Date Author Title

ORACLE VULNERABILITY PATCH

2008-07-15Maarten Van HorenbeeckOracle (and BEA, Hyperion and TimesTen) critical patch update July 15th, 2008

ORACLE

2021-10-09/a>Guy BruneauScanning for Previous Oracle WebLogic Vulnerabilities
2020-05-05/a>Russ McReeCloud Security Features Don't Replace the Need for Personnel Security Capabilities
2019-06-19/a>Johannes UllrichCritical Actively Exploited WebLogic Flaw Patched CVE-2019-2729
2018-07-17/a>Scott FendleyOracle Critical Patch Update Release
2017-10-30/a>Johannes UllrichCritical Patch For Oracle's Identity Manager
2016-03-23/a>Bojan ZdrnjaAbusing Oracles
2014-07-15/a>Daniel WesemannOracle July 2014 CPU (patch bundle)
2014-07-13/a>Tony CarothersOracle July 2014 Update Pre-Notification
2014-04-16/a>Johannes UllrichOracle Critical Patch Update for April 2014
2014-01-30/a>Johannes UllrichOracle Reports Vulnerability
2014-01-14/a>Johannes UllrichOracle Critical Patch Update January 2014
2013-02-20/a>Johannes UllrichUpdate Palooza
2013-02-19/a>Johannes UllrichOracle Updates Java (Java 7 Update 15, Java 6 update 41)
2013-01-12/a>Stephen HallOracle Patch Tuesday Pre-Release
2012-10-17/a>Mark HofmanOracle Critical Patch Update October
2012-09-23/a>Tony CarothersUpdate for CVE-2012-3132
2012-07-25/a>Johannes UllrichMicrosoft Exchange/Sharepoint and others: Oracle Outside In Vulnerability
2012-07-15/a>Guy BruneauOracle July 2012 Critical Patch Pre-Release Announcement
2012-04-30/a>Rob VandenBrinkPatch for Oracle TNS Listener issue released !
2012-04-27/a>Johannes UllrichCritical Unpatched Oracle Vulnerability
2012-04-18/a>Kevin ShorttOracle Critical Patch Update Advisory - April 2012: http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html
2012-04-13/a>Daniel WesemannOracle CPU Patches announced for Apr 17
2012-02-16/a>Tony CarothersJava Update for February
2012-02-01/a>Russ McReeOracle Security Alert: http://www.oracle.com/technetwork/topics/security/alert-cve-2011-5035-1506603.html
2012-01-18/a>Richard PorterOracle Quarterly Released, http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html
2011-10-22/a>Guy BruneauOracle Java SE Critical Patch Update
2011-10-19/a>Mark HofmanOracle Critical Patch Update
2011-04-16/a>Scott FendleyOracle Patch Update Pre-Release Announcement
2011-03-07/a>Bojan ZdrnjaOracle padding attacks (Codegate crypto 400 writeup)
2011-02-15/a>Jason LamOracle Java 6 Update 24
2011-02-09/a>Mark HofmanJava Floating point issue (CVE-2010-4476)
2011-01-18/a>Daniel WesemannOracle Patches (Jan2011 CPU)
2010-10-12/a>Scott FendleyOracle Critical Updates Released
2010-07-10/a>Tony CarothersOracle July 2010 Pre-Release Announcement
2010-04-14/a>Mark HofmanOracle has released 47 critical patches (Includes SUN patches)
2010-02-09/a>Mark HofmanOracle has an unscheduled security alert and patch for CVE-2010-0073. The issue affects WebLogic Server and is remotely exploitable. Details and patch are here http://www.oracle.com/technology/deploy/security/alerts/alert-cve-2010-0073.html
2010-02-06/a>Guy BruneauOracle WebLogic Server Security Alert
2010-01-12/a>Johannes UllrichOracle Patches Relased
2009-10-20/a>Raul SilesOracle Critical Patch Update (CPU) - October 2009
2009-10-16/a>Adrien de BeaupreCyber Security Awareness Month - Day 16 - Port 1521 - Oracle TNS Listener
2009-07-14/a>Swa FrantzenOracle Black Tuesday
2009-05-19/a>Bojan ZdrnjaAdvanced blind SQL injection (with Oracle examples)
2009-04-14/a>Swa FrantzenOracle quarterly patches
2008-10-14/a>Swa FrantzenOracle quarterly patches on black tuesday
