XP/Server 2003 Kernel Vulnerability

It hasn’t received much attention – perhaps because Microsoft is focusing its security efforts on Windows Vista and later operating systems, as XP draws perilously close to its end of support date less than five months from now – but last week the company released a security advisory for a kernel vulnerability in Windows XP […]

Continue reading

Beware the Ides of Cyber Monday

‘Tis the season to … go shopping?  In the U.S., the day after Thanksgiving – often called “Black Friday” – has traditionally been the heaviest shopping day of the year. Spending on that day in 2012 totaled a record-breaking $59.1 billion despite an uncertain economy. In the last decade, though, another “big spender” day has […]

Continue reading

Third Party Patch and Vulnerability Roundup: November 2013

In the U.S. where I live, the end of November means celebrating our holiday of Thanksgiving, a time when we try to cultivate an “attitude of gratitude” for all the good things we have. On the professional level, I’m thankful for the progress that software vendors have made over the years in addressing security issues. […]

Continue reading

Telecommuting: Is it the Wave of the Future or On the Way Out?

I’ve been working from home for over 15 years now – but then, I’m a self-employed sole proprietor.  Most of the people I know work for small/medium businesses, corporations or government entities. For a long time, I was the envy of all those friends and relatives who had to get all dressed up and fight […]

Continue reading

Understanding Microsoft’s Crypto Recommendations

In addition to the eight security updates that they released this month, Microsoft also set out some recommendations regarding choices of cryptographic algorithms that may have left some IT pros and managers scratching their heads in confusion. Just because you’re an experienced network administrator, it doesn’t mean you’re an expert in cryptography, which is a […]

Continue reading

November Patch Tuesday Roundup

The weather has taken a turn toward winter in many parts of the United States on this second Tuesday of November. Meanwhile, my friends in Australia are enjoying a sunny summer day. But no matter where you are, hot or cold or in between, IT admins are getting ready to roll out this month’s slate […]

Continue reading

Email and Web Security Key to Protecting Against Zero Day Exploit

Earlier today, we reported on the TIFF-handling Zero Day exploit that is reportedly being used by Operation Hangover hackers to attack targets in the Middle East. The attacks utilize malicious code in email, instant messages or web pages, memory corruption, and a flaw in a graphics-handling component to get in and execute code remotely on […]

Continue reading

No Patch Forthcoming for TIFF-handling Zero Day Vulnerability

As we noted in Friday’s Advance Notification post and will explore in more detail in tomorrow’s recap of the November Patch Tuesday releases, Microsoft® is putting out eight security fixes this month.  However, SC Magazine reported a few days ago that this slate of patches will not include one to address a zero day vulnerability […]

Continue reading

Advance Notification: Looking at Eight More Updates for November

Microsoft is following up its eight patches in October with another octet in November, according to the Advance Notification released today.  This time only three of the updates are rated critical, but because they impact various versions of Windows and Internet Explorer, all of them need to be taken very seriously. Once again, we’re looking […]

Continue reading

Third Party Patch and Vulnerability Roundup: October 2013

As we approach the end of this month, it’s time to take a look at the non-Microsoft™ security fixes that have come down the pike over the last four weeks. In case you missed it, you can check out my synopsis of Microsoft’s October Patch Tuesday updates at https://www.techtalk.gfi.com/october-patch-tuesday-roundup/.

Continue reading