Patch

(get it in RSS or Atom)

D-Link router user? Keep your ears and eyes open for the next firmware fixes!

A critical bug that leaves various D-Link routers wide open has apparently been patched...

...except that the patches need patches.

Watch out!

If the "Deep Web" becomes searchable, is it still deep? 60 Sec Security [VIDEO]

Watch the latest episode of our only-takes-a-minute security roundup video!

This week: From old crypto bugs to the latest Windows security holes...

Update Tuesday, April 2015 - Urgent action needed over Microsoft HTTP bug

We don't usually focus on one vulnerability and say, "Do that first." But this month, we're willing to make an exception.

The Microsoft HTTP stack has a bug that could let attackers straight in with a simple HTTP request...

What a lot of patches! 60 Sec Security [VIDEO]

Watch the latest episode of our weekly fun-but-serious security news video.

It only takes a minute!

What's that screenshot doing on Facebook? 60 Sec Security [VIDEO]

\

Facebook, ransomware and updates to updates - all in 60 seconds!

Our weekly video for 21 March 2015...

Apple issues update to recent OS X update

Looks like Apple's OS X security update from early March 2015 is in need of an update.

Security Update 2015-002 has now been augmented by re-issued bug fixes in 2015-003.

Apple fixes FREAK in iOS, OS X and Apple TV - and numerous other holes besides

Apple's latest security fixes are out.

The FREAK bug is now fixed, but so are numerous other holes worth patching in their own right.

Microsoft pulls PowerPoint-killing patch KB2920732

Safety pins. Image courtesy of Shutterstock.

The latest in a series of Microsoft patch failures rendered PowerPoint inoperable on devices running Windows RT.

Update Tuesday wrap-up, February 2015 - don't let JASBUG distract you

Be careful!

The JASBUG vulnerability in Windows is grabbing the headlines, but there are other bugs this month that could hit you harder.

Paul Ducklin explains...

The GHOST in the machine - 60 Sec Security [VIDEO]

\

Here's our weekly one-minute security video.

Sending spam, cracking the Blackphone and the GHOST in the machine. Enjoy...

SSCC 183 - It's Data Privacy Day! Do something! [PODCAST]

From Apple's latest OS X and iOS updates to Data Privacy Day - listen, learn and enjoy!

Adobe gets second Flash zero-day patch ready 2 days early!

Good news from Adobe about CVE-2015-0311, the unpatched zero-day in Flash.

The patch is now ready via auto-update - 2 days early!

Big bag of fixes: Oracle's Critical Patches for Jan 2015 close 160 holes, 93 remotely exploitable

oracle-250

Big bag of fixes!

Oracle's Critical Patches for Jan 2015 fix 160 holes in 48 products, with 93 of those vulnerabilities remotely exploitable.

Google flushes 61% of Android users down the security toilet

Apparently, pre-KitKat Androids, which currently account for 61% of devices out there, will no longer get web browser security fixes.

You are welcome to send in vulnerabilities, but you'd better send a patch at the same time...

Microsoft swings punch at Google - accuses Project Zero of a "Gotcha!"

Two days! Two measly days!

Google is back in the firing line, this time directly from Microsoft, over its "Project Zero" full-disclosure process...

"Dear Facebook, I DEMAND that you ignore my demands" - 60 Sec Security [VIDEO]

Our weekly security news video, for your viewing pleasure.

Fun with a serious side, in just one minute...watch now!

Microsoft pulls Patch Tuesday fix - "Outlook can't connect to Exchange"

ehlo-250

Part of Patch Tuesday is now only partly available as Microsoft recalls its already-delayed Exchange 2010 update.

Paul Ducklin takes a look...

Patch Tuesday wrap-up, December 2014 - why "Important" can be Critical...

Adobe and Microsoft put forth their respective Patch Tuesday updates this week, bringing you their last scheduled patches of 2014.

Paul Ducklin digs in...

SSCC 175 - "My, what an ENORMOUS malware infection you have!" [PODCAST]

Here's the latest episode of our weekly security podcast.

For your listening pleasure - the news you can use!

WordPress issues critical security fixes, closing remote anonymous compromise bug and more

wp-250

WordPress has just published a critical security release.

If you're still on WordPress 3, this is about as critical as it gets, because one of the fixes closes a "remote anonymous compromise" bug.