Most people get flowers, chocolates, and cards for Valentine's Day, but next Tuesday Microsoft IT professionals can expect a big box of patches. According to their advanced notification post for February, Microsoft will release nine security bulletins next Tuesday, February 14th. The bulletins deliver updates that fix 21 vulnerabilities, spread across Windows, Internet … [Read more...]
Archives for February 2012
UPDATE: 2012's First OS X Update Corrects 52 Security Vulnerabilities
Last week, Apple released an OS X update that fixed 52 security vulnerabilities. However, customers have reported that the Snow Leopard (10.6.x) version of the update causes problems with Rosetta -- a component that allows Intel Macs to run PowerPC programs. In response, Apple has revised their original advisory, and released a new version of the Snow Leopard update. If you … [Read more...]
WatchGuard Security Week in Review: Episode 3
Mass WordPress Site Hacks, OS X Update, and Major Verisign Breach This week's WatchGuard Security Week in Review comes to you from on the road in Texas. I'm travelling this week to speak at various WatchGuard security events, but was still able to record an episode using my iPhone. You've got to love technology! That said, due to my travel schedule on Friday, I had to produce … [Read more...]
2012's First OS X Update Corrects 52 Security Vulnerabilities
Summary: These vulnerabilities affect: All current versions of OS X 10.6.x (Snow Leopard) and OS X 10.7.x (Lion) How an attacker exploits them: Multiple vectors of attack, including enticing your users to visit a malicious web site, or into downloading and viewing various document or media files Impact: Various results; in the worst case, an attacker executes code on your … [Read more...]
Change Your Password Day: I Like It
A tech blog I occasionally read, Gizmodo, has named today (February 1st) Change Your Password Day. Though one might argue Gizmodo is not authoritative enough to get to pick official "Days" for us, I like the idea enough to support it. As Gizmodo points out, there have been a number of breaches lately where attackers have gotten password databases from some pretty big … [Read more...]