2008-07-30/a>David GoldsmithSerious 0-Day Flaw in Oracle -- Patch Released
2008-07-15/a>Maarten Van HorenbeeckOracle (and BEA, Hyperion and TimesTen) critical patch update July 15th, 2008
2006-11-29/a>Toby KohlenbergWeek of Oracle bugs cancelled
2006-10-18/a>Robert DanfordOracle Quarterly Critical Patch Update (Oct 2006)

VULNERABILITY

2024-12-11/a>Guy BruneauVulnerability Symbiosis: vSphere?s CVE-2024-38812 and CVE-2024-38813 [Guest Diary]
2023-06-28/a>Jan KoprivaKazakhstan - the world's last SSLv2 superpower... and a country with potentially vulnerable last-mile internet infrastructure
2023-06-15/a>Yee Ching TokSupervision and Verification in Vulnerability Management
2023-03-25/a>Guy BruneauMicrosoft Released an Update for Windows Snipping Tool Vulnerability
2022-10-07/a>Xavier MertensCritical Fortinet Vulnerability Ahead
2022-07-05/a>Jan KoprivaEternalBlue 5 years after WannaCry and NotPetya
2022-05-31/a>Xavier MertensFirst Exploitation of Follina Seen in the Wild
2022-01-26/a>Jan KoprivaOver 20 thousand servers have their iLO interfaces exposed to the internet, many with outdated and vulnerable versions of FW
2021-08-09/a>Jan KoprivaProxyShell - how many Exchange servers are affected and where are they?
2021-04-22/a>Xavier MertensHow Safe Are Your Docker Images?
2020-11-16/a>Jan KoprivaHeartbleed, BlueKeep and other vulnerabilities that didn't disappear just because we don't talk about them anymore
2020-05-28/a>Xavier MertensFlashback on CVE-2019-19781
2020-05-08/a>Xavier MertensUsing Nmap As a Lightweight Vulnerability Scanner
2020-03-16/a>Jan KoprivaDesktop.ini as a post-exploitation tool
2020-03-12/a>Xavier MertensCritical SMBv3 Vulnerability: Remote Code Execution
2019-12-31/a>Johannes UllrichSome Thoughts About the Critical Citrix ADC/Gateway Vulnerability (CVE-2019-19781)
2019-05-16/a>Xavier MertensThe Risk of Authenticated Vulnerability Scans
2019-04-04/a>Xavier MertensNew Waves of Scans Detected by an Old Rule
2018-08-20/a>Didier StevensOpenSSH user enumeration (CVE-2018-15473)
2018-07-02/a>Guy BruneauVMware ESXi, Workstation, and Fusion address multiple out-of-bounds read vulnerabilities https://www.vmware.com/security/advisories/VMSA-2018-0016.html
2018-05-22/a>Xavier MertensVMware Workstation and Fusion updates address signature bypass and multiple denial-of-service vulnerabilities https://www.vmware.com/security/advisories/VMSA-2018-0013.html
2018-04-30/a>Remco VerhoefAnother approach to webapplication fingerprinting
2018-01-13/a>Rick WannerFlaw in Intel's Active Management Technology (AMT)
2017-05-25/a>Xavier MertensCritical Vulnerability in Samba from 3.5.0 onwards
2017-05-18/a>Xavier MertensMy Little CVE Bot
2017-02-04/a>Xavier MertensDetecting Undisclosed Vulnerabilities with Security Tools & Features
2016-12-26/a>Russ McReeCritical security update: PHPMailer 5.2.20 (CVE-2016-10045)
2016-08-14/a>Guy BruneauvRealize Log Insight directory traversal vulnerability - http://www.vmware.com/security/advisories/VMSA-2016-0011.html
2016-07-27/a>Xavier MertensCritical Xen PV guests vulnerabilities
2016-07-13/a>Xavier MertensDrupal: Patch released today to fix a highly critical RCE in contributed modules
2016-06-23/a>Russell EubanksAn Approach to Vulnerability Management
2016-05-12/a>Xavier MertensAdobe Released Updates to Fix Critical Vulnerability
2016-02-03/a>Xavier MertensAutomating Vulnerability Scans
2015-11-09/a>John BambenekICYMI: Widespread Unserialize Vulnerability in Java
2015-04-23/a>Bojan ZdrnjaWhen automation does not help
2014-11-25/a>Adrien de BeaupreLess is, umm, less?
