March is most definitely full of madness as Microsoft resolves 115 unique vulnerabilities! The good news is you can predict what to do much easier than your basketball picks. Patch the OS and browsers and you take care of 97 CVEs from the 115 contenders.
This document summarizes a webinar on the March 2021 Patch Tuesday updates. The webinar agenda includes an overview of the March Patch Tuesday updates, news related to recent vulnerabilities, details on bulletins and releases from Microsoft, and a question and answer session. Specific topics discussed include the Exchange Server vulnerabilities exploited by the Hafnium group, Windows updates that address 50 vulnerabilities including the publicly disclosed IE and Win32k issues, updates for Windows versions and servers, and known issues for some of the March updates.
The document summarizes a webinar on the March 2022 Patch Tuesday updates. It provides an agenda for the webinar including an overview of March Patch Tuesday, bulletins and releases, vulnerabilities in the news, and a Q&A session. It also summarizes several security updates released by Microsoft and Mozilla to address vulnerabilities in Windows, Exchange Server, Internet Explorer and Firefox. Known issues are also listed for some of the updates.
We've got some critical patches for Microsoft and Oracle for the month of April. Also, some insights on keeping your organization's Zoom users secure. Join Ivanti experts Chris Goettl, Todd Schell and Brian Secrist for their monthly Patch Tuesday webinar.
For all of you who have asked for a pause to Patch Tuesday, you did not get exactly what you wanted for Christmas, but close. December Patch Tuesday is the lightest of 2020. Only 58 unique CVEs were resolved, nine of which are rated as Critical. There is also one advisory (ADV200013), which provides guidance for addressing a spoofing vulnerability in DNS Resolver. There were no publicly disclosed or exploited vulnerabilities this month on the Microsoft side. Adobe released a couple of low severity updates for Adobe Reader for Android and Adobe Connect. The Adobe Reader release (APSB20-67) from December 3 resolved 14 vulnerabilities, four of which were Critical. This is the more urgent release from Adobe for the month. Adobe Flash had an update for December Patch Tuesday, but it did not include any resolved vulnerabilities.
This document summarizes an Ivanti webinar about the April 2021 Patch Tuesday updates. It provides an agenda that includes an overview of the April Patch Tuesday updates, news items related to recent vulnerabilities, details on publicly disclosed vulnerabilities and a known exploited vulnerability from Microsoft this month. It also summarizes several Microsoft bulletins and releases including updates for Windows 10, Windows Server 2008, Windows 7, Windows Server 2012, and Windows 8.1. Known issues are also listed for some of the updates.
The first Patch Tuesday of 2021 is upon us. I know you are thinking “Is there no end!” Well, no in fact. There is no end to the updates, but we are here to help you prioritize. Microsoft has resolved 83 CVEs, 10 of which are Critical. There is one Public Disclosure and one Zero Day. Good news is the Zero Day may already be taken care of for most of you as it is in the Microsoft Malware Protection Engine which should have already conveniently updated itself. The rest of the critical vulnerabilities this month are in the OS and Edge browser. Also keep an eye out for Oracle’s CPU coming January 19th.
Fr february 2022 patch tuesday v2 presenters slidesIvanti
This document provides an overview and summary of the February 2022 Patch Tuesday updates. Key points include:
- The February updates are smaller than average, resolving 48 vulnerabilities rated as Important.
- Updates are available for Windows 10, 11, Server 2008-2022 and related products. Known issues include problems with file renaming and Active Directory forest trusts.
- Other updates cover Firefox, .NET Framework and Azure.
- Guidance is provided on priority updates, newly disclosed vulnerabilities, and end-of-life dates for older products.
The average spent on Valentine’s Day is a topic that’s been making the rounds on social media. It’s generated shock and awe—but it’s nothing compared to the damage one exploited vulnerability can unleash on your organization. So, let’s keep the money in February flowing into flower stores and candlelit dinners, rather than into the pockets of those we’d never choose to date. For February the men (and women) of Patch Tuesday recommend you lavish attention upon Microsoft. Patch the exploited zero day, public disclosures, and privilege escalation vulnerability. Also, make time for the ever-popular target, Adobe. Because nothing leaves a worse taste in your mouth than a breach you could have prevented—unless, perhaps, it’s those chalky conversation hearts.
This document summarizes a webinar on the March 2021 Patch Tuesday updates. The webinar agenda includes an overview of the March Patch Tuesday updates, news related to recent vulnerabilities, details on bulletins and releases from Microsoft, and a question and answer session. Specific topics discussed include the Exchange Server vulnerabilities exploited by the Hafnium group, Windows updates that address 50 vulnerabilities including the publicly disclosed IE and Win32k issues, updates for Windows versions and servers, and known issues for some of the March updates.
The document summarizes a webinar on the March 2022 Patch Tuesday updates. It provides an agenda for the webinar including an overview of March Patch Tuesday, bulletins and releases, vulnerabilities in the news, and a Q&A session. It also summarizes several security updates released by Microsoft and Mozilla to address vulnerabilities in Windows, Exchange Server, Internet Explorer and Firefox. Known issues are also listed for some of the updates.
