Adobe has just updated its Flash product for the second time this month, pushing out an emergency patch for an attack that has been seen in the wild.
Did you really think XP would go patch-free? Is Flappy Bird really dead? Did you really use the same password on more than one site?
60 Sec Security - 15 Feb 2014
Here's a quick run-down of what you'll face in the February 2014 Patch Tuesday update from Microsoft, which comes out tomorrow.
In January 2014, Patch Tuesday coincides for Oracle, Adobe and Microsoft.
Here's what you'll be up against in the opening fixture of the 2014 Patching Season...
This month really is an omnibus update: all platforms are affected, from XP to 8.1 and from Server 2003 to 2012, including stripped-down Server Core installs.
It looks as though the NDPROXY.SYS kernel bug in XP might be fixed, but, then again, it might not...
Microsoft has gone public to warn about a zero-day vulnerability in the Windows XP kernel.
Full details are still to be released, as it isn't patched yet, but here's what we know so far...
Potential remote code execution bugs in OpenSSH, probably the most widely-used remote access security system on the internet, are the stuff of nightmares for system administrators.
Paul Ducklin takes a look at the bug and the patch...
Apple's OS X 10.9, better known as Mavericks, is officially out.
The burning question for OS X fans everywhere, of course, is, "Should I or shouldn't I?"
Make sense of vulnerability jargon by listening to this 15 minute podcast...
With recent updates from Microsoft (three times), Adobe, Oracle, Apple and Firefox, the timing could scarcely be better.
Naked Security reader Haemish Edgerton just gave us a very polite but effective scolding for neglecting to mention the Adobe fixes that came out on Tuesday.
Point taken, so here's a table of what Adobe updated, and how to see what versions you should now be on.
One of Microsoft's 14 promised patches for September failed to materialise.
There's still plenty left over, though: IE gets a jumbo fix, as usual; SharePoint, FrontPage, Excel, Access, Outook and more get vital updates, too.
The biggie this month is a "spare no versions" Internet Explorer update.
From IE 6 on Windows XP to IE 10 on Windows 8, this one hits the Patch Trifecta: critical, remote code execution, requires reboot.
Oracle's latest Patch Tuesday has come and gone, with the database-and-more behmoth putting out patches for 89 vulnerabilities.
This is the last time that Java and the rest of Oracle's product set will get scheduled updates separately...
Six out of Microsoft's seven pre-announced Patch Tuesday updates are deemed critical.
Even Server Core 2012 will need patching and rebooting...
Apple has released its latest Security Update for OS X.
Update 2013-003 fixes a trifecta of buffer overflow vulnerabilities in QuickTime.
Paul Ducklin sees what we can learn from the bugs...
There's a Java update coming next Tuesday, 18 June 2013, and you might as well get ready for it now if you haven't already.
Oracle has fixed 40 holes, all but three of them remotely exploitable.
Apple has published updates for all supported versions of OS X and for Safari version 6.
A largish number of remote code execution vulnerabilities have been patched, so these aren't just cosmetic fixes.
Not to be outdone by Microsoft and Adobe's Patch Tuesday releases, Mozilla pushed out its latest browser and email client updates today.
There are no bated-breath patches for in-the-wild exploits, but 3 of the 8 security fixes are deemed "critical".