Booby-trapped RTF files have been found in the wild, exploiting a zero-day hole in Microsoft Word.
Microsoft has issued an alert.
Paul Ducklin gives you four tips for long-term safety against this sort of attack...
Firefox 28.0 was released on 18 March 2014, just five days after four exploitable bugs in the browser were disclosed at the PWN2OWN competition.
Paul Ducklin looks at what was fixed...
Here are the PWN2OWN results from Day Two, and an overview of the final payouts.
Chrome and Safari didn't get picked for Day One, but both of them were pwned on Day Two - twice for Chrome and once for Safari....
PWN2OWN Day One results are in!
The target that sounded easiest - Oracle Java, with prize money less than a third of the supposedly much tougher IE 11 - was the only one left standing at the end of the first half...
SophosLabs expert Gabor Szappanos has written a highly-recommended report entitled "Advanced Persistent Threats - the new normal?"
Szappi explains how exploits once seen only in APTs are appearing ever more widely in money-making malware, and why that puts us all at ever greater risk.
Microsoft's Patch Tuesday for March 2014, the second-to-last scheduled patch that Windows XP users are ever going to see, will fix critical holes in all versions of Windows.
OK, not quite all: Server Core installations will receive updates, but not critical ones.
XP is counting down - are you ready? Would you pay the CryptoLocker crooks? And should you use Full Disk Encryption?
Find out in just a minute...watch 60 Sec Security for 08 March 2014!
Chester ducks out of booth duties at the RSA 2014 conference in San Francisco to bring you this week's Chet Chat.
From Apple's SSL bug to Adobe's second-in-a-month emergency Flash update, Chet and Duck once again help you to learn from others' mistakes.
Another Flash emergency already? More SEA hacking? Why have the password "changeme" if you don't? How big a fine for a 20,000,000 record breach?
It'll only take you a minute to find out!
Adobe has just updated its Flash product for the second time this month, pushing out an emergency patch for an attack that has been seen in the wild.
Did you really think XP would go patch-free? Is Flappy Bird really dead? Did you really use the same password on more than one site?
60 Sec Security - 15 Feb 2014
Here's a quick run-down of what you'll face in the February 2014 Patch Tuesday update from Microsoft, which comes out tomorrow.
Where do you find Extreme Spammers? Can you find the exploit unicorn? And how did Target get breached?
Find out in 60 Sec Security for 08 Feb 2014...
Paul Ducklin looks into a malware writer's poisoned-image trick that tells an interesting (and, though it hurts to say it, an amusing) story of subterfuge and guile...