Articles about security update

GET PATCHED: Adobe plugs Hacking Team Flash holes and more

Adobe has released patches for its Flash software to fix a pair of critical security vulnerabilities exposed by the Hacking Team megabreach. The bugs can be exploited to hijack PCs and infect them with malware – and crooks are already doing just that, so apply the updates now. The security bulletin for Adobe Flash Player ( …
John Leyden, 14 Jul 2015
Adobe Flash installer

Drink me: Adobe pours Flash Player bug squash

Adobe is pushing out a cross-platform security fix for a bug in its Flash Player that miscreants are already exploiting. Windows users running Adobe Flash Player 13.0.0.182 and earlier need to update it following the discovery of a zero-day attack. "Adobe is aware of reports that an exploit for CVE-2014-0515 exists in the …
John Leyden, 28 Apr 2014

Apple splats 'new' SSL snooping bug in iOS, OS X - but it's no Heartbleed

Apple has squashed a significant security bug in its SSL engine for iOS and OS X as part of a slew of patches for iThings and Macs. The so-called "triple handshake" flaw quietly emerged yesterday amid panic over OpenSSL's Heartbleed vulnerability, and soon after the embarrassing "goto fail" blunder in iOS and OS X. Apple's " …
John Leyden, 23 Apr 2014
More flaws found in Java

Oracle drops shedload of CRITICAL vuln-busting Java patches

Oracle's autumn batch of quarterly updates included no fewer than 127 security fixes, including 51 for Java alone. The arrival of the Critical Patch Update (CPU) from Oracle means pretty much all of the enterprise server packages from the software giant need patching. Oracle Database Server, Oracle E-Business Suite, Oracle …
John Leyden, 16 Oct 2013

Is that a failed Outlook security update in your pocket or are you pleased to phish me?

Web criminals have fired off Patch Tuesday-themed phishing emails to trick confused users into handing over their login details. Their messages attempt to convince users into visiting a website masquerading as a Microsoft Exchange system, which tries to coax visitors into handing over their email accounts' address and password …
John Leyden, 15 Oct 2013
exchange_coffee

Microsoft pulls faulty Exchange 2013 patch HOURS after release

Microsoft has pulled a security update for Exchange 2013 after problems emerged with the latest patch to the email server software just hours after its release. The critical MS13-061 security update for Exchange Server 2013 broke the message index service, preventing Exchange 2013 email users from searching their mailboxes. …
John Leyden, 15 Aug 2013
The Register breaking news

Enjoy the weekend, sysadmins: Next Tues fixes 33 Microsoft bugs

Microsoft has promised to fix a high-profile vulnerability in Internet Explorer 8, among other holes, in this month's Patch Tuesday rollout of security updates. In all, next week's bucket of upgrades will address 33 bugs in a range of Redmond software. The flaws have been grouped into 10 sets of holes: two marked critical and …
John Leyden, 10 May 2013
The Register breaking news

Oracle slaps critical patch on insecure Java

Oracle has issued a critical update patch for Java as the database giant works to shore up confidence in the widely used code. The security update fixes 42 security flaws, 19 of which merit a 10 (most severe) rating acording to the CVVS metric the company uses to evaluate the software. Along with this, Oracle has also sought …
Jack Clark, 17 Apr 2013

Windows 7 'security' patch knocks out PCs, knackers antivirus tools

Windows 7 users should uninstall a security patch Microsoft issued on Tuesday because some PCs failed to restart after applying the update. The software giant advised users of Win 7 and Windows Server 2008 R2* to roll-back a patch within MS13-036, a security update that closed two vulnerabilities in the Windows file system …
John Leyden, 12 Apr 2013
The Register breaking news

Microsoft preps UPDATE EVERYTHING patch batch

Microsoft plans to deliver seven bulletins next week, four critical, and three important, as part of the March edition of its regular Patch Tuesday update cycle. The most troublesome of the critical vulnerabilities carries a remote code execution risk and affects every version of Windows - from XP SP3 up to Windows 8 and …
John Leyden, 8 Mar 2013
The Register breaking news

Adobe punts fix for Reader, Acrobat holes battered by PC, Mac hackers

Adobe has pushed out an emergency security update for its PDF viewing software Reader and Acrobat to plug zero-day vulnerabilities that emerged last week. The cross-platform update, issued yesterday, addresses flaws that were being actively exploited by miscreants to compromise and take over Microsoft Windows and Apple Mac OS …
John Leyden, 21 Feb 2013
The Register breaking news

Oracle blocks security hole with quick, hot 'n' premature Java update

Oracle has brought forward the timetable of an upcoming Java security update by two weeks in order to block off an in-the-wild security hole. The update, originally scheduled for 19 February, was released a fortnight early on Friday because of "active exploitation 'in the wild' of one of the vulnerabilities affecting the Java …
John Leyden, 4 Feb 2013
The Register breaking news

'Silent but deadly' Java security update breaks legacy apps - dev

An application developer reports that the latest Java 7 update "silently" deletes Java 6, breaking applications in the process. Java 7 update 11 was released two weeks ago to deal with an unpatched vulnerability which had gone mainstream with its incorporation into cybercrook toolkits such as the Blackhole Exploit Kit in the …
John Leyden, 31 Jan 2013
The Register breaking news

Microsoft flings out emergency patch for Iatest gaping IE hole

Microsoft has announced plans to release an out-of-band patch today tackling a critical zero-day hole in Internet Explorer. The update will almost certainly tackle an unpatched remote-code execution flaw in earlier versions of IE (detailed in Microsoft Security Advisory 2794220) that has become the target of hacker attacks …
John Leyden, 14 Jan 2013
The Register breaking news

Microsoft Santa gifts you with 5 critical fixes in Xmas Patch Tuesday

December's Patch Tuesday brought seven bulletins from Microsoft, five of which cover critical security vulnerabilities. A critical update for MS Word (MS12-079) is rated by security watchers as the most important of the batch. A flaw in Rich Text Format (RTF) processing poses a severe risk because Microsoft Outlook …
John Leyden, 12 Dec 2012
The Register breaking news

Adobe plugs up buffer overflow holes in Shockwave update

Adobe released a patch for its Shockwave Player software on Tuesday, addressing six security vulnerabilities that might easily lend themselves to malware-pushing exploits. Shockwave Player 11.6.7.637 and earlier versions on both Windows and Mac need updating to the latest version: Shockwave Player 11.6.8.638. Adobe said it …
John Leyden, 24 Oct 2012
The Register breaking news

Apple Java update fails to address mega-flaw – researcher

Apple released a Java update on Wednesday but it does not tackle a high-profile flaw that has become the target of attacks over recent weeks. Java for OS X 2012-005 and Java for Mac OS X 10.6 Update 10 offer patched versions of Java for OS X Lion and Mountain Lion systems that tackle CVE-2012-0547. But this is a different …
John Leyden, 6 Sep 2012
The Register breaking news

Patch Tuesday deja vu: Adobe patches Flash ... again

Adobe yesterday released a Flash Player update just one week after its patch Tuesday release, providing a bit of extra hassle for admins for the second Tuesday in a row. The latest (APSB12-19) update for Adobe Flash and Adobe AIR addresses six cross-platform flaws in Adobe Flash Player for Windows, Mac OS X, Linux and Android …
John Leyden, 22 Aug 2012

Create a news alert about security update, or find more stories about security update.

Biting the hand that feeds IT © 1998–2018