Credit to Author: John E Dunn| Date: Mon, 18 Nov 2019 11:24:32 +0000
The idea is simple – create a global platform for reporting and fixing vulnerabilities in open source projects before they do damage.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/pPayEpWTksQ” height=”1″ width=”1″ alt=””/>
Read more
Credit to Author: John E Dunn| Date: Wed, 13 Nov 2019 17:12:34 +0000
November’s Patch Tuesday arrived to plug 73 CVE-level vulnerabilities across Microsoft’s software products, including 13 ‘criticals’.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/mcprAY-1N-s” height=”1″ width=”1″ alt=””/>
Read more
Credit to Author: Woody Leonhard| Date: Wed, 13 Nov 2019 07:59:00 -0800
The patches haven’t yet been out for 24 hours and already we’re seeing a lot of activity. Here’s where we stand with the initial wave of problems.
Many early patchers found that the MSRT, KB 890830, kept installing itself over and over again. Poster IndyPilot80 says:
It sits at “Installing: 0%” for a couple minutes then goes away. When I hit “Check for Updates” it shows up again and does the same thing.
Credit to Author: Lisa Vaas| Date: Wed, 13 Nov 2019 11:31:59 +0000
Microsoft said CCPA is good news, given the failure of Congress to pass a comprehensive privacy protection law at the federal level.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/WyNVOQw0oyw” height=”1″ width=”1″ alt=””/>
Read more
Credit to Author: BrianKrebs| Date: Tue, 12 Nov 2019 22:04:32 +0000
Microsoft today released updates to plug security holes in its software, including patches to fix at least 74 weaknesses in various flavors of Windows and in software that runs on top of it. The November updates include patches for a zero-day flaw in Internet Explorer that is currently being exploited in the wild, as well as a sneaky bug in certain versions of Office for Mac that bypasses security protections and was detailed publicly prior to today’s patches.
Read more
Credit to Author: SophosLabs Offensive Security| Date: Tue, 12 Nov 2019 17:15:50 +0000
Microsoft released their monthly security updates for November, 2019, this morning. This month, Microsoft said the company fixed a total of 73 vulnerabilities across its product lines. Thirteen of the fixes address problems Microsoft classifies as Critical, the most urgent type of problem to address. The company classified the repair of an additional 59 bugs […]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/BBm3ctmT8pE” height=”1″ width=”1″ alt=””/>
Read more
Credit to Author: Lisa Vaas| Date: Tue, 12 Nov 2019 10:40:35 +0000
With more than 440,000 customers, SmarterASP.NET is said to be one of the most popular ASP.NET hosting providers.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/7gm-ObQypLU” height=”1″ width=”1″ alt=””/>
Read more
Credit to Author: Danny Bradbury| Date: Mon, 11 Nov 2019 15:58:08 +0000
Microsoft has urged people to patch their Windows systems following the appearance of mass BlueKeep exploits just over a week ago.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/t3L4UyESmBg” height=”1″ width=”1″ alt=””/>
Read more
Credit to Author: Woody Leonhard| Date: Mon, 11 Nov 2019 05:03:00 -0800
For those of you who haven’t patched since May, there’s exceedingly bad news on the horizon. Per Catalin Cimpanu at ZDNet, Metasploit’s working-but-just-barely BlueKeep exploit is about to get a significant bug fix. That’ll put BlueKeep infection capabilities in the hands of mere mortals. The script kiddies won’t be far behind.
If you’re using — or you know someone who’s using — Windows XP, Vista, Win7, Server 2003, Server 2008 or Server 2008 R2, get patched now. The fix is easy. Even Aunt Martha can handle it.
Credit to Author: Lucas Mearian| Date: Tue, 05 Nov 2019 12:24:00 -0800
Microsoft has integrated third-party mobile threat defense (MTD) software with its Intune unified endpoint management (UEM) platform, enabling corporate systems to detect when an employee’s unenrolled, smartphone or tablet has an app potentially infected by malware.
The new Intune capability is particularly useful for companies with bring-your-own device (BYOD) policies in that it can block access to enterprise systems on devices flagged by the MTD software.
The mobile threat detection feature on Intune will initially allow it to work with software from Lookout for Work, Better Mobile and Zimperium. “In future, we expect other partners to add support for this integration,” Microsoft said via a Monday blog post released during its Ignite conference.