Patch Management

Patch Management news, information, and how-to advice

confused sticky notes
Piñata de Internet Explorer

Zero day, Web browser vulnerabilities spike in 2014

The good news: More than 83 percent of vulnerabilities had patches ready when the flaws became public

Flash-based vulnerability lingers on many websites three years later

A large number of developers have failed to patch their Flash apps against a vulnerability that can be exploited to target Web users

warning sign

Windows Server 2003 admins beware: Microsoft reissues Netlogon patch KB 3002657

If you're running Windows Server 2003, Microsoft advises you install KB 3002657-v2 on top of the first patch

OpenSSL mystery patches due for release Thursday

No details of the vulnerabilities are available yet, but one flaw is rated of 'high' severity

oops key showing mistake error or failure 96395168

KB 3033929 install fails, with multiple errors

The reissued patch that's supposed to bring SHA-2 code signing abilities to Win7/Server 2008 R2 is causing havoc

patches man laptop computer headache frustration

Woes mount for Microsoft Netlogon patch KB 3002657, SHA-2 signing patch KB 3033929

In good news: Microsoft patch KB 3032359 fixes last month's Poodle patch that broke Cisco AnyConnect VPN

Exclamation point on screen.

Problems reported with Microsoft patch KB 3002657, warning issued on KB 3046049

But in general, this month's massive patching exercise is going surprisingly well so far

Microsoft fixes FREAK vulnerability in Patch Tuesday update

Microsoft has issued five critical patches among its 14 updates for for Windows, Internet Explorer, and Office

man solving jigsaw puzzle pieces

Windows 8.1 cumulative patch KB 3000850 rears its ugly head again

Without warning or explanation, Microsoft changes the much-maligned KB 3000850 from 'optional' to 'important'

Flat line alert on heart monitor    160085472

Microsoft revises security warning for massive February IE rollup KB 3034682

Users who apply February's patches manually must hit Windows Update twice to be fully protected and prevent degraded page rendering


Mozilla scrubs Superfish certificate from Firefox

Firefox update removes from the browser's repository the self-signed digital certificate implanted by Superfish

Flaw in popular Web analytics plug-in exposes WordPress sites to hacking

Attackers can easily crack cryptographic keys used by the WP-Slimstat plug-in and use them to read information from a site's database

Lenovo admits to Superfish screw-up, will release clean-up tool

The company confirmed that a software program preloaded on some of its laptops exposes users to potential attacks

Windows XP

Microsoft to double price of XP's post-retirement support

The price of renewals of custom support agreements will rise to $400 for each Windows XP PC, says licensing expert

band-aid patch bandage

Microsoft surreptitiously reissues KB 3013455 for Vista, Windows Server 2003

The lack of documentation leaves users to guess what the Windows patch does and how to install it

repair man

Microsoft posts fix for Poodle patch KB 3023607 that clobbers AnyConnect VPN

Cisco says Microsoft will release an honest-to-goodness patch on March 10 to roll out the fix automatically

patch band-aid bandage broken fix

Microsoft releases patch KB 2956149 to get PowerPoint RT running again

The new patch replaces KB 2920732, which proved to be a PowerPoint RT killer

broken glass

Microsoft's SSL 3.0 Poodle-busting patch KB 3023607 breaks popular Cisco VPN client

Cisco verifies that installing KB 3023607 may lead to 'Failed to initialize connection subsystem' errors with AnyConnect VPN

Load More