Contents tagged with Security Update
-
Omphaloskepsis and the December 2013 Security Update Release
There are times when we get too close to a topic. We familiarize ourselves with every aspect and nuance, but fail to recognize not everyone else has done the same. Whether you consider this myopia, navel-gazing, or human nature, the effect is the same. I recognized this during the recent webcast when someone asked the question – “What’s the difference between a security advisory and a security bulletin?” The answer was simple to me, as I’ve been doing this for years, but the question was valid and it reminded me that not every person on the planet knows all of the ins and outs of Update Tuesday.
-
MBSA 2.3 and the November 2013 Security Bulletin Webcast, Q&A, and Slide Deck
Today we’re publishing the November 2013 Security Bulletin Webcast Questions & Answers page. The majority of questions focused on the ActiveX Kill Bits bulletin (MS13-090) and the advisories. We also answered a few general questions that were not specific to any of this month’s updates, but that may be of interest.
-
The October 2013 security updates
This month we release eight bulletins – four Critical and four Important - which address 25* unique CVEs in Microsoft Windows, Internet Explorer, SharePoint, .NET Framework, Office, and Silverlight. For those who need to prioritize their deployment planning, we recommend focusing on MS13-080, MS13-081, and MS13-083.
-
ISA 2006 / TMG 2010: DISABLE CLIENT-INITIATED SSL RENEGOTIATION, PROTECTING AGAINST DOS ATTACKS AND MALICIOUS DATA INJECTION
In these days we received a considerable number of support requests asking for more info about SSL/TLS Renegotiation and the risk it introduces of being exposed to DoS attacks and malicious code injections.
-
September 2013 Security Bulletin Webcast, Q&A, and Slide Deck
Today we’re publishing the September 2013 Security Bulletin Webcast Questions & Answers page. The majority of questions focused on Office bulletins, especially SharePoint Server (MS13-067). We received multiple Office related questions that were very similar in nature, so the questions have been merged, as applicable, with consolidated answers provided. We were able to answer six questions on air, and those we did not have time for have been included on the Q&A page.
-
August 2013 Security Bulletin Webcast, Q&A, and Slide Deck
Today we’re publishing the August 2013 Security Bulletin Webcast Questions & Answers page. We fielded 13 questions on various topics during the webcast, with specific bulletin questions focusing primarily on Exchange Server (MS13-061) and Windows Kernel (MS13-063). There were 3 additional questions during the webcast that we were unable to answer on air, and we have also answered those on the Q&A page.
-
Advance Notification Service for August 2013 Security Bulletin Release
Today we’re providing advance notification for the release of eight bulletins, three Critical and five Important, for August 2013. The Critical updates address vulnerabilities in Microsoft Windows, Internet Explorer and Exchange.