We've got some critical patches for Microsoft and Oracle for the month of April. Also, some insights on keeping your organization's Zoom users secure. Join Ivanti experts Chris Goettl, Todd Schell and Brian Secrist for their monthly Patch Tuesday webinar.
For all of you who have asked for a pause to Patch Tuesday, you did not get exactly what you wanted for Christmas, but close. December Patch Tuesday is the lightest of 2020. Only 58 unique CVEs were resolved, nine of which are rated as Critical. There is also one advisory (ADV200013), which provides guidance for addressing a spoofing vulnerability in DNS Resolver. There were no publicly disclosed or exploited vulnerabilities this month on the Microsoft side. Adobe released a couple of low severity updates for Adobe Reader for Android and Adobe Connect. The Adobe Reader release (APSB20-67) from December 3 resolved 14 vulnerabilities, four of which were Critical. This is the more urgent release from Adobe for the month. Adobe Flash had an update for December Patch Tuesday, but it did not include any resolved vulnerabilities.
This document summarizes an Ivanti webinar about the April 2021 Patch Tuesday updates. It provides an agenda that includes an overview of the April Patch Tuesday updates, news items related to recent vulnerabilities, details on publicly disclosed vulnerabilities and a known exploited vulnerability from Microsoft this month. It also summarizes several Microsoft bulletins and releases including updates for Windows 10, Windows Server 2008, Windows 7, Windows Server 2012, and Windows 8.1. Known issues are also listed for some of the updates.
The first Patch Tuesday of 2021 is upon us. I know you are thinking “Is there no end!” Well, no in fact. There is no end to the updates, but we are here to help you prioritize. Microsoft has resolved 83 CVEs, 10 of which are Critical. There is one Public Disclosure and one Zero Day. Good news is the Zero Day may already be taken care of for most of you as it is in the Microsoft Malware Protection Engine which should have already conveniently updated itself. The rest of the critical vulnerabilities this month are in the OS and Edge browser. Also keep an eye out for Oracle’s CPU coming January 19th.
Fr february 2022 patch tuesday v2 presenters slidesIvanti
This document provides an overview and summary of the February 2022 Patch Tuesday updates. Key points include:
- The February updates are smaller than average, resolving 48 vulnerabilities rated as Important.
- Updates are available for Windows 10, 11, Server 2008-2022 and related products. Known issues include problems with file renaming and Active Directory forest trusts.
- Other updates cover Firefox, .NET Framework and Azure.
- Guidance is provided on priority updates, newly disclosed vulnerabilities, and end-of-life dates for older products.
The average spent on Valentine’s Day is a topic that’s been making the rounds on social media. It’s generated shock and awe—but it’s nothing compared to the damage one exploited vulnerability can unleash on your organization. So, let’s keep the money in February flowing into flower stores and candlelit dinners, rather than into the pockets of those we’d never choose to date. For February the men (and women) of Patch Tuesday recommend you lavish attention upon Microsoft. Patch the exploited zero day, public disclosures, and privilege escalation vulnerability. Also, make time for the ever-popular target, Adobe. Because nothing leaves a worse taste in your mouth than a breach you could have prevented—unless, perhaps, it’s those chalky conversation hearts.
Join us this month as we recap the Microsoft and 3rd Party security patches released on Patch Tuesday. We will discuss things to watch out for, products to be sure to test adequately, and which patches should be highest priority to roll out.
This December Patch Tuesday attackers have added a smattering of coal to the gifts in our holiday stockings. You don’t want the Flash exploits slipping down the chimney while your back is turned, so make sure Adobe is on your list for maintenance goodies. Attackers could also turn the lights out on your holiday festivities via a Microsoft zero day and public disclosure, so prioritize those CVEs—and make sure you’ve checked off the other updates before shutting off the lights on 2018. Happy patching and happy holidays!
Happy New Year! Celebration continues in 2019 with a mild January Patch Tuesday. But, make sure you’ve deployed Microsoft’s emergency patch, released post December Patch Tuesday, so attackers with a New Year’s zero-day resolution don’t suck all the fun out of your month. Also, take note of the public disclosure, and take this calm before whatever comes next to catch up on Java support changes going forward. Java SE 8 will soon receive its last public update.
Join us this month as we recap the Microsoft and 3rd Party security patches released on Patch Tuesday. We will discuss things to watch out for, products to be sure to test adequately, and which patches should be highest priority to roll out.
Ivanti’s Patch Tuesday breakdown goes beyond patching your applications and brings you the intelligence and guidance needed to prioritize where to focus your attention first. Catch early analysis on our Ivanti blog, then join industry expert Chris Goettl for the Patch Tuesday Webinar Event. There we’ll do a deep dive into each of the bulletins and give guidance on the risks associated with the newly-identified vulnerabilities.
Join us this month as we recap the Microsoft and 3rd Party security patches released on Patch Tuesday. We will discuss things to watch out for, products to be sure to test adequately, and which patches should be highest priority to roll out.
