Tag: exchange | Qualys Blog

Large Microsoft Patch Tuesday Update for September 2016

Posted by Amol Sarwate in The Laws of Vulnerabilities on September 13, 2016

It’s September 2016 Patch Tuesday, and Microsoft has released 14 security bulletins that affect a host of components including desktop operating systems, servers, browsers , Exchange server, Silverlight, SMBv1 and several others. It’s a large update that will keep desktop as well as server administrators busy. Seven updates are rated as critical, while the other seven are rated as important. One 0-day vulnerability CVE-2016-3352 which was publicly disclosed earlier is also patched in the MS16-110 bulletin.

10 Comments
Permalink
Tags: edge, exchange, internet explorer, office, Patch Tuesday, silverlight, smb, vbscript

Microsoft, Adobe, POODLE on Patch Tuesday December 2014

Posted by Amol Sarwate in The Laws of Vulnerabilities on December 9, 2014

Watch Qualys coverage of Microsoft, Adobe and POODLE on Patch Tuesday December 2014

No Comments
Permalink
Tags: adobe, excel, exchange, ie, microsoft, poodle, word

November 2014 Patch Tuesday

Posted by wkandek in The Laws of Vulnerabilities on November 11, 2014

This month Microsoft is publishing 14 bulletins with new versions and patches for its software, operating systems and applications. This is one fewer bulletin than Microsoft had announced last week.

No Comments
Permalink
Tags: .net, adobe, exchange, explorer, flash, internet, microsoft, office, ole, packager, patch, sharepoint, tuesday, word

Year closing – December 2013 Patch Tuesday

Posted by wkandek in The Laws of Vulnerabilities on December 10, 2013

Today Microsoft released 11 security bulletins that address 24 vulnerabilities in the last Patch Tuesday of 2013. This month’s patches takes the total number of bulletins to 106 and the distinct vulnerability count to just over 330 for the year.

No Comments
Permalink
Tags: 0 day, adobe, exchange, flash, office, patch, reader, sharepoint, tiff, tuesday, word

Oracle CPU October 2013

Posted by wkandek in The Laws of Vulnerabilities on October 15, 2013

Oracle released today its Critical Patch Update (CPU) for October 2013. The CPU is Oracle’s quarterly mechanism to publish updates for all of its supported products, including – for the first time in Oct 2013 – Java. Java used to be on a different update cycle of every four months, but as of this month, it is synchronized with the normal Oracle updates.

No Comments
Permalink
Tags: exchange, fusion, java, microsoft, oracle, outside in, solaris

August 2013 Patch Tuesday – Updated

Posted by wkandek in The Laws of Vulnerabilities on August 13, 2013

Update 2: Microsoft reissued MS13-061 today to include Exchange 2013 again. You should be able to install it now without issues, but it makes sense to test the installation in your environment and/or wait until your next downtime for the installation.

Update: Microsoft has pulled the MS13-061 update for Exchange 2013 because it causes a corruption of the index database. Hopefully you have not been impacted, because you do not install server patches on critical machines right away, which seems like a good cautious measure at the moment. Nevertheless If you have Exchange 2013 and have not installed MS13061 yet then wait. If you have installed it and your installation shows signs of the issue, please take a look a KB2879739 for a workaround involving the editing of registry keys.

No Comments
Permalink
Tags: exchange, explorer, internet, windows, xp

August 2013 Patch Tuesday Preview

Posted by wkandek in The Laws of Vulnerabilities on August 8, 2013

The Microsoft August Advance Notification for next week’s Patch Tuesday is out. There will be eight bulletins, three rated "critical" providing Remote Code Execution (RCE), with the remaining five bulletins marked "important".

1 Comment
Permalink
Tags: exchange, explorer, internet, microsoft