This month really is an omnibus update: all platforms are affected, from XP to 8.1 and from Server 2003 to 2012, including stripped-down Server Core installs.
It looks as though the NDPROXY.SYS kernel bug in XP might be fixed, but, then again, it might not...
Microsoft has gone public to warn about a zero-day vulnerability in the Windows XP kernel.
Full details are still to be released, as it isn't patched yet, but here's what we know so far...
Potential remote code execution bugs in OpenSSH, probably the most widely-used remote access security system on the internet, are the stuff of nightmares for system administrators.
Paul Ducklin takes a look at the bug and the patch...
Apple's OS X 10.9, better known as Mavericks, is officially out.
The burning question for OS X fans everywhere, of course, is, "Should I or shouldn't I?"
Make sense of vulnerability jargon by listening to this 15 minute podcast...
With recent updates from Microsoft (three times), Adobe, Oracle, Apple and Firefox, the timing could scarcely be better.
Naked Security reader Haemish Edgerton just gave us a very polite but effective scolding for neglecting to mention the Adobe fixes that came out on Tuesday.
Point taken, so here's a table of what Adobe updated, and how to see what versions you should now be on.
One of Microsoft's 14 promised patches for September failed to materialise.
There's still plenty left over, though: IE gets a jumbo fix, as usual; SharePoint, FrontPage, Excel, Access, Outook and more get vital updates, too.
The biggie this month is a "spare no versions" Internet Explorer update.
From IE 6 on Windows XP to IE 10 on Windows 8, this one hits the Patch Trifecta: critical, remote code execution, requires reboot.
Oracle's latest Patch Tuesday has come and gone, with the database-and-more behmoth putting out patches for 89 vulnerabilities.
This is the last time that Java and the rest of Oracle's product set will get scheduled updates separately...
Six out of Microsoft's seven pre-announced Patch Tuesday updates are deemed critical.
Even Server Core 2012 will need patching and rebooting...
Apple has released its latest Security Update for OS X.
Update 2013-003 fixes a trifecta of buffer overflow vulnerabilities in QuickTime.
Paul Ducklin sees what we can learn from the bugs...
There's a Java update coming next Tuesday, 18 June 2013, and you might as well get ready for it now if you haven't already.
Oracle has fixed 40 holes, all but three of them remotely exploitable.
Apple has published updates for all supported versions of OS X and for Safari version 6.
A largish number of remote code execution vulnerabilities have been patched, so these aren't just cosmetic fixes.
Not to be outdone by Microsoft and Adobe's Patch Tuesday releases, Mozilla pushed out its latest browser and email client updates today.
There are no bated-breath patches for in-the-wild exploits, but 3 of the 8 security fixes are deemed "critical".
The security-beleaguered Java ecosystem usually gets updates just once every four months, in February, June and October.
But this year, Oracle has adapted that schedule a number of times, and this is one of them...
Microsoft has issued its usual advance notification for the coming week's Patch Tuesday.
If you use Windows you're probably affected, and you'll probably need to reboot all your PCs and most of your servers...
Mega, the cloud storage service brought to you by Kim Dotcom, has released the first feedback on its bug bounty program.
It's only a week in, so the major prizes haven't been scooped yet...and Mega's saying they'll be safe for "a few billion billion years" yet.
Firefox 17.0 is out.
The new version fixes an officially-listed 2365 bugs and covers six critical advisories. It also drops support for OS X Leopard and earlier.