Articles about patches

danger

Attention, small biz using Symantec AV: Smash up your PCs, it's the safest thing to do

If you're using Symantec's Endpoint Protection Small Business Edition (SEP SBE) then you can forget about security for a week or so, as the company won't be patching the "as bad as it gets" security holes in its software for a while. A Register reader who wishes to remain anonymous received an email from Symantec confirming …
Iain Thomson, 6 Jul 2016
Bruce Campbell in Army of Darkness

Kill Flash now. Or patch these 36 vulnerabilities. Your choice

Adobe has released an update for Flash that addresses three dozen CVE-listed vulnerabilities. The update includes a fix for the CVE-2016-4171 remote code execution vulnerability that is right now being exploited in the wild to install malware on victims' computers. Adobe is recommending that users running Flash for Windows, …
Shaun Nichols, 16 Jun 2016
Road Closed sign

Cisco warns IPv6 ping-of-death vuln is everyone's problem

Cisco is warning network administrators about a flaw in the handling of IPv6 packets that it says extends beyond its own products. The networking behemoth has issued a security alert detailing a vulnerability in the processing of IPv6 Neighbor Discovery (ND) packets that could allow a remote and unauthenticated miscreant to …
Shaun Nichols, 2 Jun 2016
Cabling disaster 3

Windows 7, Server 2008 'Convenience' update is anything but – it breaks VMware networking

VMware is warning administrators to steer clear of an official update for Windows 7 and Server 2008 – after the patch was found to be incompatible with some virtual machines. The virtualization house says that VMs using VMXNet3 virtual NICs are having networking problems after installing the Windows 7 rollup update. VMs …
Shaun Nichols, 1 Jun 2016
virus_1_648

Kill Flash now? Chrome may be about to do just that

Google's Chrome web browser could be disabling all Flash content by default before the year's out. El Reg has learned that developers with the Chromium Project are working on a new feature known as 'HTML5 by Default'. The move could help to keep users safe by locking off a favorite target for web-based malware exploits. As …
Shaun Nichols, 13 May 2016

Adobe...sigh...issues critical patch...sigh...for Flash Player zero day

Adobe has pushed out a patch for 25 vulnerabilities in Flash Player, including one that is already being targeted in the wild. The latest fix for the internet's screen door includes a remedy for CVE-2016-4117, the remote code execution flaw that is already being exploited by criminals serving up malware-laden advertisements. …
Shaun Nichols, 12 May 2016

How to make Cisco UCS servers roll over and obey: Send a HTTP poke

Cisco has patched a vulnerability in its Unified Computing System (UCS) Central Software that could be exploited by miscreants to take remote control of machines. Switchzilla said that the CVE-2016-1352 flaw in the UCS web framework is considered a "high" security risk as an unauthenticated attacker can execute arbitrary …
Shaun Nichols, 13 Apr 2016

Dear Windows, OS X folks: Update Flash now. Or kill it. Killing it works

Adobe has published new versions of Flash to patch a vulnerability being exploited right now by hackers to hijack PCs and Macs. The APSB16-10 update addresses a total of 24 CVE-listed flaws, including one (CVE-2016-1019) that's been exploited in the wild to inject malware into Microsoft Windows and Apple OS X systems. Users …
Shaun Nichols, 8 Apr 2016
Asleep on the sofa image via Shutterstock

Symantec warns of serious security holes – in Symantec security kit

Symantec is advising users of its Endpoint Protection (SEP) software to update their systems, after three vulnerabilities were reported in the computer defense tools. Two of the bugs – a cross-site scripting (XSS) flaw, and a SQL injection vulnerability – are in the SEP Management Console, a web-based portal you can log into …
Shaun Nichols, 18 Mar 2016

Flash – aaah-aarrgh! Patch now as hackers exploit fresh holes

Adobe has urged users to patch their Windows, OS X and Linux editions of Flash Player to address 23 security vulnerabilities, including one that is actively being targeted in the wild. The March update includes a number of fixes for vulnerabilities that could, if exploited, allow an attacker to remotely execute code on a …
Shaun Nichols, 10 Mar 2016
Apple iPad Mini 2013

Afraid of getting your iThing pwned? Get yourself iOS 9.2.1

Apple has posted an update for iOS, including patches for 13 CVE-listed security flaws. The Cupertino giant said that the iOS 9.2.1 update bundles the security fixes with a patch for a bug in the Apple Mobile Device manager that had prevented some iOS devices from installing apps. Note that this update will not fix the weird …
Shaun Nichols, 19 Jan 2016
android_toys_648

Got a Nexus? Google has five critical Android security fixes for you

Google has fixed 12 security bugs in its Android source code – including five that would allow miscreants to achieve remote code execution or root access. The Mountain View giant said its January Android security update includes patches for five CVE-listed security vulnerabilities it rates as "critical" risks, two considered " …
Shaun Nichols, 4 Jan 2016

Still running IE10? Not for long, says Microsoft

Microsoft is advising Windows users to update their browsers ahead of a new policy that will see some versions of Internet Explorer no longer supported. The Redmond software giant said that beginning January 12, 2016, it will only support the newest version of its browser available in each operating system. "The newest …
Shaun Nichols, 11 Dec 2015
Apple logo. Pic: Blake Patterson

Think you're all done patching? Not if you have any Apple gear

Apple has joined the likes of Microsoft and Adobe in releasing patches for dozens of security holes in its products. The Cupertino design studio has posted updates for nearly all of its product lines, fixing security holes in iOS, OS X, watchOS, tvOS, Safari, and Xcode. For OS X users, the update is packaged as El Capitan 10. …
Shaun Nichols, 9 Dec 2015

Kill Flash Now: 78 bugs patched in latest update

Adobe has released another update to address dozens of flaws in its Flash Player browser plug-in. The December update fixes 78 CVE-classified security vulnerabilities in Flash Player for OS X, Windows, Linux, and Android. The patch includes 75 separate vulnerabilities that could be exploited by an attacker to remotely execute …
Shaun Nichols, 8 Dec 2015

Firefox 42 ... answer to the ultimate question of life, security bugs and fully private browsing?

Mozilla has released Firefox 42 and Firefox ESR 38 38.4, which include fixes for worrying security vulnerabilities in the web browser. The November 3 update squashes at least three bugs that can be potentially exploited to achieve remote code execution. Two Mozilla engineers, Tyson Smith and David Keeler, uncovered two flaws …
Shaun Nichols, 4 Nov 2015
cisco asa 5505

Patch Cisco ASA ASAP: DNS, DHCPv6, UDP packets will crash them

Cisco has issued a firmware update to address four security flaws in its Adaptive Security Appliance (ASA) that open up the gear to denial-of-service attacks. By exploiting these bugs, six models in the ASA family can be forced to repeatedly reset, rendering the hardware useless. Vulnerable products include the Cisco ASA …
Shaun Nichols, 23 Oct 2015
Mac malware

Got an Apple Mac, iThing? Update it right now – there's a shedload of security holes fixed

Apple has posted security updates and feature improvements for its desktop, mobile, and developer gear. The Cupertino giant today issued updates for iOS, OS X, and watchOS, plus iTunes on Windows, Safari on OS X, and Mac firmware. The OS X El Capitan update also "improves compatibility with Microsoft Office 2016," so if you' …
Shaun Nichols, 21 Oct 2015

Create a news alert about patches, or find more stories about patches.

Biting the hand that feeds IT © 1998–2017