This document provides an agenda and overview for a November 13, 2019 webinar on the November 2019 Patch Tuesday updates. The webinar will include an overview of the November 2019 Patch Tuesday updates, discussion of related news articles, details on specific bulletins and patches released, and a question and answer session. Known issues are listed for some of the Windows 10 updates. A variety of vulnerabilities addressed in the November 2019 patches are also summarized, including a remote code execution vulnerability exploited in the wild (CVE-2019-1429).
How to Perform Continuous Vulnerability ManagementIvanti
Without treating security as an ongoing process, hackers will find, weaponize, deploy, and attack your infrastructure faster than your team can patch. At the same time, the experience of your IT team working with the security group is frustrating and leads to many, many hours of manual work. Learn how to stay ahead of the bad guys and improve the experience for your team with continuous vulnerability management.
Around the globe, Halloween and related celebrations are right around the corner. In the states, this is the month of trick-or-treat and pumpkin patches. And out in Redmond, Washington, Microsoft is focused on patches of a different sort—keeping an eye on vulnerabilities hackers could use to unleash nasty tricks upon the world. For October Patch Tuesday you’d be wise to patch all Microsoft CVEs swiftly, publicly disclosed and otherwise, before more than just the one we’ve noted below get exploited.
Join us this month as we recap the Microsoft and 3rd Party security patches released on Patch Tuesday. We will discuss things to watch out for, products to be sure to test adequately, and which patches should be highest priority to roll out
Great news this month that a potential vaccine may be on its way; we don’t have the details, but change is coming. We had less information in November regarding how Microsoft details its advisories, making it harder to know how to prioritize patches. Another reason to attend Patch Tuesday though! This month, Microsoft resolved 112 CVEs tipping over the 110 CVE threshold. The updates broadly affected: Windows Operating System, Office and Office 365, Internet Explorer, Edge, Edge Chromium, Microsoft Exchange Server, Microsoft Dynamics, Azure Sphere, Windows Defender, Microsoft Teams, Azure SDK, DevOps, ChakraCore and Visual Studio. One vulnerability, CVE-2020-17087, had more details because it was already actively exploiting in the wild. This CVE was an Elevation of Privilege vulnerability in the Windows Kernel Cryptography Driver that allows threat actors to elevate their own privileges.
Great news this month that a potential vaccine may be on its way; we don’t have the details, but change is coming. We had less information in November regarding how Microsoft details its advisories, making it harder to know how to prioritize patches. Another reason to attend Patch Tuesday though! This month, Microsoft resolved 112 CVEs tipping over the 110 CVE threshold. The updates broadly affected: Windows Operating System, Office and Office 365, Internet Explorer, Edge, Edge Chromium, Microsoft Exchange Server, Microsoft Dynamics, Azure Sphere, Windows Defender, Microsoft Teams, Azure SDK, DevOps, ChakraCore and Visual Studio. One vulnerability, CVE-2020-17087, had more details because it was already actively exploiting in the wild. This CVE was an Elevation of Privilege vulnerability in the Windows Kernel Cryptography Driver that allows threat actors to elevate their own privileges.
The holidays are just around the corner. How, you wonder, are we going to tie those into November Patch Tuesday? Through tradition, of course! Because what are the holidays without that treasured recipe you replicate line by line each year? And what is security without steadfast adherence to the list of controls you've put in place? The KRACK vulnerability is another in this year's endless litany of reminders that keeping up with software updates is critical. Be sure you've pushed out the October OS updates - and don't let the tradition slip this month either, as there are quite a few Critical security vulnerabilities to patch.
For the Ivanti patch product team, the snow is melting and spring is here—and that means it’s time for April Patch Tuesday spring cleaning. Let’s get our houses in order! Patch what you can, prioritizing Adobe and Microsoft’s OS and browsers. Get rid of Wireshark where possible, because that one’s serving up the bad this month. And remove Shockwave, too, because it’s coming in hot and patching is no longer an option. Exploits are looming there, and that’s not good for your IT team feng shui.
Join us this month as we recap the Microsoft and 3rd Party security patches released on Patch Tuesday. We will discuss things to watch out for, products to be sure to test adequately, and which patches should be highest priority to roll out.
Présentation webinar Ivanti - Analyse du Patch Tuesday - Janvier 2020Ivanti
This document summarizes the January 2020 Patch Tuesday webinar hosted by Ivanti. The webinar provided an overview of the latest Microsoft patches and addressed several high priority vulnerabilities, including a Windows CryptoAPI spoofing vulnerability and an RDP remote code execution flaw. Known issues were also discussed for some Windows 10 updates from January Patch Tuesday. The webinar covered other topics like Oracle Java updates, Windows lifecycle changes, and upcoming Ivanti webinars.
Join us this month as we recap the Microsoft and 3rd Party security patches released on Patch Tuesday. We will discuss things to watch out for, products to be sure to test adequately, and which patches should be highest priority to roll out.
