Adobe's Patch Tuesday fixes are out.
This is business as usual, promised long in advance and expected toay, so there isn't anything in it related to the company's recent network intrusion woes. (We hope!)
Microsoft's Tenth Anniversary Patch Tuesday is out, and, yes, Redmond's security gurus did patch against the recent Internet Explorer zero-day that is being exploited in the wild!
There are seven other fixes as well - Paul Ducklin has the details.
News has surfaced that the criminals behind the Blackhole exploit kit have been arrested.
Now, everyone wants to know, "Will the arrest have any effect on the prevalence of the threat?"
Fraser Howard of SophosLabs looks at the data...
A wild ride this week, with Patch Tuesday turning 10, Adobe "going open source" by losing 40GB of code, and Silk Road operator Dread Pirate Roberts getting locked in the brig.
Chet and Duck turn their amusing but insightful attention to the latest security stories...
This month's Patch Tuesday will be the tenth anniversary of Microsoft's regular security bulletins.
Paul Ducklin takes you through what's in store...
Make sense of vulnerability jargon by listening to this 15 minute podcast...
With recent updates from Microsoft (three times), Adobe, Oracle, Apple and Firefox, the timing could scarcely be better.
Mega-popular blogging and content management system WordPress has just put out version 3.6.1.
This includes a patch for a remote code execution hole, so you are advised to update ASAP.
Naked Security reader Haemish Edgerton just gave us a very polite but effective scolding for neglecting to mention the Adobe fixes that came out on Tuesday.
Point taken, so here's a table of what Adobe updated, and how to see what versions you should now be on.
Here you are! Episode #116 of the Sophos Security Chet Chat.
News, opinion, advice and research: Chet and Duck bring you their unique and entertaining combination of all four in their regular podcast.
Six months ago, we wrote about a risky bug in the sudo command, the Unix equivalent of Run As... on Windows.
The vulnerability is still unpatched on OS X, and now there's a Metasploit exploit pack to take advantage of the hole.
It's that time of the month again, with Microsoft Patch Tuesday just 24 hours away.
Paul Ducklin presents this month's eight bulletins in seven handy bullet points...
Researchers at SophosLabs have come across samples of Android malware exploiting the so-called "Master Key" vulnerability.
Paul Ducklin investigates and explains...
Note to Firefox fans: 23.0 is out.
Paul Ducklin, a Firefox fan himself, looks at the many new fixes, one handy new security feature and a nagging frustration in the update...
Mobile security researcher Karsten Nohl says he'll explain at the BlackHat conference how he can remotely "own" mobile phones with a single text message.
Paul Ducklin looks at what Nohl has said so far, and ponders how hard this might be to sort out...
Oracle's latest Patch Tuesday has come and gone, with the database-and-more behmoth putting out patches for 89 vulnerabilities.
This is the last time that Java and the rest of Oracle's product set will get scheduled updates separately...
Hot on the heels of the so-called "master key" bug in Android comes what Chinese Android researchers are calling "a similar vulnerability."
They've definitely found a bug, and an another embarrassing one for Google's coders, too...
Six out of Microsoft's seven pre-announced Patch Tuesday updates are deemed critical.
Even Server Core 2012 will need patching and rebooting...
Apple has released its latest Security Update for OS X.
Update 2013-003 fixes a trifecta of buffer overflow vulnerabilities in QuickTime.
Paul Ducklin sees what we can learn from the bugs...
As usual, there's a handy mixture of important-sounding security fixes and some interesting new features.
No yet-known vices, so why not ensure you've got the update right away?