Windows patches released on Tuesday, June 14

Microsoft recently released the patches for June 2016. The details are available at  http://technet.microsoft.com/en-us/security/bulletin/ms16-jun Takeaways – No zero day vulnerabilities are currently known (code vulnerabilities that are CURRENTLY being exploited) for any of the products that are being patched in June 2016. Update – June 15 8:00 am As of June 14, a zero-day vulnerability […]

patches for Microsoft and Adobe products for May – released on May 10

The content below has been posted on the AgriLife Security Blog at –   http://ait-security.tamu.edu/2016/05/10/patches-for-microsoft-and-adobe-products-for-may/   Microsoft recently released the patches for May 2016. The details are available at  http://technet.microsoft.com/en-us/security/bulletin/ms16-may   AgriLife ISO Recommendation Takeaway – As the Flash vulnerabilities are currently being exploited, and at least one of the Remote Code Execution vulnerabilities for Internet […]

Oracle Security updates released on April 20

Oracle released its quarterly Critical Patch Update today. There are nine security updates released in the new version of Java. The new version is 1.8.91/92. Please see the following URL for details on other products updated http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html

Patches for Microsoft and Adobe products for April

Microsoft recently released the patches for April 2016. The details are available at  http://technet.microsoft.com/en-us/security/bulletin/ms16-apr Takeaways – Vulnerabilities being patched in bulletins MS16-037 through MS16-045 could allow remote code execution if successfully exploited. AgriLife ISO Recommendation As the Flash vulnerabilities are currently being exploited, the elevation of privilege vulnerabilities identified in MS16-039 are being exploited (on […]

Locky ransomware impacting national and state hospitals

As some have heard, several hospitals have recently been impacted by malicious software that have locked out thousands of files with ransomware.  The State of Texas Department of Information Resources recently provided an update.  They indicated that both nationally and in Texas, the ransomware has been identified as locky. Hospitals are specifically vulnerable as they […]

Security updates released from Apple on 3/21

Approximately 56 vulnerabilities were patched in the security update released from Apple on 3/21. Please see the following URL for details. Security update for OS-X – versions 10.9.5, 10.10.5, 10.11.0-10.11.3 – March 21, 2016 https://support.apple.com/en-us/HT206167

Patches released by Microsoft and Adobe on March 8

Microsoft has just released the patches for March 2016. The details are available at  http://technet.microsoft.com/en-us/security/bulletin/ms16-mar Vulnerabilities being patched in bulletins MS16-023 through MS16-030 could allow remote code execution if successfully exploited. Remote code execution exploits are commonly used via drive by (web page) exploits or email attachments to compromise workstation operating systems.  In the case […]

Microsoft and Adobe Patches released for February – released on Feb 9

Microsoft has just released the patches for February 2016. The details are available at  http://technet.microsoft.com/en-us/security/bulletin/ms16-feb   There are a total of thirteen bulletins being released. Five of the bulletins being patched are identified as CRITICAL (by Microsoft – six according to https://isc.sans.edu/forums/diary/Microsoft+February+2016+Patch+Tuesday/20711/ ) and the remainder are classified as IMPORTANT. Microsoft February 2016 Patch Tuesday – SANS Internet Storm Center Vulnerabilities […]

Patches released by Microsoft for January 2016 – release date Jan 12

Microsoft has just released the patches for January 2016. The details are available at  http://technet.microsoft.com/en-us/security/bulletin/ms16-jan There are a total of nine bulletins being released. Six of the bulletins being patched are identified as CRITICAL and the remainder are classified as IMPORTANT. Vulnerabilities being patched in bulletins MS16-001 through MS16-007 could allow remote code execution if […]

Javascript malware recently detected – protection provided by Sophos on 1/5

The content below is from the ISC SANS daily diary.  In a nutshell it identifies a new class of malware that is routinely delivered by email as an attachment and basically encrypts all data on the hard drive once it gets a foothold.  The best advice I can offer is just don’t click on the […]