Light Patch Tuesday Brings Two XSS Fixes

As I mentioned in last week’s early warning, today’s Patch Day is extremely light with only two updates. According to their September bulletin summary, Microsoft has only released updates for Visual Studio Foundation Server and System Center Configuration Manager. Both updates fix cross-site scripting (XSS) vulnerabilities that Microsoft rates as Important.

WatchGuard Security Week in Review: Episode 32 – UDID Leaks and Java Updates

A few years ago, we’d be lucky to see one major information security story in the news each week. Now, we consistently see more security news than the average IT guy can keep up with. If you’re looking for a quick summary of the most important information and network security news, you’ve come to the right place.

Critical Java Vulnerabilities Update: Apple OS X Patched

Last week, I posted an alert about some highly critical flaws in Oracle Java; especially one in particular (CVE-2012-4681), which attackers have aggressively exploited in the wild. If an attacker can lure you to a web page or link containing malicious Java content, he can exploit these flaws to execute code on your computer, potentially gaining complete control of it. Oracle released an out-of-cycle update last week to fix this vulnerability, and two others.

Oracle’s Out-of-Cycle Java Update Closes Two Serious Zero Day Holes

Java is a programming language (first implemented by Sun Microsystems) used most often to enhance web pages. Most operating systems today implement a Java interpreter to recognize and process Java code from websites and other sources. Oracle’s Sun Java Runtime Environment (JRE) is one of the most popular Java interpreters currently used.

WatchGuard Security Week in Review: Episode 30

I’ve posted today’s weekly security news summary video a bit late, due to some work travel that got in the way of production, but better late than never right? If you’re interested in the biggest information security stories from the week, you’re at the right place.