2014-08-16/a>Lenny ZeltserWeb Server Attack Investigation - Installing a Bot and Reverse Shell via a PHP Vulnerability
2014-02-27/a>Richard PorterCisco Prime Infrastructure Command Execution Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140226-pi
2014-02-07/a>Rob VandenBrinkNew ISO Standards on Vulnerability Handling and Disclosure
2014-01-24/a>Chris MohanSecurity Update for OS X for CVE-2014-1252 http://support.apple.com/kb/HT6117
2014-01-17/a>Russ McReeMassive RFI scans likely a free web app vuln scanner rather than bots
2013-11-05/a>Daniel WesemannTIFF images in MS-Office documents used in targeted attacks
2013-07-01/a>Manuel Humberto Santander PelaezUsing nmap scripts to enhance vulnerability asessment results
2013-05-22/a>Adrien de BeauprePrivilege escalation, why should I care?
2013-04-19/a>Russ McReeJava 8 release schedule delayed for renewed focus on security
2013-01-19/a>Guy BruneauJava 7 Update 11 Still has a Flaw
2013-01-05/a>Guy BruneauAdobe ColdFusion Security Advisory
2012-12-03/a>John BambenekJohn McAfee Exposes His Location in Photo About His Being on Run
2012-11-29/a>Kevin ShorttNew Apple Security Update: APPLE-SA-2012-11-29-1 Apple TV 5.1.1
2012-11-28/a>Mark HofmanMcAfee releases extraDAT for W32/Autorun.worm.aaeb-h
2012-11-28/a>Mark HofmanNew version of wireshark is available (1.8.4), some security fixes included.
2012-11-27/a>Chris MohanCan users' phish emails be a security admin's catch of the day?
2012-11-26/a>John BambenekOnline Shopping for the Holidays? Tips, News and a Fair Warning
2012-11-20/a>John BambenekBehind the Random NTP Bizarreness of Incorrect Year Being Set
2012-11-20/a>John BambenekFirefox v 17.0 just released, more here: http://www.mozilla.org/en-US/firefox/17.0/releasenotes/
2012-11-19/a>John BambenekMoneyGram fined $100 million for aiding wire fraud - http://krebsonsecurity.com/2012/11/moneygram-fined-100-million-for-wire-fraud/
2012-11-19/a>John BambenekNew Poll: Top 5 Unresolved Security Problems of 2012
2012-11-17/a>Manuel Humberto Santander PelaezNew Sysinternal Updates: AdExplorer v1.44, Contig v1.7, Coreinfo v3.2, Procdump v5.1. See http://blogs.technet.com/b/sysinternals/archive/2012/11/16/updates-adexplorer-v1-44-contig-v1-7-coreinfo-v3-2-procdump-v5-1.aspx?Redirected=true
2012-11-12/a>John BambenekRequest for info: Robocall Phishing Against Local/Regional Banks
2012-11-09/a>Mark BaggettRemote Diagnostics with PSR
2012-11-09/a>Mark BaggettFresh batch of Microsoft patches next week
2012-11-07/a>Mark BaggettHelp eliminate unquoted path vulnerabilities
2012-11-07/a>Mark BaggettMultiple 0-Days Reported!
2012-11-07/a>Mark BaggettCisco TACACS+ Authentication Bypass
2012-11-05/a>Johannes UllrichReminder: Ongoing SMTP Brute Forcing Attacks
2012-11-05/a>Johannes UllrichPossible Fake-AV Ads from Doubleclick Servers
2012-11-04/a>Lorna HutchesonWhat's important on your network?