If Equifax andThe Shadow Brokers were any indication, September Patch Tuesday drives home the fact that security concerns are alive and well this month. There are some Win10 public disclosures to attend to, and plenty of other Critical updates to go around—so let the update party commence! Plus, this month’s zero day serves as a reminder to limit admin rights in your environment as well.
This document summarizes an upcoming webinar about the January 2017 Patch Tuesday updates. The webinar will provide an overview of the January Patch Tuesday bulletins, known issues, best practices for deploying updates, and industry news. The document then summarizes the key updates being released, including updates for Windows 10, Office, Adobe Flash Player, Acrobat, and security updates for other products. It concludes by listing resources for getting Shavlik content updates, attending future webinars, and watching previous webinar recordings.
The document summarizes the agenda and content of a Patch Tuesday webinar held on April 12, 2017. It provides an overview of the April 2017 Patch Tuesday updates from Microsoft, including known issues, bulletins (which have been replaced by a new security guidance portal), and fixes for Windows, Internet Explorer, .NET Framework, Office, and Adobe Flash Player. It also includes industry news items about Windows versions and vulnerabilities.
May 2020 Patch Tuesday brings us a reprieve from the immediate “OMG FIX IT NOW!” run of disclosures and zero day exploits. Microsoft resolved 111 unique CVEs, 16 of which are rated as critical. While that is a lot of vulnerabilities resolved, none are exploited or disclosed. Adobe has also joined the Patch Tuesday release with an update for Acrobat and Reader resolving 24 unique CVEs, 12 of which are rated as critical. OS, browsers, Office and Sharepoint with Adobe Reader from a third party perspective will resolve most of the critical vulnerabilities.
Nothing like starting off the new decade with rumors your computer cryptography has a vulnerability which can result in a lack of trust for almost everything you do! The reality is that this vulnerability has not been publicly disclosed nor exploited and our friends at Microsoft have a solution. Besides the Crypto vulnerability, the most notable news is still the final public patch release for Windows 7, Server 2008, and Server 2008 R2. Apply the updates soon; major security vulnerabilities are exploited quickly!
Join us this month as we recap the Microsoft and 3rd Party security patches released on Patch Tuesday. We will discuss things to watch out for, products to be sure to test adequately, and which patches should be highest priority to roll out.
This December Patch Tuesday attackers have added a smattering of coal to the gifts in our holiday stockings. You don’t want the Flash exploits slipping down the chimney while your back is turned, so make sure Adobe is on your list for maintenance goodies. Attackers could also turn the lights out on your holiday festivities via a Microsoft zero day and public disclosure, so prioritize those CVEs—and make sure you’ve checked off the other updates before shutting off the lights on 2018. Happy patching and happy holidays!
Happy New Year! Celebration continues in 2019 with a mild January Patch Tuesday. But, make sure you’ve deployed Microsoft’s emergency patch, released post December Patch Tuesday, so attackers with a New Year’s zero-day resolution don’t suck all the fun out of your month. Also, take note of the public disclosure, and take this calm before whatever comes next to catch up on Java support changes going forward. Java SE 8 will soon receive its last public update.
Join us this month as we recap the Microsoft and 3rd Party security patches released on Patch Tuesday. We will discuss things to watch out for, products to be sure to test adequately, and which patches should be highest priority to roll out.
Ivanti’s Patch Tuesday breakdown goes beyond patching your applications and brings you the intelligence and guidance needed to prioritize where to focus your attention first. Catch early analysis on our Ivanti blog, then join industry expert Chris Goettl for the Patch Tuesday Webinar Event. There we’ll do a deep dive into each of the bulletins and give guidance on the risks associated with the newly-identified vulnerabilities.
Join us this month as we recap the Microsoft and 3rd Party security patches released on Patch Tuesday. We will discuss things to watch out for, products to be sure to test adequately, and which patches should be highest priority to roll out.
This document provides an agenda and overview for a November 13, 2019 webinar on the November 2019 Patch Tuesday updates. The webinar will include an overview of the November 2019 Patch Tuesday updates, discussion of related news articles, details on specific bulletins and patches released, and a question and answer session. Known issues are listed for some of the Windows 10 updates. A variety of vulnerabilities addressed in the November 2019 patches are also summarized, including a remote code execution vulnerability exploited in the wild (CVE-2019-1429).
How to Perform Continuous Vulnerability ManagementIvanti
Without treating security as an ongoing process, hackers will find, weaponize, deploy, and attack your infrastructure faster than your team can patch. At the same time, the experience of your IT team working with the security group is frustrating and leads to many, many hours of manual work. Learn how to stay ahead of the bad guys and improve the experience for your team with continuous vulnerability management.
Around the globe, Halloween and related celebrations are right around the corner. In the states, this is the month of trick-or-treat and pumpkin patches. And out in Redmond, Washington, Microsoft is focused on patches of a different sort—keeping an eye on vulnerabilities hackers could use to unleash nasty tricks upon the world. For October Patch Tuesday you’d be wise to patch all Microsoft CVEs swiftly, publicly disclosed and otherwise, before more than just the one we’ve noted below get exploited.
