update

(get it in RSS or Atom)

SSCC 203 - What's the worst sort of service to have a password breach? [PODCAST]

Join Sophos security experts John Shier and Paul Ducklin as they dig into the latest security news in our regular "Chet Chat" podcast.

This week: LastPass, Facebook, Windows 10 (and not-quite-the-end of XP), Samsung, and the Android ecosystem.

Windows 10 patches - will you get them no matter what?

What does the wording about updates being "available automatically" in the Windows 10 Specifications really mean?

Apple fixes loads of security holes in OS X, iOS, Apple TV, Safari

OS X gets a brand new photo application called, er, Photos, but the security fixes are the real reason you want these updates.

Apple issues update to recent OS X update

Looks like Apple's OS X security update from early March 2015 is in need of an update.

Security Update 2015-002 has now been augmented by re-issued bug fixes in 2015-003.

Reboot loop! Microsoft update to fix an old update ends up breaking a new update...

O! What a tangled web we weave!

Microsoft reissued a broken update from back in October 2014...and promptly broke a new update from March 2015.

Apple fixes FREAK in iOS, OS X and Apple TV - and numerous other holes besides

Apple's latest security fixes are out.

The FREAK bug is now fixed, but so are numerous other holes worth patching in their own right.

Microsoft pulls PowerPoint-killing patch KB2920732

Safety pins. Image courtesy of Shutterstock.

The latest in a series of Microsoft patch failures rendered PowerPoint inoperable on devices running Windows RT.

SSCC 183 - It's Data Privacy Day! Do something! [PODCAST]

From Apple's latest OS X and iOS updates to Data Privacy Day - listen, learn and enjoy!

Android Lollipop 5.0.2 is out, but some Nexus users are still stuck on KitKat

Android Lollipop 5.0.2 is out - but don't get too excited.

So far, firmware images are available for just one model in Google's Nexus family.

Microsoft pulls Patch Tuesday fix - "Outlook can't connect to Exchange"

ehlo-250

Part of Patch Tuesday is now only partly available as Microsoft recalls its already-delayed Exchange 2010 update.

Paul Ducklin takes a look...

Android Lollipop 5.0.1 is out - for the select few with Lollipop, at least

Google just released Android Lollipop 5.0.1 - but some of its own devices haven't even got 5.0 yet.

No wonder third-party Android vendors so often lag behind...

Adobe publishes out-of-band Flash update - provides "booster dose" for October's patches

Adobe has published a Flash update, dubbed APSB14-26.

The new patch offers additional protection against a vulnerability that was originally addressed in October 2014.

WordPress issues critical security fixes, closing remote anonymous compromise bug and more

wp-250

WordPress has just published a critical security release.

If you're still on WordPress 3, this is about as critical as it gets, because one of the fixes closes a "remote anonymous compromise" bug.

Microsoft "tops up" Patch Tuesday, issues delayed fix for zero-day hole in logon security

Microsoft has issued a "top up" security bulletin for a fix that didn't quite make it into the November 2014 Patch Tuesday.

The vulnerability can be used to turn any user into a domain administrator, and it's been exploited in the wild...

Apple ships OS X 10.10.1 - does it fix those Wi-Fi problems?

yos-wifi-250

Reader: "So Paul, has Yosemite 10.10.1 fixed the Wi-Fi problems?"

Duck: "The answer is..."

Find out, as they say, inside.

POODLEs, Sandworms and getting safe online - 60 Sec Security [VIDEO]

The week's security news, turned into an entertaining lesson, turned into a 1-minute video.

Enjoy...

Apple kills the POODLE – also fixes Shellshock in case you forgot

poosdle-osx-250

Apple just shipped OS X 10.10 Yosemite - including a fix for the POODLE vulnerability.

Mavericks and Mountain Lion also got updates to kill the POODLE.

As for Lion, now three releases off the pace...bad news.

Apple patches OS X against Shellshock

apple-bash-250

If you're a Mac user, you may have felt wrongfully left out of all the Shellshock kerfuffle over the past few days.

Not any more!

Are you tired of weak or fake zero-day exploits? 60 Sec Security [VIDEO]

Watch our latest 60 Second Security video!

An entertaining but insightful look at the week's security woes - in just one minute...

Apple pulls iOS 8.0.1 update, tells users to roll back to iOS 8

Apple pulls iOS 8.0.1 update, tells users to roll back to iOS 8

Apple's telling users to ditch the update after it knocked out cellular service and disabled Touch ID for iPhones, on top of a list of other glitches - stalling, crashing and more.