Patch
Mozilla pushes out new Firefox and Thunderbird: 8 security advisories, 3 critical fixes
Not to be outdone by Microsoft and Adobe's Patch Tuesday releases, Mozilla pushed out its latest browser and email client updates today.
There are no bated-breath patches for in-the-wild exploits, but 3 of the 8 security fixes are deemed "critical".
Oracle and Apple ship critical Java updates - get yours today!
The security-beleaguered Java ecosystem usually gets updates just once every four months, in February, June and October.
But this year, Oracle has adapted that schedule a number of times, and this is one of them...
Firefox 20 arrives - new version, some security improvements, no known vices
Firefox 20.0 was released today.
The buglist page enumerates 3054 official changes, with eleven patched vulnerabilities, three at "Critical" level.
Paul Ducklin takes a quick look...
Microsoft Patch Tuesday - seven bulletins, four critical, three RCEs, and even a fix for Macs
Microsoft's March 2013 Patch Tuesday is out.
There are seven bulletins this month, dealing with twenty documented vulnerabilities.
Paul Ducklin helps you choose where to start...
Firefox and Chrome patched ALREADY after Pwn2own - now the pressure is on for IE and Microsoft!
Mozilla and Google have already pushed out patches to stop the exploits that got past their browsers at this year's PWN2OWN competition!
That certainly throws down the gauntlet to Microsoft, whose Internet Explorer 10 browser was also successfully breached in the competition.
Oracle ships out-of-band Java fix, Apple follows suit
Oracle recently published an emergency update for Java, and Apple quickly followed suit for the version of Java it still officially supports.
Paul Ducklin tries to guess where Oracle's Java patch cycle will end up...
Apple bans outdated Adobe Flash plugins from Safari
Last week, Apple showed that it is getting more serious about security by getting strict about the version of Flash you're allowed to use in Safari.
Paul Ducklin explains the what and the why...
Adobe tells users to update Flash Player for the third time this month
Adobe tells computer users to protect themselves against "targeted attacks" that are being "exploited in the wild".
And that means patching Adobe Flash. Again.
That was quick! Adobe's emergency patch for Reader and Acrobat is here...
Adobe has released the emergency update for Reader and Acrobat that it promised late last week.
You may as well take advantage of Adobe's new-found velocity and get busy patching!
Apple patches the Java hole its own developers fell into - eventually
Shortly after admitting that its own techies got infected thanks to a Java hole, Apple has pushed out a Java update for the rest of us.
Apple, with this most recent update, seems to have washed its hands permanently of browser-based Java. Paul Ducklin explains...
Oracle on Java - we *will* have Patch Tuesday on 19 Feb 2013 after all
Oracle brought forward its February Patch Tuesday to provide an accelerated fix for some in-the-wild exploits.
But that meant leaving other less vital stuff out, so the pre-empted Patch Tuesday will happen after all, on 19 Feb 2013. Be there!
VMWare security hole - it sounds like you need the patch, even if it's not clear why
VMWare just announced a patch for a security hole in its virtual machine software.
It sounds as though guests might be able to tweak their hosts without authorisation, or vice versa, so you probably want to patch now and ask your questions later.
Monday review - the hot 27 stories of the week
Just in case you missed any of our stories last week, here's a little recap.
Adobe patches Flash - heads off in-the-wild attacks against Windows and Apple users
It's not Tuesday...
Nevertheless, Adobe's Flash Player has been upgraded to patch against two in-the-wild exploits against Windows and Apple users.
Another Java update! Oracle brings Patch Tuesday forward to close in-the-wild hole...
"Yet another Java update! Get it while it's hot."
This update was planned for 19 Feb 2013.
But Oracle brought it forward, citing the "active exploitation 'in the wild' of one of the vulnerabilities affecting...desktop browsers".
Memories of the Slammer worm - ten years later
Ten years ago to the day, we published an FAQ about a computer worm called Slammer.
It was aptly named. If you were in IT back in 2003, I'm sure you remember it well...
Microsoft to release an emergency security patch for Internet Explorer zero day flaw
Microsoft will be releasing an out-of-band patch for the recently-disclosed zero-day hole in Internet Explorer.
Find out if you need the patch, and start getting ready now. This one really is critical.
Oracle releases patch for latest Java hole - update now!
Oracle has been on the ball and has already come out with a patch for the latest Java security hole.
Java 7 Update 11 fixes both CVE-2013-0422 and a second vulnerability. Find out more...
Patch Tuesday - even Android and Windows RT get a look in
This month's Patch Tuesday includes bulletins from both Microsoft and Adobe, and covers a range of platforms and products.
There are updates in the mix for everything from Android to Windows RT, and from the Word Viewer to Exchange.
Firefox 17 arrives - 2365 bugs zapped, OS X Leopard left behind
Firefox 17.0 is out.
The new version fixes an officially-listed 2365 bugs and covers six critical advisories. It also drops support for OS X Leopard and earlier.
![Have your say - LulzSec: helpful, harmless or hideous? [VOTE NOW]](http://sophosnews.files.wordpress.com/2013/05/lulzsec-poll-thumb.jpg?w=75&h=75&crop=1)
![Password security infomerical leaves Ellen DeGeneres in disbelief.. and it will you too [VIDEO]](http://sophosnews.files.wordpress.com/2013/04/ellen-thumb.jpg?w=75&h=75&crop=1)
![Can multiple moving cursors really hide your password from spyware and peepers? [VIDEO]](http://sophosnews.files.wordpress.com/2013/03/cursors-thumb.jpg?w=75&h=75&crop=1)
![Hacked TV channels broadcast zombie apocalypse emergency alert [VIDEO]](http://sophosnews.files.wordpress.com/2013/02/zombie-thumb.jpg?w=75&h=75&crop=1)
