Patch

(get it in RSS or Atom)

Microsoft pulls PowerPoint-killing patch KB2920732

Safety pins. Image courtesy of Shutterstock.

The latest in a series of Microsoft patch failures rendered PowerPoint inoperable on devices running Windows RT.

Update Tuesday wrap-up, February 2015 - don't let JASBUG distract you

patch-tuesday-denim-250

Be careful!

The JASBUG vulnerability in Windows is grabbing the headlines, but there are other bugs this month that could hit you harder.

Paul Ducklin explains...

The GHOST in the machine - 60 Sec Security [VIDEO]

60ss-video-250

Here's our weekly one-minute security video.

Sending spam, cracking the Blackphone and the GHOST in the machine. Enjoy...

SSCC 183 - It's Data Privacy Day! Do something! [PODCAST]

chet-chat-logo-featured-250

From Apple's latest OS X and iOS updates to Data Privacy Day - listen, learn and enjoy!

Adobe gets second Flash zero-day patch ready 2 days early!

Good news from Adobe about CVE-2015-0311, the unpatched zero-day in Flash.

The patch is now ready via auto-update - 2 days early!

Big bag of fixes: Oracle's Critical Patches for Jan 2015 close 160 holes, 93 remotely exploitable

oracle-250

Big bag of fixes!

Oracle's Critical Patches for Jan 2015 fix 160 holes in 48 products, with 93 of those vulnerabilities remotely exploitable.

Google flushes 61% of Android users down the security toilet

Apparently, pre-KitKat Androids, which currently account for 61% of devices out there, will no longer get web browser security fixes.

You are welcome to send in vulnerabilities, but you'd better send a patch at the same time...

Microsoft swings punch at Google - accuses Project Zero of a "Gotcha!"

Two days! Two measly days!

Google is back in the firing line, this time directly from Microsoft, over its "Project Zero" full-disclosure process...

"Dear Facebook, I DEMAND that you ignore my demands" - 60 Sec Security [VIDEO]

Our weekly security news video, for your viewing pleasure.

Fun with a serious side, in just one minute...watch now!

Microsoft pulls Patch Tuesday fix - "Outlook can't connect to Exchange"

ehlo-250

Part of Patch Tuesday is now only partly available as Microsoft recalls its already-delayed Exchange 2010 update.

Paul Ducklin takes a look...

Patch Tuesday wrap-up, December 2014 - why "Important" can be Critical...

patch-tuesday-denim-250

Adobe and Microsoft put forth their respective Patch Tuesday updates this week, bringing you their last scheduled patches of 2014.

Paul Ducklin digs in...

SSCC 175 - "My, what an ENORMOUS malware infection you have!" [PODCAST]

Here's the latest episode of our weekly security podcast.

For your listening pleasure - the news you can use!

WordPress issues critical security fixes, closing remote anonymous compromise bug and more

wp-250

WordPress has just published a critical security release.

If you're still on WordPress 3, this is about as critical as it gets, because one of the fixes closes a "remote anonymous compromise" bug.

"That's not a hack..." - 60 Sec Security [VIDEO]

Here's our latest 60 Second Security video.

One week of news in one amusingly informative minute...

Microsoft "tops up" Patch Tuesday, issues delayed fix for zero-day hole in logon security

Microsoft has issued a "top up" security bulletin for a fix that didn't quite make it into the November 2014 Patch Tuesday.

The vulnerability can be used to turn any user into a domain administrator, and it's been exploited in the wild...

Apple ships OS X 10.10.1 - does it fix those Wi-Fi problems?

yos-wifi-250

Reader: "So Paul, has Yosemite 10.10.1 fixed the Wi-Fi problems?"

Duck: "The answer is..."

Find out, as they say, inside.

Millions of Drupal websites at risk from failure to patch

Millions of Drupal websites at risk from failure to patch

You should assume that your Drupal 7 website has been compromised if you didn't patch it within 7 hours of the release of Drupal 7.32 on 15 October 2014.

SSCC 171 - Are you SURE that "1234" is a bad password? [PODCAST]

Here's the latest Chet Chat podcast for your listening pleasure...

Enjoy.

Apple kills the POODLE – also fixes Shellshock in case you forgot

poosdle-osx-250

Apple just shipped OS X 10.10 Yosemite - including a fix for the POODLE vulnerability.

Mavericks and Mountain Lion also got updates to kill the POODLE.

As for Lion, now three releases off the pace...bad news.

SSCC 167 - Avoiding the shock of Shellshock (and more!) [PODCAST]

Here's the latest episode of our weekly Chet Chat podcast!

Shellshock leads the list, of course, but Snapchat, cybersecurity awareness and the iPhone 6 all get a look in too...