Join us this month as we recap the Microsoft and 3rd Party security patches released on Patch Tuesday. We will discuss things to watch out for, products to be sure to test adequately, and which patches should be highest priority to roll out
Great news this month that a potential vaccine may be on its way; we don’t have the details, but change is coming. We had less information in November regarding how Microsoft details its advisories, making it harder to know how to prioritize patches. Another reason to attend Patch Tuesday though! This month, Microsoft resolved 112 CVEs tipping over the 110 CVE threshold. The updates broadly affected: Windows Operating System, Office and Office 365, Internet Explorer, Edge, Edge Chromium, Microsoft Exchange Server, Microsoft Dynamics, Azure Sphere, Windows Defender, Microsoft Teams, Azure SDK, DevOps, ChakraCore and Visual Studio. One vulnerability, CVE-2020-17087, had more details because it was already actively exploiting in the wild. This CVE was an Elevation of Privilege vulnerability in the Windows Kernel Cryptography Driver that allows threat actors to elevate their own privileges.
Great news this month that a potential vaccine may be on its way; we don’t have the details, but change is coming. We had less information in November regarding how Microsoft details its advisories, making it harder to know how to prioritize patches. Another reason to attend Patch Tuesday though! This month, Microsoft resolved 112 CVEs tipping over the 110 CVE threshold. The updates broadly affected: Windows Operating System, Office and Office 365, Internet Explorer, Edge, Edge Chromium, Microsoft Exchange Server, Microsoft Dynamics, Azure Sphere, Windows Defender, Microsoft Teams, Azure SDK, DevOps, ChakraCore and Visual Studio. One vulnerability, CVE-2020-17087, had more details because it was already actively exploiting in the wild. This CVE was an Elevation of Privilege vulnerability in the Windows Kernel Cryptography Driver that allows threat actors to elevate their own privileges.
The holidays are just around the corner. How, you wonder, are we going to tie those into November Patch Tuesday? Through tradition, of course! Because what are the holidays without that treasured recipe you replicate line by line each year? And what is security without steadfast adherence to the list of controls you've put in place? The KRACK vulnerability is another in this year's endless litany of reminders that keeping up with software updates is critical. Be sure you've pushed out the October OS updates - and don't let the tradition slip this month either, as there are quite a few Critical security vulnerabilities to patch.
For the Ivanti patch product team, the snow is melting and spring is here—and that means it’s time for April Patch Tuesday spring cleaning. Let’s get our houses in order! Patch what you can, prioritizing Adobe and Microsoft’s OS and browsers. Get rid of Wireshark where possible, because that one’s serving up the bad this month. And remove Shockwave, too, because it’s coming in hot and patching is no longer an option. Exploits are looming there, and that’s not good for your IT team feng shui.
Join us this month as we recap the Microsoft and 3rd Party security patches released on Patch Tuesday. We will discuss things to watch out for, products to be sure to test adequately, and which patches should be highest priority to roll out.
Présentation webinar Ivanti - Analyse du Patch Tuesday - Janvier 2020Ivanti
This document summarizes the January 2020 Patch Tuesday webinar hosted by Ivanti. The webinar provided an overview of the latest Microsoft patches and addressed several high priority vulnerabilities, including a Windows CryptoAPI spoofing vulnerability and an RDP remote code execution flaw. Known issues were also discussed for some Windows 10 updates from January Patch Tuesday. The webinar covered other topics like Oracle Java updates, Windows lifecycle changes, and upcoming Ivanti webinars.
Join us this month as we recap the Microsoft and 3rd Party security patches released on Patch Tuesday. We will discuss things to watch out for, products to be sure to test adequately, and which patches should be highest priority to roll out.
If Equifax andThe Shadow Brokers were any indication, September Patch Tuesday drives home the fact that security concerns are alive and well this month. There are some Win10 public disclosures to attend to, and plenty of other Critical updates to go around—so let the update party commence! Plus, this month’s zero day serves as a reminder to limit admin rights in your environment as well.
This document summarizes an upcoming webinar about the January 2017 Patch Tuesday updates. The webinar will provide an overview of the January Patch Tuesday bulletins, known issues, best practices for deploying updates, and industry news. The document then summarizes the key updates being released, including updates for Windows 10, Office, Adobe Flash Player, Acrobat, and security updates for other products. It concludes by listing resources for getting Shavlik content updates, attending future webinars, and watching previous webinar recordings.
The document summarizes the agenda and content of a Patch Tuesday webinar held on April 12, 2017. It provides an overview of the April 2017 Patch Tuesday updates from Microsoft, including known issues, bulletins (which have been replaced by a new security guidance portal), and fixes for Windows, Internet Explorer, .NET Framework, Office, and Adobe Flash Player. It also includes industry news items about Windows versions and vulnerabilities.
May 2020 Patch Tuesday brings us a reprieve from the immediate “OMG FIX IT NOW!” run of disclosures and zero day exploits. Microsoft resolved 111 unique CVEs, 16 of which are rated as critical. While that is a lot of vulnerabilities resolved, none are exploited or disclosed. Adobe has also joined the Patch Tuesday release with an update for Acrobat and Reader resolving 24 unique CVEs, 12 of which are rated as critical. OS, browsers, Office and Sharepoint with Adobe Reader from a third party perspective will resolve most of the critical vulnerabilities.
