Microsoft has just released its monthly updates for May 2013. The zero-day IE flaw used on the Dept of Labor website was fixed, as well as an IE 10 hole used at PWN2OWN.
Critical fixes for Adobe Reader, Flash Player and ColdFusion also hit the streets today.
PWN2OWN 2013 finished off today.
A second scheduled attack on IE 10 didn't happen, so IE 10 didn't get owned again, but Flash and Reader fell once each, and Java was exploited for the fourth time in two days...
Of the Big Four browsers, only Apple's Safari has so far survived the onslaught of the browser-breakers at PWN2OWN 2013.
Java fell three times today; Adobe's Flash and Reader meet their attackers tomorrow...
Ironically, Microsoft is making sure that as soon as Internet Explorer 10 is ready on Windows 7, you're already ready to avoid it.
A sort-of "lesser of two evils" solution for change control conservatives.
Only six weeks to go until PWN2OWN 2013, where you can hack the Big Four browsers and the Big Three plugins, and win over half a million dollars.
But is it just about the money?
Paul Ducklin investigates...
Over the past five days, lots of you have used Naked Security to find out how to turn off Java in one of the five major browsers.
And that has given us browser statistics. There are too many variables to know what they tell us, but they do make a neat-looking graph!
An Internet Explorer vulnerability allows hackers to track mouse cursor movement anywhere on the screen, even if a given window is inactive, unfocused or minimised. It can also compromise the security of virtual keyboards and keypads, thereby thwarting their use against keyloggers.
Duck joins Chet to take on the latest security news.
As usual, they don't mince their words, so take a listen and enjoy a quarter-hour mix of news, opinion, advice and research..
Both Adobe and Microsoft published Patch Tuesday updates this week.
There are plenty of issues to be concerned about - so we've written up our recommendations to help you prioritise your own patching...
The upcoming releases of Internet Explorer 10, Firefox 14 and Chrome 21 are all fighting for our attention and using security as the reason why.
A critical Internet Explorer vulnerability, announced and patched by Microsoft in June's Patch Tuesday, is being exploited in the wild.
Find out how hackers bypass modern protections like DEP and ASLR - and if you haven't patched yet, do it now!
Gmail accounts targeted by 'state-sponsored attackers' using Internet Explorer zero-day vulnerability
Both Google and Microsoft have put out alerts about an unpatched, zero-day hole in Internet Explorer that is actively being exploited in the wild.
It's time to patch! Today is Patch Tuesday for June 2011, and it's a big one. Read on for the details and advice from SophosLabs.