One of the not-so-great side effects of the transition to virtually everything being done in the Web browser now is that advertisers, attackers and scammers constantly are trying to get their code to run in users’ browsers, any way they can. A lot of this is done through extensions and browser objects, some of which […]
Tag Archives: Microsoft
Two Patched Zero Days Targeting Windows Kernel
Security firms have peeled back the layers on two zero day vulnerabilities that are currently being used in limited, targeted attacks against the Windows Kernel.
Browser Vendors Move to Disable SSLv3 in Wake of POODLE Attack
With details of the new POODLE attack on SSLv3 now public, browser vendors are in the process of planning how they’re going to address the issue in their products in a way that doesn’t break the Internet for millions of users but still provides protection. The attack, which was disclosed by a trio of Google […]
Fixes for IE, Flash Player in October Patch Tuesday Release
Microsoft posted eight bulletins for Patch Tuesday, three of which are considered critical including a cumulative Internet Explorer update, while Adobe has fixes for Flash Player and ColdFusion.
Big updates coming from Microsoft, Oracle and Adobe this Tuesday
Pour yourself a cup of coffee; this could take a while.
One of the biggest “Patch Tuesday†fixes is happening October 14, when vital updates will be available from three companies at the same time.
We are all used to the monthly Patch Tuesdays from Microsoft and Adobe, but this month the quarterly updates from Oracle, the parent of problem child Java SE, coincide, making it a pretty big day for securing your system. Avast experts agree that one of the most important steps you can take to securing your data and devices is to make sure that you keep your software up-to-date.
Microsoft
Microsoft leads off the normal Patch Tuesday with the release of 9 security updates across products including a critical patch of Internet Explorer, all supported versions of Windows, and the .NET development framework.
Oracle
Oracle’s Critical Patch Update is a collection of patches for multiple security vulnerabilities. It contains 155 new security fixes across hundreds of Oracle products; 25 of them for Oracle Java SE. Oracle warns that “these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without the need for a username and password. “ That’s not good, if you were wondering.
“I would suggest removing Java if possible or at least turning it off in all your browsers,” advises Jiri Sejtko, director of AVAST Virus Lab operations. Here are removal instructions for the most popular browsers: How do I disable Java in my browser?
Adobe
It is hoped that Adobe’s Tuesday update will include a plug for the big Digital Editions e-book and PDF reader hole, but more likely it will be next week. In a statement to the American Library Association, Adobe reports they “expect an update to be available no later than the week of October 20†in terms of transmission of reader data.
Tuesday’s patch will probably include a fix for bugs in Adobe Flash Player.
avast! Software Updater shows you an overview of all your outdated software applications, so you can keep them up to date and eliminate any security vulnerabilities. All avast! security products inform you whenever any of your 3rd party applications are out-of-date and you can apply updates manually by clicking the ‘Fix now’ button next to each conflicting application. avast! Premier can be configured to perform these updates automatically.
Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on Facebook, Twitter and Google+. Business owners – check out our business products.
Microsoft Ready With Nine Bulletins, New Critical IE Patches
Microsoft published its Patch Tuesday advance notification, advising IT shops to be ready for nine bulletins, including three critical patches.
Wyden: Surveillance is a ‘Clear and Present Danger’ to the Digital Economy
The pervasive dragnet surveillance of Americans revealed by the Edward Snowden documents has caused serious damage to the trust that enterprises and citizens had in the United States government and unless that trust is repaired, it could have serious effects on the Internet economy, a panel of prominent technology executives said. In a town hall meeting […]
Shellshock-like Weakness May Affect Windows
A weakness in Windows, similar to Shellshock, may put Windows Server deployments at risk to remote code execution.
As Bug Bounties Become the Norm, Challenges Remain
SEATTLE–For many years, Microsoft and other large software vendors resisted the idea of providing bug bounties or other financial incentives for researchers to report vulnerabilities. That changed when the landscape began to shift and more researchers began reporting vulnerabilities through brokers or selling them on the open market. While bounties have now become commonplace, simply […]
Microsoft Starts Online Services Bug Bounty
Microsoft today launched the Microsoft Online Services Bug Bounty Program which will pay out a minimum of $500 for vulnerabilities found in its cloud services such as Office 365.