Today, Microsoft released a critical security advisory warning customers of a serious new zero day vulnerability that affects Windows, Office, and Lync. In a nutshell, the vulnerability has to do with how certain versions of Windows, Office, and Lync handle specially crafted TIFF images. If an attacker can trick you into viewing a malicious image, including ones embedded in … [Read more...]
Install IE FixIT to Avoid Zero Day Attack
Summary: This vulnerability affects: Probably all current versions of Internet Explorer (IE), but the targeted exploit only affects IE 8 and 9 How an attacker exploits it: By enticing one of your users to visit a web page containing malicious content Impact: In the worst case, an attacker can execute code on your user’s computer, potentially gaining complete control of … [Read more...]
WatchGuard Security Week in Review: Episode 36 – White House Hack
Pwned DSL Routers, White House Hack, and Phone Scams Cyber security is on the industry's mind. As a result, every week seems packed with information and network security news. If you don't have time to keep up because you are too busy putting out normal IT fires, this weekly podcast is for you. WatchGuard Security Week in Review is dedicated to quickly summarizing the biggest … [Read more...]
WatchGuard Security Week in Review: Episode 35 – Adobe Certs
New Java 0day, Cisco DoS, and Stolen Adobe Certs There's no shortage of information and network security news lately. If you find yourself struggling to keep up with it, due to all your other daily tasks, let my weekly summary videos fill you in. WatchGuard Security Week in Review quickly highlights the most important stories of the week, and lets you know what to do about the … [Read more...]
Final IE 0day Update: Microsoft Out-of-Cycle Patch Available
If you've read my two posts [ 1 / 2 ], and watched this week's video, you already know all about the zero day vulnerability plaguing Internet Explorer (IE) this week. In my last update, I mentioned Microsoft promised to release a full, out-of-cycle patch for this serious vulnerability today. True to their word, they did just that. Since you know all about this flaw already, I … [Read more...]