2012-10-31/a>Johannes UllrichCyber Security Awareness Month - Day 31 - Business Continuity and Disaster Recovery
2012-10-30/a>Johannes UllrichHurricane Sandy Update
2012-10-30/a>Richard PorterSplunk 5.0 SP-CAAAHB4 http://www.splunk.com/view/SP-CAAAHB4
2012-10-28/a>Tony CarothersFirefox 16.02 Released
2012-10-26/a>Russ McReeCyber Security Awareness Month - Day 26 - Attackers use trusted domain to propagate Citadel Zeus variant
2012-10-25/a>Richard PorterCyber Security Awareness Month - Day 25 - Pro Audio & Video Packets on the Wire
2012-10-24/a>Russ McReeOngoing Windstream outage in the midwest - https://twitter.com/search?q=windstream
2012-10-21/a>Johannes UllrichCyber Security Awareness Month - Day 22: Connectors
2012-10-21/a>Lorna HutchesonPotential Phish for Regular Webmail Accounts
2012-10-19/a>Johannes UllrichCyber Security Awareness Month - Day 19: Standard log formats and CEE.
2012-10-18/a>Rob VandenBrinkCyber Security Awareness Month - Day 18 - Vendor Standards: The vSphere Hardening Guide
2012-10-17/a>Mark HofmanNew Acrobat release (including reader) available. Version 11. Some security improvements more here -->http://blogs.adobe.com/adobereader/
2012-10-16/a>Richard PorterCyberAwareness Month - Day 15, Standards Body Soup (pt2), Same Soup Different Cook.
2012-10-16/a>Johannes UllrichCyber Security Awareness Month - Day 16: W3C and HTML
2012-10-14/a>Pedro BuenoCyber Security Awareness Month - Day 14 - Poor Man's File Analysis System - Part 1
2012-10-09/a>Johannes UllrichMicrosoft October 2012 Black Tuesday Update - Overview
2012-10-07/a>Tony CarothersCyber Security Awareness Month - Day 7 - Rollup Review of CSAM Week 1
2012-10-05/a>Johannes UllrichCyber Security Awareness Month - Day 5: Standards Body Soup, So many Flavors in the bowl.
2012-10-05/a>Richard PorterVMWare Security Advisory: VMSA-2012-0014 - http://www.vmware.com/security/advisories/VMSA-2012-0014.html
2012-10-05/a>Richard PorterReports of a Distributed Injection Scan
2012-10-04/a>Mark HofmanAnd the SHA-3 title goes to .....Keccak
2012-10-02/a>Russ McReeCyber Security Awareness Month - Day 2 - PCI Security Standard: Mobile Payment Acceptance Security Guidelines
2012-10-01/a>Johannes UllrichCyber Security Awareness Month
2012-09-28/a>Joel EslerAdobe certification revocation for October 4th
2012-09-26/a>Johannes UllrichSome Android phones can be reset to factory default by clicking on links
2012-09-26/a>Johannes UllrichMore Java Woes
2012-09-21/a>Johannes UllrichiOS 6 Security Roundup
2012-09-20/a>Russ McReeApple and Cisco Security Advisories 19 SEP 2012
2012-09-20/a>Russ McReeFinancial sector advisory: attacks and threats against financial institutions
2012-09-20/a>Russ McReeFlash Player update but no announcement, check your version http://www.adobe.com/software/flash/about/
2012-09-19/a>Russ McReeScript kiddie scavenging with Shellbot.S
2012-09-17/a>Rob VandenBrinkWhat's on your iPad?
2012-09-14/a>Lenny ZeltserScam Report - Fake Voice Mail Email Notification Redirects to Malicious Site
2012-09-13/a>Mark BaggettMicrosoft disrupts traffic associated with the Nitol botnet
2012-09-13/a>Mark BaggettMore SSL trouble
2012-09-10/a>Johannes UllrichMicrosoft Patch Tuesday Pre-Release
2012-09-10/a>Johannes UllrichGodaddy DDoS Attack
2012-09-06/a>Johannes UllrichSSL Requests sent to port 80 (request for help/input)
2012-09-04/a>Johannes UllrichAnother round of "Spot the Exploit E-Mail"
2012-09-02/a>Lorna HutchesonDemonstrating the value of your Intrusion Detection Program and Analysts
2012-09-01/a>Russ McReeBlackhole targeting Java vulnerability via fake Microsoft Services Agreement email phish
2012-08-31/a>Russ McReeNot so fast: Java 7 Update 7 critical vulnerability discovered in less than 24 hours
2012-08-30/a>Johannes UllrichEditorial: The Slumlord Approach to Network Security http://isc.sans.edu/j/editorial
2012-08-29/a>Johannes Ullrich"Data" URLs used for in-URL phishing
2012-08-27/a>Johannes UllrichMalware Spam harvesting Facebook Information
2012-08-27/a>Johannes UllrichThe Good, Bad and Ugly about Assigning IPv6 Addresses
2012-08-26/a>Lorna HutchesonWho ya gonna contact?
