A Bit of May Madness from Microsoft for May 2012 Patch Tuesday
May 8th, 2012
The disruptive restarts and the wide range of platforms impacted by May’s bulletins will have IT teams scrambling to accomplish their flaw remediation tasks this month. Combine those with the workload from Oracle and others and many security pros may unfortunately not get a break this Memorial Day. We have 7 bulletins this month; 3 [...]
Is Apple the New Adobe?
April 13th, 2012
A security weakness in Apple Quicktime Java Extensions was reported to Apple today (along with proof of concept code) by Adam Gowdiak, a resarcher with Security Explorations in Poland. The issue impacts Quicktime 7.7.1 running on Windows XP SP3, Windows 7 HP 64-bit, Windows 7 Pro 32-bit, along with web browsers; Mozilla Firefox 11.0, Internet Explorer [...]
How the Grinch Stole Christmas – with an Adobe Zero Day
December 6th, 2011
Yet another dangerous Adobe Zero Day in the wild Adobe has posted a Security Advisory for a Day Zero vulnerability that is currently actively targeting Adobe Reader 9.4.6 on the Windows platform. According to the advisory, the vulnerability (CVE-2011-2462) will be addressed first on the current target platform the week of December 12 and, because the [...]
July 2011 Patch Tuesday Security Briefing
July 12th, 2011
Paul Henry, Security and Forensics Analyst for Lumension, discusses the impact of the July 2011 Patch Tuesday releases.
July Patches Brings Protections From BlueTooth Bandits and Social Savvy Spear Phishers
July 12th, 2011
While this Patch Tuesday may appear insignificant with just 4 patches (a quarter of what we saw last month), the reality is that it will be rather disruptive. All patches impact Windows and Office and require a restart. Priorities for July? The MS11-053 patch is critical and warrants immediate attention if your environment is Bluetooth [...]
ASP Bite Danger
September 22nd, 2010
This is outside my normal beat on data protection, but since we know that most cyber exploits these days are about getting to your data, I figure it’s OK to stray a bit. Two bits of news which popped up over the weekend which I found interesting: the Microsoft ASP.Net vulnerability and the out-of-band Adobe [...]
August 2010 Patch Tuesday Security Briefing
August 10th, 2010
As expected, we have a large release from Microsoft covering 15 bulletins, 9 of which are critical. This will be a disruptive Patch Tuesday given the broad range of products impacted and the required restarts. Initial priorities should always be the 9 critical vulnerabilities followed by the remaining balance of important and moderate patches. For [...]
Largest Patch Tuesday on Record
August 10th, 2010
As expected, we have a large release from Microsoft covering 15 bulletins, 9 of which are critical. This will be a disruptive Patch Tuesday given the broad range of products impacted and the required restarts. Initial priorities should always be the 9 critical vulnerabilities followed by the remaining balance of important and moderate patches. August [...]
Adjust Your Defenses to the Changing Threat Vector
July 30th, 2010
While our budget-constrained defenses remain relatively static, the threat vector continues to change. Historically in network security, attackers seem to regularly stay one step ahead of defenders. I have watched the arms race unfold for more than two decades as attackers worked their way up the OSI stack from network layer attacks like the infamous [...]
Think the Solution to Your Security Woes is to Abandon Microsoft?
June 15th, 2010
Reflecting on recent headlines that Google was going to drop Windows usage for desktops and move to Linux or OS X (Apple) reminded me of advice I received very early on in my security career – no operating system is the holy grail and you are always better off working with one you are more [...]


FREE Scanner
Free eBook &
Over 48% of IT Directors say that mobile devices represent the greatest network security threat.