Nothing like starting off the new decade with rumors your computer cryptography has a vulnerability which can result in a lack of trust for almost everything you do! The reality is that this vulnerability has not been publicly disclosed nor exploited and our friends at Microsoft have a solution. Besides the Crypto vulnerability, the most notable news is still the final public patch release for Windows 7, Server 2008, and Server 2008 R2. Apply the updates soon; major security vulnerabilities are exploited quickly!
June Patch Tuesday resolved 129 CVEs, 11 of which were rated as Critical. The remaining 98 can be resolved by deploying browser and OS updates. There is a critical CVE fix for Adobe’s Flash Player as well. Windows 10 2004 has been available for just over two weeks now; a lot of light has been shone on known issues there. Take note of an advisory from US-CERT on a patch previously deployed in March related to a Microsoft bug fix (CVE-2020-0796). Make sure your systems are patched to avoid this storm as there are now active exploits available.
This document provides an agenda and overview for a Patch Tuesday webinar hosted by Ivanti on October 9, 2019. The agenda includes an overview of the October 2019 Patch Tuesday updates, news in cybersecurity, details on specific bulletins, and a question and answer session. Known issues are listed for some of the October Windows 10 updates.
o Ivanti’s Patch Tuesday breakdown goes beyond patching your applications and brings you the intelligence and guidance needed to prioritize where to focus your attention first. Catch early analysis on our Ivanti blog, then join industry expert Chris Goettl for the Patch Tuesday Webinar Event. There we’ll do a deep dive into each of the bulletins and give guidance on the risks associated with the newly-identified vulnerabilities.
Are you bored sitting at home in Covid Quarantine? We have a little excitement for you this month with two zero day releases from Microsoft. These vulnerabilities impact all Windows Operating System versions going back to Windows 7 and Server 2008, and also Internet Explorer 11 across all supported OSs. This release also includes the resolution of Windows Print Spooler Elevation of Privilege vulnerability (CVE-2020-1337) that made recent headlines. Adobe Acrobat, Reader and Apple iCloud also have critical updates resolving 26 and 20 CVEs respectively.
Ivanti’s Patch Tuesday breakdown goes beyond patching your applications and brings you the intelligence and guidance needed to prioritize where to focus your attention first. Catch early analysis on our Ivanti blog, there we’ll do a deep dive into each of the bulletins and give guidance on the risks associated with the newly-identified vulnerabilities.
This document provides an agenda and overview for a July 15, 2020 webinar on the Patch Tuesday updates. The webinar will include an overview of the July 2020 Patch Tuesday updates, discussion of vulnerabilities in the news, such as a wormable DNS server vulnerability and publicly disclosed Windows vulnerability, and Q&A. The webinar is hosted by Chris Goettl and Todd Schell and participants can dial in or join online.
Ivanti’s Patch Tuesday breakdown goes beyond patching your applications and brings you the intelligence and guidance needed to prioritize where to focus your attention first. Catch early analysis on our Ivanti blog, then join industry expert Chris Goettl for the Patch Tuesday Webinar Event. There we’ll do a deep dive into each of the bulletins and give guidance on the risks associated with the newly-identified vulnerabilities.
Rejoignez-nous ce mois-ci pour un récapitulatif des correctifs de sécurité Microsoft et d’applications tierces publiés à l’occasion du Patch Tuesday. Nous discuterons notamment des vulnérabilités à surveiller, des produits à tester et des correctifs à déployer en priorité.
Join us this month as we recap the Microsoft and 3rd Party security patches released on Patch Tuesday. We will discuss things to watch out for, products to be sure to test adequately, and which patches should be highest priority to roll out.
Mises à jour d'Apple pour macOS, iPad OS, iOS et Safari résolvant deux exploits Zero Day. Microsoft a publié des mises à jour résolvant 97 nouveaux CVE.
Join us this month as we recap the Microsoft and 3rd Party security patches released on Patch Tuesday. We will discuss things to watch out for, products to be sure to test adequately, and which patches should be highest priority to roll out.
There are 14 Shopping/Patching Days remaining until Christmas and only one more Patch Tuesday before Windows 7 and Server 2008/2008 R2 reach their inevitable end of support, unless you're among the 59% of IT professionals who still don’t have all of their users on Windows 10. Also make sure you update your Acrobat, Acrobat Reader, and Chrome versions as there are 21 CVEs in the Adobe release and 51 CVEs in Google’s releases this month.
Are you feeling like you'd like to have poked your fingers into the center of the Meltdown and Spectre patches like a box of Valentine's chocolates? There were some unsavory surprises for sure. Fortunately, the kinks are largely worked out and February Patch Tuesday is more straightforward. If there is one word for this month in patching, it's not "love" or "romance" but "privilege." Patch the elevation-of-privilege vulnerabilities, and then take a closer look at your policy on privilege management. Make sure you're keeping attackers from storming the heart of your organization.
