Category Archives: Time to Patch

Short posts on the latest security updates for widely-used software.

Critical Java Update Fixes 20 Flaws

October 20, 2011
29 Comments

Oracle Corp. released a critical update to plug at least 20 security holes in versions of its ubiquitous Java software. Nearly all of the Java vulnerabilities can be exploited remotely to compromise vulnerable systems with little or no help from users.

If you use Java, take some time to update the program now. According to a report released this month by Microsoft, the most commonly observed exploits in the first half of 2011 were those targeting Java flaws. The report also notes that Java exploits were responsible for between one-third and one-half of all exploits observed in each of the four most recent quarters.

Critical Security Updates from Microsoft, Apple

October 11, 2011
0 Comments

Microsoft and Apple today released security updates to fix a slew of critical security problems in their software. Microsoft’s patch batch fixes at least 23 vulnerabilities in Windows and other Microsoft products. Apple’s update addresses more than 75 security flaws in the Windows versions of iTunes.

Microsoft Fixes Scary Bluetooth Flaw, 21 Others

July 12, 2011
10 Comments

Microsoft today released updates to fix at least 22 security flaws in its Windows operating systems and other software. The sole critical patch from this month’s batch addresses an unusual Bluetooth vulnerability that could let nearby attackers break into vulnerable systems even when the targeted computer is not connected to a network.

Bluetooth is a wireless communications standard that allows electronic devices — such as laptops, mobile phones and headsets — to communicate over short distances (the average range is about 30 to 100 meters, but that range can be extended with specialized tools). To share data, two Bluetooth-enabled devices normally need to “pair” with one another, a process that involves the exchange of a passkey between the two devices.