Microsoft has just released its monthly updates for May 2013. The zero-day IE flaw used on the Dept of Labor website was fixed, as well as an IE 10 hole used at PWN2OWN.
Critical fixes for Adobe Reader, Flash Player and ColdFusion also hit the streets today.
A subdomain of the US Department of Labor's main website, running off a separate server - what's known colloquially as a microsite - was modified to serve up malware.
Paul Ducklin takes a quick look at the attack...
As expected Microsoft released seven important and two critical fixes for Windows, Internet Explorer and other Microsoft products. Adobe followed suite releasing fixes for ColdFusion, Flash and Shockwave. Patch now!
Patch Tuesday is bringing seven security fixes, with Microsoft deeming four of them "drop-everything-and-fix-this-now" critical in Windows, IE, Silverlight, Office and Microsoft Server.
Microsoft has released 12 patches covering 56 vulnerabilities as part of the February monthly "Patch Tuesday" update. Five of these patches are rated critical and code allow criminals to drive-by install malware onto Windows systems.
Patch Tuesday is approaching, and for users of Microsoft's software it's going to be a monster.
Make sure that you patch Internet Explorer as soon as possible.
Only six weeks to go until PWN2OWN 2013, where you can hack the Big Four browsers and the Big Three plugins, and win over half a million dollars.
But is it just about the money?
Paul Ducklin investigates...
Microsoft has released an advisory on a new zero day attack against users of Internet Explorer. While a Fixit is available it may be best to avoid using IE for awhile.
An Internet Explorer vulnerability allows hackers to track mouse cursor movement anywhere on the screen, even if a given window is inactive, unfocused or minimised. It can also compromise the security of virtual keyboards and keypads, thereby thwarting their use against keyloggers.
There are plenty of people who love to hate Microsoft Internet Explorer.
But does it really suck less than it used to?
Microsoft has reminded Internet Explorer users of the importance of keeping their browser updated against security threats.
Adobe released an important update for its software on Monday, fixing 25 security holes. The updates affect Flash running on Windows, Apple Mac and Linux systems.
In addition, Adobe AIR users on Windows, Mac OS X, Android and iOS are also advised to install an update.
As someone looking after IT for your company, how do you react to reports of vulnerabilites like those seen recently in Java and Internet Explorer?
The same team of Polish researchers who discovered a critical security hole in Oracle’s Java software say that they uncovered another such hole, which could be used to bypass the secure application “sandbox” on most recent versions of Java.
Microsoft has released an out-of-cycle security update to protect Internet Explorer users against a vulnerability that was being exploited by malicious hackers.
Microsoft has issued a simple Fix It tool to fix the zero day security vulnerability in Internet Explorer that has been causing headlines this week.
Experts at SophosLabs have raised their threat level to "High" in response to an as-yet unpatched security vulnerability in Internet Explorer.
The German government is clearly taking the latest critical security problem in Internet Explorer seriously, publicly urging all users to stop browsing the web with the Microsoft product until a patch is available.