Ivanti’s Patch Tuesday breakdown goes beyond patching your applications and brings you the intelligence and guidance needed to prioritize where to focus your attention first. Catch early analysis on our Ivanti blog, then join industry expert Chris Goettl for the Patch Tuesday Webinar Event. There we’ll do a deep dive into each of the bulletins and give guidance on the risks associated with the newly-identified vulnerabilities.
This document summarizes an upcoming webinar on the July 2023 Patch Tuesday. The webinar will include an overview of the July Patch Tuesday updates from Microsoft, discussions of vulnerabilities in the news, details on Microsoft bulletins and releases, and a Q&A section. Key topics that will be covered include Microsoft resolving 130 CVEs this month, 6 confirmed zero-day exploits including an exploited Office vulnerability, and changes to Netlogon and Kerberos enforcement. Known issues and mitigations for the Windows and Office updates will also be discussed.
The July 2023 Patch Tuesday webinar agenda includes an overview of the July Patch Tuesday updates from Microsoft and other vendors. There were 130 new CVEs resolved by Microsoft this month, including 6 zero days. Priority updates include fixes for Windows and Office to address most of the risk. Known exploited vulnerabilities include issues in Office, Windows, and MSHTML. The webinar also provides details on upcoming end of support for Windows Server 2012 and lifecycle reminders for supported versions of Windows 10 and 11.
This document summarizes a webinar about the July 2023 Patch Tuesday updates. It discusses several high priority vulnerabilities addressed in updates released by Microsoft and Mozilla this month, including 2 zero-days (CVE-2023-36884 and an Apple bug) being actively exploited. The Microsoft updates fix over 130 CVEs, including vulnerabilities in Windows, Office, and Edge. Key changes are enforced mitigations for Kerberos and Netlogon issues from 2022. Known issues are listed for Windows 10/11 updates. End-of-life dates are approaching for Windows Server 2012 and older versions.
Similar to Ivanti Patch Tuesday for March 2020 (20)
Rejoignez-nous ce mois-ci pour un récapitulatif des correctifs de sécurité Microsoft et d’applications tierces publiés à l’occasion du Patch Tuesday. Nous discuterons notamment des vulnérabilités à surveiller, des produits à tester et des correctifs à déployer en priorité.
El análisis del Patch Tuesday de Ivanti va más allá de la aplicación de parches a sus aplicaciones y le ofrece la inteligencia y orientación necesarias para priorizar dónde debes enfocarte. Consulta los últimos análisis en nuestro blog Ivanti y únete a los expertos del sector en el webinar de Patch Tuesday. En él profundizaremos en cada uno de los informes y ofreceremos orientación sobre los riesgos asociados a las vulnerabilidades más recientes.
L'analisi del Patch Tuesday di Ivanti va oltre l'applicazione di patch alle tue applicazioni e ti offre le informazioni e la guida necessarie per stabilire le priorità su cui concentrare la tua attenzione.
Ivanti’s Patch Tuesday breakdown goes beyond patching your applications and brings you the intelligence and guidance needed to prioritize where to focus your attention first. Catch early analysis on our Ivanti blog, then join industry expert Chris Goettl for the Patch Tuesday Webinar Event. There we’ll do a deep dive into each of the bulletins and give guidance on the risks associated with the newly-identified vulnerabilities.
Rejoignez-nous ce mois-ci pour un récapitulatif des correctifs de sécurité Microsoft et d’applications tierces publiés à l’occasion du Patch Tuesday. Nous discuterons notamment des vulnérabilités à surveiller, des produits à tester et des correctifs à déployer en priorité.
El análisis del Patch Tuesday de Ivanti va más allá de la aplicación de parches a sus aplicaciones y le ofrece la inteligencia y orientación necesarias para priorizar dónde debes enfocarte. Consulta los últimos análisis en nuestro blog Ivanti y únete a los expertos del sector en el webinar de Patch Tuesday. En él profundizaremos en cada uno de los informes y ofreceremos orientación sobre los riesgos asociados a las vulnerabilidades más recientes.
Ivanti’s Patch Tuesday breakdown goes beyond patching your applications and brings you the intelligence and guidance needed to prioritize where to focus your attention first. Catch early analysis on our Ivanti blog, then join industry expert Chris Goettl for the Patch Tuesday Webinar Event. There we’ll do a deep dive into each of the bulletins and give guidance on the risks associated with the newly-identified vulnerabilities.
L'analisi del Patch Tuesday di Ivanti va oltre l'applicazione di patch alle tue applicazioni e ti offre le informazioni e la guida necessarie per stabilire le priorità su cui concentrare la tua attenzione.
Ivanti’s Patch Tuesday breakdown goes beyond patching your applications and brings you the intelligence and guidance needed to prioritize where to focus your attention first. Catch early analysis on our Ivanti blog, then join industry expert Chris Goettl for the Patch Tuesday Webinar Event. There we’ll do a deep dive into each of the bulletins and give guidance on the risks associated with the newly-identified vulnerabilities.
