Five updates from Microsoft, with two of them critical, including an APB for Internet Explorer users.
One important from Adobe, making that three Flash fixes in just over a month.
Don't delay. Patch today!
February's patch roundup sees seven patches from Microsoft and one from Adobe. All supported versions of Windows are impacted, be sure to update as soon as possible.
It's called PWN2OWN because if you successfully pwn, or hack into, the competition laptop, you own it *literally* - you get to take it home with you.
But there's also $645,000 in cash up for grabs, including a Grand Prize for finding, wait for it, an "exploit unicorn"...
This month really is an omnibus update: all platforms are affected, from XP to 8.1 and from Server 2003 to 2012, including stripped-down Server Core installs.
It looks as though the NDPROXY.SYS kernel bug in XP might be fixed, but, then again, it might not...
Part Two of our examination of an IE exploit.
This is a great read if you want to get a feeling for how cybercrooks think. (Don't worry if you aren't technical: it's clear and jargon-free.)
The latest IE zero-day explained.
This is a great read if you want to get a feeling for how cybercrooks think.
(Don't worry if you aren't technical: we've kept the code and jargon to a minimum.)
This month's Patch Tuesday will be the tenth anniversary of Microsoft's regular security bulletins.
Paul Ducklin takes you through what's in store...
How do you copy fingerprints? Which is the most trustworthy browser? Who will use Facebook for payments? How long does an email address live?
Satisfy your curiosity with this week's 60 Second Security!
About a month ago I asked Naked Security readers: Which web browser do you trust? Your answer was emphatic: it's Firefox, and it accrued almost twice the number of votes of its nearest rival, Google Chrome.
Microsoft has published an out of band security advisory for users of Internet Explorer to warn about a new zero-day attack being used in the wild. IE users are advised to use Microsoft's Fix it or EMET tool to protect against exploitation until a permanent fix is released.
The biggie this month is a "spare no versions" Internet Explorer update.
From IE 6 on Windows XP to IE 10 on Windows 8, this one hits the Patch Trifecta: critical, remote code execution, requires reboot.
We no longer choose our web browsers based on bells and whistles. These days its all about privacy and security and we'd like to know which browser (and which vendor) you trust to be your companion on the web.
Patch Tuesday for August 2013 includes three critical fixes and five important ones. The focus for this month is certainly the Internet Explorer cumulative patch which fixes 11 vulnerabilities and all versions, including 11 beta.
It's that time of the month again, with Microsoft Patch Tuesday just 24 hours away.
Paul Ducklin presents this month's eight bulletins in seven handy bullet points...
So far, so good with the new program, says Microsoft security expert Katie Moussouris. They're getting more bugs earlier and hearing from researchers who've never rung them before.
Microsoft fixed 34 vulnerabilities in products ranging from Windows, Internet Explorer and .NET to Lync, Visual Studio and Silverlight. Not to be left behind, Adobe launched fixes for Flash, Shockwave and Cold Fusion. Settle into your air-conditioned server rooms and start testing!
An Italian security researcher has rediscovered a trick known as "user interface redressing" and used it to detail some potentially risky behaviour in IE 8.
Paul Ducklin takes a look to see just how dangerous keyjacking can be...
Patch Tuesday is coming on 11 June 2013.
Paul Ducklin gives you a quick preview of what we know so far, and who'll be affected by the updates...
(Mac users, that might include you.)
Are you an IT administrator still caring for Windows XP computers that are running Internet Explorer?
Google's latest announcement brings another good reason to upgrade your systems or switch to an alternative browser.