Technical Communications
November is the second-to-last Patch Tuesday of 2016, and it brings a slightly higher than typical number of bulletins: six Critical bulletins and eight Important bulletins. The 8th is the earliest date that Patch Tuesday can take place in a month; December’s Patch Tuesday (and the last of 2016) takes place in exactly five weeks. Among the items fixed today was the zero-day vulnerability in Windows that was used in the same attacks at the Adobe Flash Player zero-day in late October.
Read More Adobe has released an out-of-bound patch for Flash Player due to a zero-day vulnerability. According to Adobe’s bulletin (APSB16-36), versions of Flash from 23.0.0.185 and earlier (released on October 11) are affected. (Adobe Flash Player for Linux uses a separate version numbering system; for that product versions 11.2.202.637 and earlier are vulnerable.) We urge all users who still have Flash installed to update to the version released today as soon as possible.
Read More The second Tuesday of the month is here, which means one thing – new patches from Microsoft. Compared to recent months, September’s batch of patches is slightly larger with 14 bulletins in all, evenly split between Critical and Important ones.
Read More The second Tuesday of August has arrived, which means one thing for Microsoft users: Patch Tuesday. Relatively speaking, August’s batch of patches is relatively light, with only nine bulletins, although five are rated as Critical.
Read More
Last week, a lot of tech media sites were breathlessly reporting how the National Institute of Science and Technology in the United States was saying that two-factor authentication (2FA) via SMS messages would be “deprecated” in future standards. Some took this to mean that this technique was insecure, and that users should shy away from this method. Let’s step back and see what the NIST really said:
Read More