2012-08-22/a>Adrien de BeaupreApple Remote Desktop update fixes no encryption issue
2012-08-21/a>Adrien de BeaupreYYABCAFU - Yes Yet Another Bleeping Critical Adobe Flash Update
2012-08-21/a>Adrien de BeaupreRuggedCom fails key management 101 on Rugged Operating System (ROS)
2012-08-20/a>Manuel Humberto Santander PelaezDo we need test procedures in our companies before implementing Antivirus signatures?
2012-08-19/a>Manuel Humberto Santander PelaezAuthentication Issues between entities during protocol message exchange in SCADA Systems
2012-08-12/a>Tony CarothersLayers of the Defense-in-Depth Onion
2012-08-12/a>Tony CarothersOracle Security Alert for CVE-2012-3132
2012-08-09/a>Mark HofmanZeus/Citadel variant causing issues in the Netherlands
2012-08-09/a>Mark HofmanSQL Injection Lilupophilupop style, Part 2
2012-08-07/a>Adrien de BeaupreWho protects small business?
2012-08-05/a>Daniel WesemannPhishing for Payroll with unpatched Java
2012-08-04/a>Kevin ListonVendors: More Patch-Release Options Please
2012-07-27/a>Daniel WesemannCuckoo 0.4 is out - cool new features for malware analysis http://www.cuckoosandbox.org/
2012-07-24/a>Richard PorterReport of spike in DNS Queries gd21.net
2012-07-24/a>Richard PorterWireshark 1.8.1 Released http://www.wireshark.org/
2012-07-20/a>Mark BaggettSyria Internet connection cut?
2012-07-19/a>Mark BaggettDiagnosing Malware with Resource Monitor
2012-07-19/a>Mark BaggettA Heap of Overflows?
2012-07-16/a>Richard PorterSysinternals Update @ http://blogs.technet.com/b/sysinternals/archive/2012/07/16/updates-handle-v3-5-process-explorer-v15-22-process-monitor-v3-03-rammap-v1-21-zoomit-v4-3.aspx
2012-07-13/a>Richard PorterYesterday (not as on the ball as Rob) at SANSFire
2012-07-13/a>Russ McRee2 for 1: SANSFIRE & MSRA presentations
2012-07-13/a>Russ McReeVMWare Security Advisory 12 JUL 2012
2012-07-13/a>Russ McReeYahoo service SQL injection vuln leads to account exposure
2012-07-12/a>Rick WannerCisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Multipoint Switch - http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctms
2012-07-12/a>Rick WannerCisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Recording Server - http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctrs
2012-07-12/a>Rick WannerCisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Immersive Endpoint Devices - http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-cts
2012-07-12/a>Rick WannerCisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Manager - http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctsman
2012-07-09/a>Johannes UllrichThe FBI will turn off the Internet on Monday (or not)
2012-07-09/a>Manuel Humberto Santander PelaezInternet Storm Center panel tonight at SANSFIRE 2012!
2012-07-05/a>Adrien de BeaupreMicrosoft advanced notification for July 2012 patch Tuesday
2012-07-02/a>Joel EslerA rough guide to keeping your website up
2012-07-02/a>Joel EslerLinux & Java leap second bug
2012-06-29/a>Jim ClausingUpdated SysInternals tools - Autoruns, Process Explorer, Process Monitor, PSKill -- http://blogs.technet.com/b/sysinternals/archive/2012/06/28/updates-autoruns-v11-32-process-explorer-v15-21-process-monitor-v3-02-pskill-v1-15-rammap-v1-2.aspx
2012-06-22/a>Kevin ListonUpdated Poll: Which Patch Delivery Schedule Works the Best for You?
