code execution Archives

Yesterday was Patch Tuesday again

Dave Farquhar security October 12, 2011October 11, 2011code execution, malware, Patch Tuesday

I’m way too tired to do the kind of Patch Tuesday writeup I did last month, so I’ll just remind you, and hope that suffices. This month we have vulnerabilities in Windows, Internet Explorer, Silverlight, and .NET, some of which can cause remote code execution, which is a holy grail for spreading malware. So apply those updates. The Silverlight update applies to Macintoshes as well.

Dave Farquhar

David Farquhar is a computer security professional, entrepreneur, and author. He has written professionally about computers since 1991, so he was writing about retro computers when they were still new. He has been working in IT professionally since 1994 and has specialized in vulnerability management since 2013. He holds Security+ and CISSP certifications. Today he blogs five times a week, mostly about retro computers and retro gaming covering the time period from 1975 to 2000.

dfarq.homeip.net

Happy Patch Tuesday, September 2011

Dave Farquhar security September 13, 2011Adobe Reader, code execution, excel, firefox, macintosh, Microsoft Office, office 2007, oracle, Patch Tuesday, pdf files, SQL, toolkits, unix, vista, vulnerability, Windows Server, Windows Server 2003, Windows XP

Microsoft has five updates and Adobe has two for us on this fine Patch Tuesday, in addition to a patch Mozilla pushed out for Firefox last week.

Don’t get too complacent if you run something other than Windows. If you run Microsoft Office on a Mac, or Adobe Reader or Acrobat on a Mac, or Adobe Reader on Unix or Linux, you’re vulnerable. The vulnerabilities in those affected products are more serious than the vulnerabilities for Windows. So keep that in mind. Don’t be smug about security. It’ll bite you.

Dave Farquhar

dfarq.homeip.net