Security News

Microsoft has pushed out fixes for 87 security vulnerabilities in October - 11 of them critical - and one of those is potentially wormable. "Coming in at 53 of the 87 vulnerabilities, patching the OS knocks out 60 percent of the vulnerabilities listed, along with over half of the critical RCE vulnerabilities resolved today."

It's Cybersecurity Awareness Month! In keeping with that theme, if youuse Microsoft Windows computers you should be aware the company shipped a bevy of software updates today to fix at least 87 security problems in Windows and programs that run on top of the operating system. Worst in terms of outright scariness is probably CVE-2020-16898, which is a nasty bug in Windows 10 and Windows Server 2019 that could be abused to install malware just by sending a malformed packet of data at a vulnerable system.

Microsoft has plugged 87 security holes, including critical ones in the Windows TCP/IP stack and Microsoft Outlook and Microsoft 365 Apps for Enterprise. CVE-2020-16898 - A Windows TCP/IP vulnerability that could be remotely exploited by sending a specially crafted ICMPv6 router advertisement to an affected Windows server or client and could allow code execution.

Windows and Mac users running Foxit's popular PhantomPDF reader should update their installations to the latest version after the US CISA cybersecurity agency warned of a handful of high-severity product vulnerabilities. Foxit has published updates for its software in both Windows and Apple Mac formats.

Today is Microsoft's October 2020 Patch Tuesday, and your Windows administrators will be pulling their hair out as they install new updates and try to fix bugs that pop up. With the October 2020 Patch Tuesday security updates release, Microsoft has released fixes for 87 vulnerabilities in Microsoft products and an advisory about today's Adobe Flash Player update.

Today is Microsoft's October 2020 Patch Tuesday, and your Windows administrators will be pulling their hair out as they install new updates and try to fix bugs that pop up. With the October 2020 Patch Tuesday security updates release, Microsoft has released fixes for 87 vulnerabilities in Microsoft products and an advisory about today's Adobe Flash Player update.

Review: Practical Vulnerability Management: A Strategic Approach to Managing Cyber RiskAndrew Magnusson started his information security career 20 years ago and he decided to offer the knowledge he accumulated through this book, to help the reader eliminate security weaknesses and threats within their system. AWS adds new S3 security and access control featuresAmazon Web Services has made available three new S3 security and access control features.

Microsoft has also issued updated guidance since the August Patch Tuesday release to clarify the steps needed to secure systems with this vulnerability. October 2020 Patch Tuesday forecast Microsoft continues to address record numbers of vulnerabilities each month.

Cisco Systems released a barrage of patches, Thursday, aimed at fixing bugs in the networking giant's ubiquitous IOS operating system. Twenty-nine of the Cisco bugs are rated high severity, with 13 rated medium in severity.

Administrators running Samba as their domain controllers should update their installations as the open-source software suffers from the same ZeroLogon hole as Microsoft's Windows Server. We're told Samba running as an Active Directory or classic NT4-style domain controller is at risk, and although file-server-only installations are not directly affected, "They may need configuration changes to continue to talk to domain controllers."