Tag Archive for: patch

Patch Tuesday November 2015: Microsoft releases 12 fixes, 4 rated critical

For Patch Tuesday November 2015, Microsoft released 12 security bulletins, four rated as critical and the remaining 8 rated as important.

Rated Critical

MS15-112 is the cumulative fix for remote code execution flaws in Internet Explorer. Microsoft lists 25 CVEs, most of which are IE memory corruption vulnerabilities. 19 are called Internet Explorer memory corruption vulnerabilities, with three CVEs labeled slightly different as Microsoft browser memory corruption vulnerabilities. Of the remaining CVEs, one involves Microsoft browser ASLR bypass, one is for an IE information disclosure flaw, and one is a scripting engine memory corruption vulnerability. You should deploy this as soon as possible.

To read this article in full or to leave a comment, please click here

Network World Security

Android Now Shows Your Device’s “Android Security Patch Level” In Marshmallow – Android Police


Android Police

Android Now Shows Your Device's "Android Security Patch Level" In Marshmallow
Android Police
While going hands-on with the Nexus 5X and 6P a bit earlier, I noticed something interesting in the "about" screen of both devices: a new field. It's called "Android security patch level," and what it appears to do is display the date of your phone's
Android Marshmallow's best security measure is a simple dateThe Verge
Google's new Nexus phones do security update transparency rightAndroid Central
Google's new Nexus devices offer specific details on security updatesAndroid Authority (blog)
9 to 5 Google –Android Headlines – Android News –Daily Mail
all 1,824 news articles »

“android security” – read more

Microsoft may offer some Windows 10 patch notes to enterprises

IT administrators may get more information than originally planned about Windows 10 patches, as Microsoft ponders how much to tell business customers about modifications to the new OS.

“We’ve heard that feedback from enterprise customers so we’re actively working on how we provide them with information about what’s changing and what new capabilities and new value they’re getting,” Jim Alkove, a vice president in the Windows group, said during a press briefing. 

It’s a change in tone for the company, which previously said that it wouldn’t provide detailed information about most Windows 10 patches. That original plan was bad news for IT managers and users who want to know what an update does before they install it. This is more of an issue now that Microsoft is supposed to release more frequent updates over the lifetime of Windows 10, as part of its “Windows as a service” plans, than it did for previous editions of Windows.

To read this article in full or to leave a comment, please click here

Network World Security

Microsoft issues out-of-band patch for critical Internet Explorer flaw

Internet Explorer Wikimedia

A dangerous flaw in Internet Explorer has prompted Microsoft to issue a patch outside its regularly scheduled monthly security updates in order to head off a known exploit of the vulnerability.

The company has issued a security bulletin that describes how users who are lured to specially crafted webpages could have attackers take over control of their computers with the same rights as the user who logged into the machine.

To read this article in full or to leave a comment, please click here

Network World Tim Greene