Windows

(get it in RSS or Atom)

The "JASBUG" Windows vulnerability - beyond the hype, what you need to know

jasbug-500

Struggling to understand the JASBUG flaw fixed by Microsoft in this month's Update Tuesday?

Paul Ducklin explains it clearly, with minimal jargon.

Update Tuesday wrap-up, February 2015 - don't let JASBUG distract you

Be careful!

The JASBUG vulnerability in Windows is grabbing the headlines, but there are other bugs this month that could hit you harder.

Paul Ducklin explains...

Internet Explorer has a Cross Site Scripting zero-day bug

ie11-250

Another day, another zero-day.

This time, it's Internet Explorer that is attracting the sort of publicity a browser doesn't want, with the public disclosure of an XSS bug.

SSCC 181 - The Security Duel: "Bug reports at 15 paces" [PODCAST]

Microsoft vs. Google - Google vs. Users - Hackers vs. US Army - the fight is on in the latest episode of our weekly security podcast!

Enjoy...

Update Tuesday wrap-up, January 2015 - See? We didn't use the word "Patch"!

Like fingers and thumbs, not all updates are patches, even if all patches are updates.

So, here's the skinny on Update Tuesday...including the security patches, of course.

Windows 7: Everything new is old again

Setting up parental controls on Windows 7

Hard to believe, but Microsoft Windows 7 is already halfway through its useful life. If we don't want to repeat the sins of Windows XP, it is time to plan our next move.

"Dear Facebook, I DEMAND that you ignore my demands" - 60 Sec Security [VIDEO]

Our weekly security news video, for your viewing pleasure.

Fun with a serious side, in just one minute...watch now!

Microsoft discontinues Advance Notification Service, but why?

Microsoft. Image from Shutterstock

Microsoft kicked off 2015 by discontinuing its Advance Notification Service which alerted IT professionals to fixes that would ship the following week, allowing time to prepare staff and systems.

SSCC 180 - Surely zero-days come from cybercrooks, not from Silicon Valley? [PODCAST]

Enjoy the first 2015 episode of our popular weekly security podcast.

In this episode: zero-day politics, leaky security features, Bitcoin news, and a shout out to our New Year #sophospuzzle winners!

Zero-day in Windows 8.1 disclosed by Google

ProjectZeroFullDisclosure

A new zero day vulnerability has been disclosed in Microsoft Windows 8.1. Who is behind releasing the attack code behind this flaw? Google.

From Facebook, through iPhones and Androids, to Macs - make the safest start to 2015!

Are you looking to turn over a new security leaf yourself in 2015, or trying to convince your friends and family to do so?

Here are some great places to start...

"Like fish and chips without the fish. Or the chips"... 60 Sec Security [VIDEO]

Here's the latest episode of our 60 Second Security video.

Enjoy the week's news in just one minute...

Microsoft pulls Patch Tuesday fix - "Outlook can't connect to Exchange"

ehlo-250

Part of Patch Tuesday is now only partly available as Microsoft recalls its already-delayed Exchange 2010 update.

Paul Ducklin takes a look...

12 Days competition: Day 2 - Microsoft waved goodbye to this fondly remembered ex-P

12d-d2-250

In April 2014 Microsoft said adieu to its stalwart OS but despite seven years of warnings some weren't ready to let it go.

Can you work out the answer to our question in Day 2 of our 12 Days of Christmas competition?

"That's not a hack..." - 60 Sec Security [VIDEO]

Here's our latest 60 Second Security video.

One week of news in one amusingly informative minute...

Microsoft "tops up" Patch Tuesday, issues delayed fix for zero-day hole in logon security

Microsoft has issued a "top up" security bulletin for a fix that didn't quite make it into the November 2014 Patch Tuesday.

The vulnerability can be used to turn any user into a domain administrator, and it's been exploited in the wild...

The worst password in the penitentiary - 60 Sec Security [VIDEO]

Here's this week's 60 Second Security video.

The latest news made educational and amusing...and it only takes a minute.

SSCC 173 - Lest we forget [PODCAST]

Here's the latest episode of our weekly "Chet Chat" security podast.

Chet and Duck take on the week's news in their inimitable way...enjoy!

Patch Tuesday wrap-up, November 2014: Microsoft joins the "security hole in HTTPS" club

Here's what you need to know about the November 2014 Patch Tuesday updates from Microsoft and Adobe...

SSCC 171 - Are you SURE that "1234" is a bad password? [PODCAST]

Here's the latest Chet Chat podcast for your listening pleasure...

Enjoy.