Category Archives: Time to Patch

Short posts on the latest security updates for widely-used software.

Flash Patch Targets Zero-Day Exploit

January 22, 2015

Adobe today released an important security update for its Flash Player software that fixes a vulnerability which is already being exploited in active attacks. Compounding the threat, the company said it is investigating reports that crooks may have developed a separate exploit that gets around the protections in this latest update.

Java Patch Plugs 19 Security Holes

January 21, 2015

Oracle this week released its quarterly patch update for Java, a widely-installed program that for most casual users has probably introduced more vulnerability than utility. If you have Java installed and require it for some application or Web site, it’s time to update it. If you’re not sure you have Java on your computer or are unsure why you still have it, read on for advice that could save you some security headaches down the road.

‘Security by Antiquity’ Bricks Payment Terminals

December 12, 2014

Last week, several thousand credit card payment terminals at various retailers across the country suddenly stopped working, their LCD displays showing a blank screens instead of numbers and letters. Puzzled merchants began to worry that this was perhaps part of some sophisticated hacker attack on their cash registers. It turns out that the incident was indeed security-related, but for once it had nothing to do with cyber thieves.

‘Poodle’ Bug Returns, Bites Big Bank Sites

December 11, 2014

Many of the nation’s top banks, investment firms and credit providers are vulnerable to a newly-discovered twist on a known security flaw that exposes their Web site traffic to eavesdropping. The discovery has prompted renewed warnings from the U.S. Department of Homeland Security advising vulnerable Web site owners to address the flaw as quickly as possible.

Microsoft, Adobe Push Critical Security Fixes

December 9, 2014

If you use Microsoft or Adobe software products, chances are that software is now dangerously out of date. Microsoft today released seven update bundles to fix two dozen security vulnerabilities in Windows and supported software. Adobe pushed patches to correct critical flaws in Acrobat, Reader, and Flash Player, including a bug in Flash that already is being exploited.

Microsoft Releases Emergency Security Update

November 18, 2014

Microsoft today deviated from its regular pattern of releasing security updates on the second Tuesday of each month, pushing out an emergency patch to plug a security hole in all supported versions of Windows. The company urged Windows users to install the update as quickly as possible, noting that miscreants already are exploiting the weaknesses to launch targeted attacks.

Adobe, Microsoft Issue Critical Security Fixes

November 11, 2014

Adobe and Microsoft today each issued security updates to fix critical vulnerabilities in their software. Microsoft pushed 14 patches to address problems in Windows, Office, Internet Explorer at .NET, among other products. Separately, Adobe issued an update for its Flash Player software that corrects at least 18 security issues.

Microsoft, Adobe Push Critical Security Fixes

October 14, 2014

Adobe, Microsoft and Oracle each released updates today to plug critical security holes in their products. Adobe released patches for its Flash Player and Adobe AIR software. A patch from Oracle fixes at least 25 flaws in Java. And Microsoft pushed patches to fix at least two-dozen vulnerabilities in a number of Windows components, including Office, Internet Explorer and .NET. One of the updates addresses a zero-day flaw that reportedly is already being exploited in active cyber espionage attacks.