El análisis del Patch Tuesday de Ivanti va más allá de la aplicación de parches a sus aplicaciones y le ofrece la inteligencia y orientación necesarias para priorizar dónde debes enfocarte. Consulta los últimos análisis en nuestro blog Ivanti y únete a los expertos del sector en el webinar de Patch Tuesday. En él profundizaremos en cada uno de los informes y ofreceremos orientación sobre los riesgos asociados a las vulnerabilidades más recientes.
Rejoignez-nous ce mois-ci pour un récapitulatif des correctifs de sécurité Microsoft et d’applications tierces publiés à l’occasion du Patch Tuesday. Nous discuterons notamment des vulnérabilités à surveiller, des produits à tester et des correctifs à déployer en priorité.
L'analisi del Patch Tuesday di Ivanti va oltre l'applicazione di patch alle tue applicazioni e ti offre le informazioni e la guida necessarie per stabilire le priorità su cui concentrare la tua attenzione.
Rejoignez-nous ce mois-ci pour un récapitulatif des correctifs de sécurité Microsoft et d’applications tierces publiés à l’occasion du Patch Tuesday. Nous discuterons notamment des vulnérabilités à surveiller, des produits à tester et des correctifs à déployer en priorité.
El análisis del Patch Tuesday de Ivanti va más allá de la aplicación de parches a sus aplicaciones y le ofrece la inteligencia y orientación necesarias para priorizar dónde debes enfocarte. Consulta los últimos análisis en nuestro blog Ivanti y únete a los expertos del sector en el webinar de Patch Tuesday. En él profundizaremos en cada uno de los informes y ofreceremos orientación sobre los riesgos asociados a las vulnerabilidades más recientes.
L'analisi del Patch Tuesday di Ivanti va oltre l'applicazione di patch alle tue applicazioni e ti offre le informazioni e la guida necessarie per stabilire le priorità su cui concentrare la tua attenzione.
Ivanti’s Patch Tuesday breakdown goes beyond patching your applications and brings you the intelligence and guidance needed to prioritize where to focus your attention first. Catch early analysis on our Ivanti blog, then join industry expert Chris Goettl for the Patch Tuesday Webinar Event. There we’ll do a deep dive into each of the bulletins and give guidance on the risks associated with the newly-identified vulnerabilities.
El análisis del Patch Tuesday de Ivanti va más allá de la aplicación de parches a sus aplicaciones y le ofrece la inteligencia y orientación necesarias para priorizar dónde debes enfocarte. Consulta los últimos análisis en nuestro blog Ivanti y únete a los expertos del sector en el webinar de Patch Tuesday. En él profundizaremos en cada uno de los informes y ofreceremos orientación sobre los riesgos asociados a las vulnerabilidades más recientes.
Rejoignez-nous ce mois-ci pour un récapitulatif des correctifs de sécurité Microsoft et d’applications tierces publiés à l’occasion du Patch Tuesday. Nous discuterons notamment des vulnérabilités à surveiller, des produits à tester et des correctifs à déployer en priorité.
L'analisi del Patch Tuesday di Ivanti va oltre l'applicazione di patch alle tue applicazioni e ti offre le informazioni e la guida necessarie per stabilire le priorità su cui concentrare la tua attenzione.
Ivanti’s Patch Tuesday breakdown goes beyond patching your applications and brings you the intelligence and guidance needed to prioritize where to focus your attention first. Catch early analysis on our Ivanti blog, then join industry expert Chris Goettl for the Patch Tuesday Webinar Event. There we’ll do a deep dive into each of the bulletins and give guidance on the risks associated with the newly-identified vulnerabilities.
Securing BGP: Operational Strategies and Best Practices for Network Defenders...APNIC
Md. Zobair Khan,
Network Analyst and Technical Trainer at APNIC, presented 'Securing BGP: Operational Strategies and Best Practices for Network Defenders' at the Phoenix Summit held in Dhaka, Bangladesh from 23 to 24 May 2024.
HijackLoader Evolution: Interactive Process HollowingDonato Onofri
CrowdStrike researchers have identified a HijackLoader (aka IDAT Loader) sample that employs sophisticated evasion techniques to enhance the complexity of the threat. HijackLoader, an increasingly popular tool among adversaries for deploying additional payloads and tooling, continues to evolve as its developers experiment and enhance its capabilities.
In their analysis of a recent HijackLoader sample, CrowdStrike researchers discovered new techniques designed to increase the defense evasion capabilities of the loader. The malware developer used a standard process hollowing technique coupled with an additional trigger that was activated by the parent process writing to a pipe. This new approach, called "Interactive Process Hollowing", has the potential to make defense evasion stealthier.
Honeypots Unveiled: Proactive Defense Tactics for Cyber Security, Phoenix Sum...APNIC
Adli Wahid, Senior Internet Security Specialist at APNIC, delivered a presentation titled 'Honeypots Unveiled: Proactive Defense Tactics for Cyber Security' at the Phoenix Summit held in Dhaka, Bangladesh from 23 to 24 May 2024.