2012-06-21/a>Russ McReeAnalysis of drive-by attack sample set
2012-06-21/a>Russ McReeWireshark 1.8.0 released 21 JUN 2012 http://www.wireshark.org/download.html
2012-06-19/a>Daniel Wesemann Vulnerabilityqueerprocessbrittleness
2012-05-05/a>Tony CarothersVulnerability Assessment Program - Discussions
2011-12-28/a>Daniel WesemannHash collisions vulnerability in web servers
2011-12-08/a>Adrien de BeaupreNewest Adobe Flash 11.1.102.55 and Previous 0 Day Exploit
2011-05-09/a>Rick WannerSerious flaw in OpenID
2010-12-24/a>Daniel WesemannA question of class
2010-12-10/a>Mark HofmanEXIM MTA vulnerability
2010-09-14/a>Adrien de BeaupreAdobe Flash v10.1.82.76 and earlier vulnerability in-the-wild
2010-09-08/a>John BambenekAdobe Acrobat/Reader 0-day in Wild, Adobe Issues Advisory
2010-08-30/a>Adrien de BeaupreApple QuickTime potential vulnerability/backdoor
2010-08-05/a>Manuel Humberto Santander PelaezAdobe Acrobat Font Parsing Integer Overflow Vulnerability
2010-07-20/a>Manuel Humberto Santander PelaezLNK vulnerability now with Metasploit module implementing the WebDAV method
2010-07-20/a>Manuel Humberto Santander PelaeziTunes buffer overflow vulnerability
2010-07-20/a>Manuel Humberto Santander PelaezLowering infocon back to green
2010-07-04/a>Manuel Humberto Santander PelaezInteresting analysis of the PHP SplObjectStorage Vulnerability
2010-06-24/a>Jason LamHelp your competitor - Advise them of vulnerability
2010-06-15/a>Manuel Humberto Santander PelaezApple releases advisory for Mac OS X - Multiple vulnerabilities discovered
2010-05-23/a>Manuel Humberto Santander PelaezOracle Java SE and Java for Business 'MixerSequencer' Remote Code Execution Vulnerability
2010-01-21/a>Johannes UllrichNew Microsoft Advisory: Vulnerability in Windows Kernel Privilege Escalation (CVE-2010-0232)
2010-01-17/a>Rick WannerBuffer overflow in Quicktime
2009-12-24/a>Guy BruneauMicrosoft IIS File Parsing Extension Vulnerability
2009-11-24/a>Rick WannerMicrosoft Security Advisory 977981 - IE 6 and IE 7
2009-11-16/a>G. N. WhiteReports of a successful exploit of the SSL Renegotiation Vulnerability?
2009-11-13/a>Adrien de BeaupreTLS & SSLv3 renegotiation vulnerability explained
2009-11-13/a>Adrien de BeaupreFlash Origin Policy Attack
2009-11-05/a>Swa FrantzenTLS Man-in-the-middle on renegotiation vulnerability made public
2009-10-08/a>Johannes UllrichNew Adobe Vulnerability Exploited in Targeted Attacks
2009-09-08/a>Adrien de BeaupreMicrosoft Security Advisory 975191 Revised
2009-09-04/a>Adrien de BeaupreVulnerabilities (plural) in MS IIS FTP Service 5.0, 5.1. 6.0, 7.0
2009-07-13/a>Adrien de BeaupreVulnerability in Microsoft Office Web Components Control Could Allow Remote Code Execution
2009-07-13/a>Adrien de BeaupreSecurity Update available for Wyse Device Manager
2009-05-29/a>Lorna HutchesonVMWare Patches Released
2009-05-10/a>Mari NicholsIs your Symantec Antivirus Alerting working correctly?
