Google Chrome impacted by new Magellan 2.0 vulnerabilities

December 26, 2019 / mbenlawson / Leave a comment

Given the nature of these vulnerabilities, please review your environment and make sure your version of Chrome is up-to-date.

https://www.zdnet.com/article/google-chrome-impacted-by-new-magellan-2-0-vulnerabilities/?mid=1

Windows 7 problems: Microsoft blocks April updates to systems at risk of freezing

April 11, 2019 / mbenlawson / Leave a comment

As the mad dash to convert to Window 10 for businesses and corporations around the world continues, this Windows 7 patching issue comes at an inopportune time. Please be aware of this issue if you currently utilize Sophos in your Windows 7 environment.

https://www.zdnet.com/article/windows-7-problems-microsoft-blocks-april-updates-to-systems-at-risk-of-freezing/

Microsoft patches Patch Tuesday’s Outlook 2010 problem patch

November 28, 2018 / mbenlawson / Leave a comment

Please take a moment to consider and remember what you have patched and what you have placed on hold, and then adjust accordingly, given that Microsoft has now purportedly righted the patching ship.

https://nakedsecurity.sophos.com/2018/11/27/microsoft-patches-patch-tuesdays-outlook-2010-problem-patch/

Tripwire Patch Priority Index for February 2018

March 1, 2018 / mbenlawson / Leave a comment

Take note as you finalize your patching cycle for February and verify that all patching is complete.

https://www.tripwire.com/state-of-security/vert/tripwire-ppi-february-2018/

Microsoft Issues Out-of-Band Fix for Intel’s Broken Spectre Patch

January 29, 2018 / mbenlawson / Leave a comment

The fun with Spectre and Meltdown patching just keeps coming. Take a moment to review your environments and update your patching accordingly.

https://www.infosecurity-magazine.com/news/microsoft-out-of-band-fix-intels/

Dell Advising All Customers To Not Install Spectre BIOS Updates

January 24, 2018 / mbenlawson / Leave a comment

This article is in line with other reports of vendors and Intel itself backing away from Spectre and Meltdown patching updates and tweaks.

https://www.bleepingcomputer.com/news/security/dell-advising-all-customers-to-not-install-spectre-bios-updates/

Intel Says to Stop Applying Problematic Spectre, Meltdown Patch

January 23, 2018 / mbenlawson / Leave a comment

Linus Torvalds and many others have come out in protest against the hasty and often flawed patching approach to the Meltdown and Spectre vulnerabilities. It is good to see Intel pumping the breaks on this process and taking a closer look at the architectural needs associated with the correction of this flaw.

https://www.darkreading.com/vulnerabilities—threats/intel-says-to-stop-applying-problematic-spectre-meltdown-patch-/d/d-id/1330871

All websites running WordPress urged to update NOW

November 1, 2017 / mbenlawson / Leave a comment

Please review your WordPress installations and patch accordingly.

https://www.welivesecurity.com/2017/11/01/wordpress-update-now/

Oracle and Flash Patching News

October 18, 2017 / mbenlawson / Leave a comment

There is a critical Flash update that arrived out-of-band this week. Also, Oracle has released updates addressing 250 known bugs. Please review your environments and patch accordingly.

https://threatpost.com/oracle-patches-250-bugs-in-quarterly-critical-patch-update/128484/

https://nakedsecurity.sophos.com/2017/10/17/flash-0-day-in-the-wild-patch-now/