Security News

Looking way ahead in the forecast, Microsoft Server 2012/2012 R2 will go into ESU support following the October 2023 Patch Tuesday on October 11. October 2022 Patch Tuesday forecast Expect the trend to address more CVEs in the older operating systems to continue.

Today is Microsoft's September 2022 Patch Tuesday, and with it comes fixes for an actively exploited Windows vulnerability and a total of 63 flaws. Five of the 63 vulnerabilities fixed in today's update are classified as 'Critical' as they allow remote code execution, one of the most severe types of vulnerabilities.

Apple strengthens security and privacy in iOS 16Apple announced additional security and privacy updates for its newest mobile operating system. Government guide for supply chain security: The good, the bad and the uglyJust as developers and security teams were getting ready to take a breather and fire up the BBQ for the holiday weekend, the U.S.'s most prestigious security agencies dropped a 60+ page recommended practice guide, Securing the Software Supply Chain for Developers.

August 2022 Patch Tuesday provided critical updates for all Microsoft operating systems as well as an unexpected update for Internet Explorer 11. All these products are in common use, so ensure you include these updates in your patch Tuesday process if you haven't deployed them already.

Of the 121 Microsoft bugs, 17 are considered critical. First, CVE-2022-34713, a remote code execution vulnerability in Microsoft Windows Support Diagnostic Tool that's under active attack.

Today is Microsoft's August 2022 Patch Tuesday, and with it comes fixes for the actively exploited 'DogWalk' zero-day vulnerability and a total of 121 flaws. [...]

Browser synchronization abuse: Bookmarks as a covert data exfiltration channelTwo universal and seemingly innocuous browser features - the ability to create bookmarks and browser synchronization - make users' lives easier, but may also allow hackers to establish a covert data exfiltration channel. 6 ways your cloud data security policies are slowing innovation - and how to avoid thatAs practically every organization shifts from managing their data in network-based data centers to storing it in the cloud, cloud data security policies are created to secure this data in a cloud environment.

Looking ahead to next week, we have a server end-of-life and still more updates that can impact printers. There have been several updates to KB5005408 throughout the year to help administrators identify and manage these non-compliant printers.

Despite worries that Patch Tuesday may not be as exciting now that Microsoft's Windows Autopatch is live - with a slew of caveats - the second Tuesday of this month arrived with 84 security fixes, including 4 critical bugs and one that's under active exploit. Microsoft deemed it an "Important" security issue, with low complexity and low privileges required to exploit.

Today is Microsoft's July 2022 Patch Tuesday, and with it comes fixes for one actively exploited zero-day vulnerability and a total of 84 flaws. This month's Patch Tuesday fixes an actively exploited zero-day elevation of privileges vulnerability.