Microsoft Leprechaun Leaves a Pot Full of Patches

We’re coming upon that time of the month again for Microsoft administrators; patch time. According to the latest Advanced Notification page, our Microsoft friends plan on releasing seven security bulletins next Tuesday. The bulletins will including updates to fix security vulnerabilities in Windows, Office, Internet Explorer (IE), Silverlight, and some of their Server Software.

MS Black Tuesday: 12 Bulletins, 57 Flaws, and Lots of Work

Though not the biggest on record, today’s Patch Day is no slouch.

As expected, Microsoft released a dozen security bulletins, fixing 57 vulnerabilities that affect a range of their software, including:

January Radio Free Security: Red October, Java 0day, and More

Radio Free Security (RFS) is a monthly audio podcast dedicated to spreading knowledge about network and information security, and to keeping busy IT administrators apprised of the latest security threats they face online. If you’re looking for the latest security news and best practice tips, this show is for you.

Microsoft Piles on Patches Next Tuesday

February looks to be a busy month for Microsoft administrators. According to the latest advanced patch notification, the Redmond-based software company plans to release a dozen security bulletins next Tuesday. The bulletins will fix security flaws in Windows, Internet Explorer (IE), Office, the .NET Framework, and Exchange server. Microsoft rates five of the bulletins as Critical, and the rest as Important.

WatchGuard Security Week in Review: Episode 50 – UPnP Pwnage

This week is rife with security news. If you want the quick highlights, you’ve come to the right place. Today’s video covers a few Yahoo XSS vulnerabilities, some serious UPnP security flaws, and the alleged China-based hack of the New York Times. Watch the video below for details.

WatchGuard Security Week in Review: Episode 49 – Expelled Hacker

Red October, Cisco WLAN Updates, and Expelled Hacker Welcome to another “on the road” edition of WatchGuard Security Week in Review, the video podcast dedicated to summarizing the biggest InfoSec stories each week. This week’s episodes covers a Cisco wireless controller security update, Kaspersky’s investigation into the Red October cyber-espionage campaign, and the controversy surrounding an expelled “white hat” hacker. For more details on those stories and others, watch the short video below.

WatchGuard Security Week in Review: Episode 48 – 0day Updates

This week’s security video summary comes a tad late due to my travel schedule this week. It covers updates on the two latest zero day exploits, Oracle’s critical patch update, and stories about a mobile phone botnet and US power plant breach. Click play below to watch the short episode, or check out the References for more details.

WatchGuard Security Week in Review: Episode 46 – Piles of Patches

Ready for a weekly dose of InfoSec? This episode has a strong “patch” theme, with many vendors releasing some big security updates this week. Besides the patches, I also cover a few new 0day exploits, including a serious Java one getting leveraged quite a bit in the wild, and a couple crazy sounding security-related news items. If you want all the details, click play below, or check out the Reference section.