2009-05-04/a>Tom ListonAdobe Reader/Acrobat Critical Vulnerability
2009-02-11/a>Robert DanfordProFTPd SQL Authentication Vulnerability exploit activity
2008-12-23/a>Patrick NolanMS ACK's Vulnerability in SQL Server which Could Allow Remote Code Execution
2008-12-10/a>Mark HofmanMicrosoft wordpad text converter issue
2008-09-29/a>Daniel WesemannPatchbag: WinZip / MPlayer / RealWin SCADA vuln
2008-08-02/a>Maarten Van HorenbeeckA little of that human touch
2008-07-17/a>Mari NicholsFirefox Releases 3.0.1 and fixes 3 security vulnerabilities
2008-07-16/a>Maarten Van HorenbeeckFirefox 2.0.0.16 fixes two security vulnerabilities
2008-07-15/a>Maarten Van HorenbeeckBlackBerry PDF parsing vulnerability
2008-07-15/a>Maarten Van HorenbeeckOracle (and BEA, Hyperion and TimesTen) critical patch update July 15th, 2008
2008-06-19/a>William StearnsFirefox vunerability
2008-05-27/a>Adrien de BeaupreAdobe flash player vuln
2008-05-06/a>Marcus SachsIndustrial Control Systems Vulnerability
2007-01-03/a>Toby KohlenbergVLC Media Player udp URL handler Format String Vulnerability
2006-10-05/a>John BambenekThere are no more Passive Exploits

PATCH

2024-12-11/a>Johannes UllrichApple Updates Everything (iOS, iPadOS, macOS, watchOS, tvOS, visionOS)
2024-12-10/a>Johannes UllrichMicrosoft Patch Tuesday: December 2024
2024-08-29/a>Xavier MertensLive Patching DLLs with Python
2024-07-09/a>Johannes UllrichMicrosoft Patch Tuesday July 2024
2024-06-11/a>Johannes UllrichMicrosoft Patch Tuesday June 2024
2024-03-12/a>Johannes UllrichMicrosoft Patch Tuesday - March 2024
2024-03-05/a>Johannes UllrichApple Releases iOS/iPadOS Updates with Zero Day Fixes.
2023-12-12/a>Johannes UllrichMicrosoft Patch Tuesday December 2023
2023-10-10/a>Johannes UllrichOctober 2023 Microsoft Patch Tuesday Summary
2023-09-26/a>Johannes UllrichApple Releases MacOS Sonoma Including Numerous Security Patches
2023-09-11/a>Johannes UllrichApple fixes 0-Day Vulnerability in Older Operating Systems
2023-03-27/a>Johannes UllrichApple Updates Everything (including Studio Display)
2023-02-14/a>Johannes UllrichMicrosoft February 2023 Patch Tuesday
2023-01-24/a>Johannes UllrichApple Updates (almost) Everything: Patch Overview
2022-10-11/a>Johannes UllrichOctober 2022 Microsoft Patch Tuesday
2022-10-07/a>Xavier MertensCritical Fortinet Vulnerability Ahead
2022-07-20/a>Johannes UllrichApple Patches Everything Day
2022-05-16/a>Johannes UllrichApple Patches Everything
2022-05-10/a>Renato MarinhoMicrosoft May 2022 Patch Tuesday
2022-05-03/a>Rob VandenBrinkFinding the Real "Last Patched" Day (Interim Version)
2022-03-31/a>Johannes UllrichApple Patches Actively Exploited Vulnerability in macOS, iOS and iPadOS,
2022-02-10/a>Johannes UllrichiOS/iPadOS and MacOS Update: Single WebKit 0-Day Vulnerability Patched
2022-01-11/a>Johannes UllrichMicrosoft Patch Tuesday - January 2022
2021-09-14/a>Renato MarinhoMicrosoft September 2021 Patch Tuesday
2021-08-20/a>Xavier MertensWaiting for the C2 to Show Up
2021-04-13/a>Richard PorterMicrosoft April 2021 Patch Tuesday
2020-12-08/a>Johannes UllrichDecember 2020 Microsoft Patch Tuesday: Exchange, Sharepoint, Dynamics and DNS Spoofing
2020-11-25/a>Xavier MertensLive Patching Windows API Calls Using PowerShell
2020-05-14/a>Rob VandenBrinkPatch Tuesday Revisited - CVE-2020-1048 isn't as "Medium" as MS Would Have You Believe
