Security News

A light December 2020 Patch Tuesday for a no-stress end of the year
2020-12-08 20:01

As expected, Microsoft fixed a smaller-than-usual number of CVEs on this December 2020 Patch Tuesday: 58 in total. Satnam Narang, staff research engineer at Tenable, pointed out that CVE-2020-17132 addresses a patch bypass for CVE-2020-16875, which was reported and patched in September's Patch Tuesday release.

Microsoft December 2020 Patch Tuesday fixes 58 vulnerabilities
2020-12-08 13:37

With the December 2020 Patch Tuesday security updates release, Microsoft has released fixes for 58 vulnerabilities and one advisory for Microsoft products. Of the 58 vulnerabilities fixed today, nine are classified as Critical, 48 as Important, and two as Moderate.

Week in review: Most effective security practices, worst password offenders, Patch Tuesday forecast
2020-12-06 09:00

Open source vulnerabilities go undetected for over four yearsFor its annual State of the Octoverse report, GitHub has analyzed over 45,000 active code directories to provide insight into open source security and developers' practices regarding vulnerability reporting, alerting and remediation. Which security practices lead to best security outcomes?A proactive technology refresh strategy and a well-integrated tech stack are, according to a recent Cisco report, two security practices that are more likely than many others to help organizations achieve goals such as keeping up with business, creating security culture, managing top risks, avoiding major incidents, and so on.

December 2020 Patch Tuesday forecast: Always consider the risk
2020-12-04 06:40

We need to keep in mind that periodic updates are being released for all the applications we use and many of those updates include critical security fixes for vulnerabilities that are being exploited. Very few of us are in a position to instantly update all the systems in our organizations, so we need to prioritize what needs to be updated first, and that should be driven by risk.

Patch Tuesday, November 2020 Edition
2020-11-11 01:56

Adobe and Microsoft each issued a bevy of updates today to plug critical security holes in their software. Microsoft also is taking flak for changing its security advisories and limiting the amount of information disclosed about each bug.

Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
2020-11-10 21:12

Microsoft's November Patch Tuesday roundup of security fixes tackled an unusually large crop of remote code execution bugs. Twelve of Microsoft's 17 critical patches were tied to RCE bugs.

November 2020 Patch Tuesday: Microsoft fixes actively exploited Windows Kernel flaw
2020-11-10 20:43

Microsoft has plugged 112 security holes, including an actively exploited one. The most information is available about CVE-2020-17087, a Windows Kernel privilege escalation vulnerability, because it's being actively exploited in the wild and because Google disclosed it on October 29, along with PoC exploit code.

Microsoft November 2020 Patch Tuesday fixes 112 vulnerabilities
2020-11-10 13:35

Today is Microsoft's November 2020 Patch Tuesday, and Windows administrators worldwide will be running around putting out fires all day, so be nice to them. With the November 2020 Patch Tuesday security updates release, Microsoft has released fixes for 112 vulnerabilities in Microsoft products.

Week in review: Windows zero-day exploited, Patch Tuesday forecast, selecting a compliance solution
2020-11-08 09:45

Git LFS vulnerability allows attackers to compromise targets' Windows systemsA critical vulnerability in Git Large File Storage, an open source Git extension for versioning large files, allows attackers to achieve remote code execution if the Windows-using victim is tricked into cloning the attacker's malicious repository using a vulnerable Git version control tool, security researcher Dawid Golunski has discovered. November 2020 Patch Tuesday forecast: Significant OS changes aheadNovember Patch Tuesday and the end-of-year holidays are rapidly approaching.

November 2020 Patch Tuesday forecast: Significant OS changes ahead
2020-11-06 07:07

The Patch Tuesday updates appear to be light, so things are looking much better as we enter the final stretch for 2020. Yes, you read that correctly - not the 2020 Fall Release or Windows 10 version 2009, but Windows 10 version 20H2. Name changes once again!