Your source for patch management news, opinion, product comparisons and reviews.
Patch Management News
Google fixes Chrome vulnerabilities exploited at Pwn2Own contest
Google released emergency security updates for Chrome in order to patch critical vulnerabilities demonstrated Thursday by a security researcher at...
Adobe patches critical vulnerabilities in Flash Player, ColdFusion
Adobe Systems released security updates for Flash Player, AIR and ColdFusion to fix critical vulnerabilities that could allow attackers to take...
Microsoft Patch Tuesday advisories urge ditching old, weak crypto algorithms
Microsoft patched serious vulnerabilities Tuesday in Windows, Internet Explorer and Office, but also urged customers to stop using the aging RC4...
Microsoft books critical IE, Windows fixes for next week
Microsoft today said it will deliver eight security updates next week to patch critical vulnerabilities in Windows and Internet Explorer (IE), as...
Despite patches, Supermicro's IPMI firmware is far from secure, researchers say
The Intelligent Platform Management Interface (IPMI) implementation found in motherboards from server manufacturer Supermicro suffers from serious...
New bug bounty program rewards researchers for finding flaws in widely used software
A new bug bounty program sponsored by Microsoft and Facebook will reward security researchers for finding and reporting vulnerabilities in widely...
Windows Vista, Lync, older Office versions under attack via new vulnerability
Microsoft warned Tuesday that attackers are actively targetingA Windows Vista, as well asA Microsoft Office 2003 through 2010, with an attack that...
Open-source software projects need to improve vulnerability handling practices, researchers say
Many open-source software developers need to improve the way in which they handle vulnerability reports, according to researchers from security firm...
Mozilla releases 10 patches, five critical, for Firefox
Mozilla released 10 patches for three versions of its Firefox browser on Tuesday, five of which are considered critical and could be used to remotely...
Cisco fixes serious security flaws in networking, communications products
Cisco Systems released software security updates Wednesday to address denial-of-service and arbitrary command execution vulnerabilities in several...
Flash Player now sandboxed under Safari on Mac OS X
Adobe has worked with Apple to sandbox Flash Player under Safari in Mac OS X, restricting the ability of attackers to exploit any vulnerabilities...
Oracle plugs severe security holes that put systems at hijack risk
Oracle fixed on Tuesday 127 security issues in Java, its database and other products, patching some flaws that could let attackers take over systems.
D-Link to padlock router backdoor by Halloween
D-Link will address by the end of October a security issue in some of its routers that could allow attackers to change the device settings without...
Hackers exploit vBulletin vulnerability to inject rogue administrator accounts
Hackers are exploiting a vulnerability in the popular vBulletin Internet forum software in order to inject rogue administrator accounts into websites...
Cisco patches vulnerabilities in some security appliances, switches and routers
Cisco Systems has released security patches for authentication bypass, command execution and denial-of-service vulnerabilities affecting products...
Tenth Anniversary Patch Tuesday brings crucial Microsoft Explorer fix
As anticipated, the latest round of Microsoft's Patch Tuesday monthly release of security fixes addresses a widely known Internet Explorer (IE)...
Google adds search by image to Chrome browser
Google's latest Chrome browser update fixes 50 security problems and gives users the capability to use images as search queries.
Google finally squashes IM bug
Google is still tussling with a scary and disconcerting glitch that caused its IM apps to route messages to the incorrect recipients.
Google still working on squashing IM bug
Google is still tussling with a scary and disconcerting glitch that caused its IM apps to route messages to the incorrect recipients.
IE zero-day vulnerability exploited more widely than previously thought
A recently announced and yet-to-be-patched vulnerability that affects all versions of Microsoft Internet Explorer (IE) has been exploited in targeted...
The Connected Enterprise