Category Archives: Time to Patch

Short posts on the latest security updates for widely-used software.

‘Trojan Source’ Bug Threatens the Security of All Code

November 1, 2021
54 Comments

Virtually all compilers — programs that transform human-readable source code into computer-executable machine code — are vulnerable to an insidious attack in which an adversary can introduce targeted vulnerabilities into any software without being detected, new research released today warns. The vulnerability disclosure was coordinated with multiple organizations, some of whom are now releasing updates to address the security weakness.

Patch Tuesday, October 2021 Edition

October 12, 2021
16 Comments

Microsoft today issued updates to plug more than 70 security holes in its Windows operating systems and other software, including one vulnerability that is already being exploited in active attacks. This month’s Patch Tuesday also includes security fixes for the newly released Windows 11 operating system.

Microsoft Patch Tuesday, September 2021 Edition

September 14, 2021
20 Comments

Microsoft today pushed software updates to plug dozens of security holes in Windows and related products, including a vulnerability that is already being exploited in active attacks. Also, Apple has issued an emergency update to fix a flaw that’s reportedly been abused to install spyware on iOS products, and Google’s got a new version of Chrome that tackles two zero-day flaws. Finally, Adobe has released critical security updates for Acrobat, Reader and a slew of other software.

Microsoft Patch Tuesday, August 2021 Edition

August 10, 2021
31 Comments

Microsoft today released software updates to plug at least 44 security vulnerabilities in its Windows operating systems and related products. The software giant warned that attackers already are pouncing on one of the flaws, which ironically enough involves an easy-to-exploit bug in the software component responsible for patching Windows 10 PCs and Windows Server 2019 machines.

Microsoft Patch Tuesday, July 2021 Edition

July 13, 2021
49 Comments

Microsoft today released updates to patch at least 116 security holes in its Windows operating systems and related software. A half of dozen of the vulnerabilities addressed today are under active attack, according to Microsoft.

Microsoft Issues Emergency Patch for Windows Flaw

July 7, 2021
91 Comments

Microsoft on Tuesday issued an emergency software update to quash a security bug that’s been dubbed “PrintNightmare,” a critical vulnerability in all supported versions of Windows that is actively being exploited. The fix comes a week ahead of Microsoft’s normal monthly Patch Tuesday release, and follows the publishing of exploit code showing would-be attackers how to leverage the flaw to break into Windows computers.

Another 0-Day Looms for Many Western Digital Users

July 2, 2021
24 Comments

Countless Western Digital customers saw their MyBook Live network storage drives remotely wiped in the past month thanks to a bug in a product line the company stopped supporting in 2015, as well as a previously unknown zero-day flaw. But there is a similarly serious zero-day flaw present in a much broader range of newer Western Digital MyCloud network storage devices that will remain unfixed for many customers who can’t or won’t upgrade to the latest operating system.

MyBook Users Urged to Unplug Devices from Internet

June 25, 2021
56 Comments

Hard drive giant Western Digital is urging users of its MyBook Live brand of network storage drives to disconnect them from the Internet, warning that malicious hackers are remotely wiping the drives using a previously unknown critical flaw that can be triggered by anyone who knows the Internet address of an affected device.

Microsoft Patches Six Zero-Day Security Holes

June 8, 2021
59 Comments

Microsoft today released another round of security updates for Windows operating systems and supported software, including fixes for six zero-day bugs that malicious hackers already are exploiting in active attacks.

Microsoft Patch Tuesday, May 2021 Edition

May 11, 2021
37 Comments

Microsoft today released fixes to plug at least 55 security holes in its Windows operating systems and other software. Four of these weaknesses can be exploited by malware and malcontents to seize complete, remote control over vulnerable systems without any help from users. On deck this month are patches to quash a wormable flaw, a creepy wireless bug, and yet another reason to call for the death of Microsoft’s Internet Explorer (IE) web browser.