Summary of patches released by Microsoft on Tuesday, May 12

Microsoft has just released the patches for May. The details are available at https://technet.microsoft.com/library/security/ms15-may There are a total of thirteen bulletins, three of which are designated as CRITICAL and the remaining ten are designated as IMPORTANT. The bulletins are identified as MS15-043/MS15-055 CRITICAL patches for May The CRITICAL vulnerabilities apply to Internet Explorer, Windows, .NET […]

Microsoft patches for April – released on April 14

Microsoft has just released the patches (also known as bulletins) for April. The details are available at – http://technet.microsoft.com/en-us/security/bulletin/ms15-apr They are identified as MS15-032/MS15-042. There are a total of eleven patches, four of which are classified as CRITICAL and seven are classified as IMPORTANT. The CRITICAL patches apply to the following Microsoft products: Internet Explorer; […]

Microsoft patches for March – released on Tuesday, March 10.

Microsoft has just released the patches for March 2015. The details are available at https://technet.microsoft.com/library/security/ms15-mar . There are a total of fourteen patches released for March and are identified as MS15-018 through MS15-031; five of which are identified as CRITICAL. The critical patches apply to the majority of Microsoft products including: Windows, Internet Explorer, Microsoft […]

Microsoft patches for February 2015 – released on Feb 10

Microsoft has just announced the patches that are being released for February 2015. The information is available at https://technet.microsoft.com/library/security/ms15-feb There are a total of nine patches being released. Three of which are designated as CRITICAL and the remaining are designated as IMPORTANT.   The patches classified as CRITICAL could allow remote code execution if successfully exploited […]

Flash identified with another zero day vulnerability

Another flash patch is expected to be released this week. The updated flash version is 16.0.0.305 All that is currently known is available at https://helpx.adobe.com/security/products/flash-player/apsa15-02.html Security Advisory for Adobe Flash Player Release date: February 2, 2015 Vulnerability identifier: APSA15-02 CVE number: CVE-2015-0313 Platform: All Platforms Summary A critical vulnerability (CVE-2015-0313) exists in Adobe Flash Player 16.0.0.296 and earlier versions […]

Security update for OS-X version 10.8.5 through 10.10.1

On January 27, Apple released a security update for OS-X versions 10.8.5, 10.9.5 and 10.10.1. The new version is 10.10.2. See the URL below for additional details  http://support.apple.com/en-us/HT204244

Adobe patch released for Zero day flash vulnerability.

As of January 22, Adobe has released a patch for a zero day exploit for Flash. Details are available at http://helpx.adobe.com/security/products/flash-player/apsb15-02.html The flash version that should address the vulnerability is 16.0.0.287. Details for the flash update for Internet Explorer are available at https://technet.microsoft.com/en-us/library/security/2755801.aspx   Extract from Microsoft Announcement. On January 22, 2015, Microsoft released an […]

Oracle Critical Patch Update (including new Java) to be released on Jan 20.

Oracle is scheduled to release their quarterly patch updates (which includes a new version of Java) on Tuesday, January 20. Please see the following URL for details. http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html The current version of Java is 1.8.25. According to content on http://www.oracle.com/technetwork/java/javase/downloads/index-jsp-138363.html, when the new version is released, all systems running version 7 will automatically be updated […]

Microsoft and Adobe patches for January – released on Jan 13

Microsoft has released the security bulletins for January. The details are available at http://blogs.technet.com/b/msrc/archive/2015/01/13/january-2015-updates.aspx There are a total of eight security bulletins released for January. Only one patch is designated as CRITICAL. The remaining seven patches are designated as IMPORTANT. The one critical patch applies to telnet. By default, telnet is installed but not enabled […]

Changes to Microsoft Advance notification process

On Jan 8, Microsoft changed their Advance Notification Process associated with bulletins/patches.  If you desire email notification, you will now have to add the selected products via the http://mybulletins.technet.microsoft.com interface (after you have signed in).  Alternatively, they seem to indicate the web content will still be available at https://technet.microsoft.com/security/bulletin/ or at https://technet.microsoft.com/en-us/library/security/dn631937.aspx but neither of […]