Cisco plugs critical hole in WebEx, users urged to upgrade ASAP
Cisco has fixed a critical vulnerability in its WebEx videoconferencing software that could be exploited to compromise meeting attendees’ systems by simply opening a …
security update
Moxa plugs serious vulnerabilities in industrial secure router
A slew of serious vulnerabilities in the Moxa EDR-810 series of industrial secure routers could be exploited to inject OS commands, intercept weakly encrypted or extract clear …
Your Android phone says it’s fully patched, but is it really?
How do fully-maintained (i.e., patched) Android phones end up getting exploited? Searching for an answer to that question spurred security researchers to analyze thousands of …
AMD users running Windows 10 get their Spectre fix
AMD has released new microcode updates for mitigating variant 2 of the Spectre attack and Microsoft has released an OS update with the mitigation to AMD users running Windows …
What patches to prioritize following the April 2018 Patch Tuesday?
Patch Tuesday came and went and, as usual, Microsoft and Adobe have released patches/security updates for vulnerabilities affecting a wide variety of their products. …
April Patch Tuesday forecast: Expect updates for Adobe Flash, others
Springtime is here! Although up here in Minnesota you wouldn’t believe it as we received snowfalls that rivaled anything in the past 34 years! As spring arrives you think of …
Easily exploited flaw in Microsoft Malware Protection Engine allows total system compromise
A critical and extremely easily exploitable vulnerability in the Microsoft Malware Protection Engine (MMPE) has been patched through an out-of-band security update pushed out …
Intel will not provide Spectre/Meltdown microcode updates for some processor families
Intel has decided not to provide microcode updates to plug Spectre and Meltdown vulnerabilities in a number of older processors. According to the last update (April 2, 2018) …
Critical vulnerability opens Cisco switches to remote attack
A critical vulnerability affecting many of Cisco’s networking devices could be exploited by unauthenticated, remote attackers to take over vulnerable devices or trigger …
How to close the security update gap
Security patching is hard and patch fatigue is real. So what can be done to make the process more simple, less disruptive, and more likely to be performed in a timely manner? …
