Microsoft tests the 15-character limit of Windows Server admins' patience
May security update trips over hostnames of a very specific length
Security updates fix software weaknesses, reduce exploitable risk, and may address vulnerabilities affecting systems, applications, and devices.
Search across headline titles and summaries.
Background for this topic.
Security updates are vendor-released patches, fixes, or configuration changes that address vulnerabilities and other weaknesses in operating systems, applications, libraries, firmware, cloud services, and network equipment. They may correct exploitable code, tighten security controls, or provide mitigations when a complete fix is not yet available.
For security practitioners, update news informs vulnerability management: assess whether affected assets are deployed, determine exposure and exploitability, prioritize urgent fixes, and verify installation. Applying updates can reduce attack paths such as remote code execution or privilege escalation, but rushed changes can disrupt services, so testing, staged deployment, rollback plans, and compensating controls may be needed. Advisories can also reveal required configuration changes, affected dependencies, or unsupported versions that need replacement.
Weekly headline count for the current query.
May security update trips over hostnames of a very specific length
May security update trips over hostnames of a very specific length
It looks like enough of you are struggling to migrate that Redmond is willing to help out – for a price that might buy nothing Microsoft has extended its security update programs for Exchange Server 2016 and 2019, and Skype for Business 2015 and 2019.…
On your marks, get set... bork! Microsoft has set a new record with June's security update for the time between release and an admission of borkage.…
Where have we heard this before? Feb security update needs its own fix More than one month after complaints starting flying, Microsoft has fixed a Windows bug that caused some Remote Desktop sessions to freeze.…
But can you really take crims at their word? Supply chain integration vendor Cleo has urged its customers to upgrade three of its products after an October security update was circumvented, leading to widespread ransomware attacks that Russia-linked gang Cl0p has claimed are its evil work.…
Also, new EU cyber reporting rules are live, exploiters hit the gas pedal, free PDNS for UK schools, and more in brief A critical security update for the near-ubiquitous WordPress plugin Jetpack was released last week. Site administrators should ensure the latest version is installed to keep their sites secure. …
That 'third party' person sure is responsible for a lot of IT blunders, eh? A major IT hardware manufacturer is correcting a recent security update after customers complained of a password character limit being introduced when there previously wasn't one.…
ALSO: Viasat hack wiper malware is back, users are the number one cause of data loss, and critical vulns Infosec in brief If your Windows domain controllers have been crashing since a security update was installed earlier this month, there's no longer any need to speculate why: Microsoft has admitted it introduced a memory leak in its March patches and fixed the issue.…
Sapphire Rapids, Alder Lake, and Raptor Lake chip families treated for 'Redundant Prefix' Intel on Tuesday issued an out-of-band security update to address a privilege escalation vulnerability in recent server and personal computer chips.…
Zero day? More like every day, amirite? Apple has demonstrated that it can more than hold its own among the tech giants, at least in terms of finding itself on the wrong end of zero-day vulnerabilities.…
We're all for encouraging people to squash bugs but this is an odd way to do it False alarm: despite a patch notes suggesting otherwise, that mysterious blob of microcode released for many Intel microprocessors last week was not a security update, the x86 giant says.…
Meanwhile, a security update for rsync VMware has fixed a critical authentication bypass vulnerability that hits 9.8 out of 10 on the CVSS severity scale and is present in multiple products.…
Friends are always telling me ... just be good to free() Adobe has released an out-of-band security update for Adobe Commerce and Magento Open Source to address active exploitation of a known vulnerability, and Google has an emergency issue, too.…