All Posts

3 posts

Year closing – December 2013 Patch Tuesday

Today Microsoft released 11 security bulletins that address 24 vulnerabilities in the last Patch Tuesday of 2013. This month’s patches takes the total number of bulletins to 106 and the distinct vulnerability count to just over 330 for the year. 

Continue reading …

December 2013 Patch Tuesday Preview – Update

Update: Microsoft confirmed the fix for the TIFF 0-day and also that the local 0-day will not get an update next week. Best defense is to update your Adobe Reader installation.

Original: Today, Microsoft has pre-announced this year’s last Patch Tuesday lineup. We will have 11 security bulletins covering Internet Explorer, Windows operating systems and Microsoft Office software. This brings the overall count of security bulletins for 2013 to 106, up quite significantly from last year’s count of 83, but roughly in line with 2011 (100 bulletins) and 2010 (106 bulletins). Microsoft has also maintained the more continuous release of bulletins started in 2012 with an average of just under 9 bulletins per month rather than the more bursty bi-monthly nature of previous years. The steady, more predictable release cycle is helpful to IT administrators as it helps them prepare for the workload necessary for each Patch Tuesday.

Continue reading …

New Microsoft 0-Day Vulnerability Under Attack – Update

Update: McAfee has published a blog post providing more details about the attack vector through Office and how it manifests on the attacked machine.

Continue reading …