(get it in RSS or Atom)

Microsoft's Patch Tuesday is out - and the answer is, "YES, they FIXED IT!"


Microsoft's Tenth Anniversary Patch Tuesday is out, and, yes, Redmond's security gurus did patch against the recent Internet Explorer zero-day that is being exploited in the wild!

There are seven other fixes as well - Paul Ducklin has the details.

Microsoft Patch Tuesday - get ready for a bumper Tenth Birthday edition!


This month's Patch Tuesday will be the tenth anniversary of Microsoft's regular security bulletins.

Paul Ducklin takes you through what's in store...

Microsoft releases latest Law Enforcement Requests Report - no Skype content handed over


Microsoft has published its second "Law Enforcement Requests Report", covering the first half of 2013.

John Hawes takes a look at what the numbers tell us...

Internet Explorer zero-day exploit prompts Microsoft to publish emergency Fix it

Microsoft releases fix for Internet Explorer security hole, full patch coming Friday

Microsoft has published an out of band security advisory for users of Internet Explorer to warn about a new zero-day attack being used in the wild. IE users are advised to use Microsoft's Fix it or EMET tool to protect against exploitation until a permanent fix is released.

Monday review - the hot 24 stories of the week

Monday review

Missed anything last week? Catch up with everything we talked about with our weekly roundup.

September Patch Tuesday is out - one update lost en route, 13 patches left, 8 RCE, 4 critical


One of Microsoft's 14 promised patches for September failed to materialise.

There's still plenty left over, though: IE gets a jumbo fix, as usual; SharePoint, FrontPage, Excel, Access, Outook and more get vital updates, too.

SSCC 116 - Google Authenticator, Apple bugs, Facebook data probes, WordPress phishing [PODCAST]


Here you are! Episode #116 of the Sophos Security Chet Chat.

News, opinion, advice and research: Chet and Duck bring you their unique and entertaining combination of all four in their regular podcast.

Windows Picture Passwords - are they really as "easily crackable" as everyone's saying?


Following a USENIX paper about the security of Windows Picture Passwords, you may have read that they are "easily crackable."

Paul Ducklin wondered about that, and tried to come up with a balanced view...

Monday review - the hot 17 stories of the week

Monday review

Get yourself up to date with everything we've written in the last seven days - it's weekly roundup time.

Get ready: Microsoft Patch Tuesday looms large with 14 patches and 8 remote code execution holes


The biggie this month is a "spare no versions" Internet Explorer update.

From IE 6 on Windows XP to IE 10 on Windows 8, this one hits the Patch Trifecta: critical, remote code execution, requires reboot.

Facebook privacy, Google security bug, Law Enforcement victories - 60 Sec Security [VIDEO]


Why did Facebook get into double trouble this week over privacy?

Find out the answer to this and more in just 60 seconds of entertaining and informative video!

Nokia is dead. Long live Nokia!


Microsoft is buying a large swathe of Nokia, and licensing much of the rest.

Naked Security gets a touch nostalgic...

Android randomness, Sniffer dustbins, Unpatch Wednesday, ATM skimming - 60 Sec Security [VIDEO]


How does a bug in Android put your Bitcoins at risk? Why did the City of London bin its bins? What was Unpatch Wednesday? What to do with a 3D printer after you've made your own gun?

Find out in 60 seconds!

Microsoft pulls critical Patch Tuesday fix for Exchange 2013


Microsoft has had to recall an update released yesterday for Exchange Server 2013. Nothing catastrophic, but a difficult balancing act for admins considering the fixed vulnerabilities were publicly disclosed.

Patch Tuesday for August 2013 - 3 critical, 5 important

Patch Tuesday

Patch Tuesday for August 2013 includes three critical fixes and five important ones. The focus for this month is certainly the Internet Explorer cumulative patch which fixes 11 vulnerabilities and all versions, including 11 beta.

Heads up for Patch Tuesday: 24 hours, 8 bulletins, 3 critical, everything needs a reboot


It's that time of the month again, with Microsoft Patch Tuesday just 24 hours away.

Paul Ducklin presents this month's eight bulletins in seven handy bullet points...

Monday review - the hot 15 stories of the week

Monday review

Missed anything last week? Catch up with everything we talked about with this handy weekly roundup.

Microsoft to pay first bug bounty for Internet Explorer hole

Microsoft to pay first bug bounty for IE hole

So far, so good with the new program, says Microsoft security expert Katie Moussouris. They're getting more bugs earlier and hearing from researchers who've never rung them before.

July 2013 Patch Tuesday - Windows, IE, Flash, Shockwave and ColdFusion

Patch Tuesday

Microsoft fixed 34 vulnerabilities in products ranging from Windows, Internet Explorer and .NET to Lync, Visual Studio and Silverlight. Not to be left behind, Adobe launched fixes for Flash, Shockwave and Cold Fusion. Settle into your air-conditioned server rooms and start testing!

Far-reaching fixes for Patch Tuesday - Server Core 2012, IE 10, Lync 2013 all in firing line


Six out of Microsoft's seven pre-announced Patch Tuesday updates are deemed critical.

Even Server Core 2012 will need patching and rebooting...