Security News

It's Cybersecurity Awareness Month! In keeping with that theme, if youuse Microsoft Windows computers you should be aware the company shipped a bevy of software updates today to fix at least 87 security problems in Windows and programs that run on top of the operating system. Worst in terms of outright scariness is probably CVE-2020-16898, which is a nasty bug in Windows 10 and Windows Server 2019 that could be abused to install malware just by sending a malformed packet of data at a vulnerable system.

Microsoft has plugged 87 security holes, including critical ones in the Windows TCP/IP stack and Microsoft Outlook and Microsoft 365 Apps for Enterprise. CVE-2020-16898 - A Windows TCP/IP vulnerability that could be remotely exploited by sending a specially crafted ICMPv6 router advertisement to an affected Windows server or client and could allow code execution.

Today is Microsoft's October 2020 Patch Tuesday, and your Windows administrators will be pulling their hair out as they install new updates and try to fix bugs that pop up. With the October 2020 Patch Tuesday security updates release, Microsoft has released fixes for 87 vulnerabilities in Microsoft products and an advisory about today's Adobe Flash Player update.

Today is Microsoft's October 2020 Patch Tuesday, and your Windows administrators will be pulling their hair out as they install new updates and try to fix bugs that pop up. With the October 2020 Patch Tuesday security updates release, Microsoft has released fixes for 87 vulnerabilities in Microsoft products and an advisory about today's Adobe Flash Player update.

Review: Practical Vulnerability Management: A Strategic Approach to Managing Cyber RiskAndrew Magnusson started his information security career 20 years ago and he decided to offer the knowledge he accumulated through this book, to help the reader eliminate security weaknesses and threats within their system. AWS adds new S3 security and access control featuresAmazon Web Services has made available three new S3 security and access control features.

Microsoft has also issued updated guidance since the August Patch Tuesday release to clarify the steps needed to secure systems with this vulnerability. October 2020 Patch Tuesday forecast Microsoft continues to address record numbers of vulnerabilities each month.

Microsoft has updated its Security Update Guide, which is used by tens of millions of cybersecurity professionals the second Tuesday of every month, also known as Patch Tuesday. The update is "To help protect our customers regardless of what Microsoft products or services they use in their environment," according to a Microsoft Security Response Center blog post on Tuesday.

This month's patch Tuesday includes patches for 15 Microsoft products, including 23 critical CVEs. Microsoft has addressed 129 security issues as part of its September 2020 Patch Tuesday update.

Microsoft today released updates to remedy nearly 130 security vulnerabilities in its Windows operating system and supported software. Todd Schell at Ivanti reminds us that Patch Tuesday isn't just about Windows updates: Google has shipped a critical update for its Chrome browser that resolves at least five security flaws that are rated high severity.

Microsoft has released patches for 129 security bugs in its September Patch Tuesday update. Another critical RCE vulnerability that should be prioritized for patching is CVE-2020-1210, which exists in SharePoint due to a failure to check an application package's source markup.