2020-03-10/a>Johannes UllrichMicrosoft Patch Tuesday March 2020
2020-02-29/a>Guy BruneauHazelcast IMDG Discover Scan
2019-07-09/a>John BambenekMSFT July 2019 Patch Tuesday
2018-12-19/a>Xavier MertensMicrosoft OOB Patch for Internet Explorer: Scripting Engine Memory Corruption Vulnerability
2018-12-11/a>Richard PorterMicrosoft December 2018 Patch Tuesday
2018-11-13/a>Johannes UllrichNovember 2018 Microsoft Patch Tuesday
2018-10-09/a>Johannes UllrichOctober 2018 Microsoft Patch Tuesday
2018-09-11/a>Johannes UllrichMicrosoft September Patch Tuesday Summary
2018-07-17/a>Scott FendleyOracle Critical Patch Update Release
2018-06-12/a>Johannes UllrichMicrosoft June 2018 Patch Tuesday
2018-04-25/a>Johannes UllrichYet Another Drupal RCE Vulnerability
2017-12-20/a>Richard PorterVMWare Security Advisory: VMSA-2017-0021: https://www.vmware.com/security/advisories/VMSA-2017-0021.html
2017-12-12/a>Johannes UllrichDecember Microsoft Patch Tuesday Summary
2017-09-08/a>Adrien de BeaupreYASRV (Yet Another Struts RCE Vulnerability) yes a different one from yesterday
2017-09-05/a>Adrien de BeaupreStruts vulnerability patch released by apache, patch now
2017-07-11/a>Renato MarinhoJuly's Microsoft Patch Tuesday
2017-03-14/a>Johannes UllrichFebruary and March Microsoft Patch Tuesday
2017-02-14/a>Johannes UllrichMicrosoft Patch Tuesday Delayed
2017-02-04/a>Xavier MertensDetecting Undisclosed Vulnerabilities with Security Tools & Features
2017-01-10/a>Johannes UllrichJanuary 2017 Microsoft Patch Tuesday
2016-09-13/a>Rob VandenBrinkMicrosoft Patch Tuesday Analysis
2016-09-02/a>Johannes UllrichApple Patches "Trident" Vulnerabilities in OS X / Safari
2016-07-12/a>Johannes UllrichMicrosoft Patch Tuesday Summary for July 2016
2016-02-09/a>Johannes UllrichMicrosoft February 2016 Patch Tuesday
2016-01-12/a>Alex StanfordJanuary 2016 Microsoft Patch Tuesday
2015-12-08/a>Johannes UllrichDecember 2015 Microsoft Patch Tuesday
2015-11-10/a>Johannes UllrichNovember 2015 Microsoft Patch Tuesday
2015-10-13/a>Alex StanfordOctober 2015 Microsoft Patch Tuesday
2015-09-08/a>Johannes UllrichSeptember 2015 Microsoft Patch Tuesday
2015-08-11/a>Manuel Humberto Santander PelaezAugust 2015 Microsoft Patch Tuesday
2015-07-23/a>Mark HofmanSome more 0-days from ZDI
2015-07-14/a>Johannes UllrichAdobe Updates Flash Player, Shockwave and PDF Reader
2015-07-14/a>Johannes UllrichJuly 2015 Microsoft Patch Tuesday
2015-06-09/a>Johannes UllrichMicrosoft Patch Tuesday Summary for June 2015
2015-05-12/a>Johannes UllrichMay 2015 Microsoft Patch Tuesday Summary
2015-04-14/a>Alex StanfordMicrosoft Patch Tuesday - April 2015
2015-03-10/a>Johannes UllrichMicrosoft March Patch Tuesday
2015-02-13/a>Johannes UllrichMicrosoft February Patch Failures Continue: KB3023607 vs. Cisco AnyConnect Client
2015-02-11/a>Johannes UllrichMicrosoft Hardens GPO by Fixing Two Serious Vulnerabilities.
2015-02-10/a>Mark BaggettMicrosoft Update Advisory for February 2015
2015-01-23/a>Adrien de BeaupreInfocon change to yellow for Adobe Flash issues
2015-01-13/a>Johannes UllrichMicrosoft Patch Tuesday - January 2015 (Really? Telnet?)
2014-12-09/a>Alex StanfordMicrosoft Patch Tuesday - December 2014
2014-11-18/a>Jim ClausingMicrosoft November out-of-cycle patch MS14-068
2014-11-11/a>Johannes UllrichMicrosoft November 2014 Patch Tuesday
2014-11-11/a>Johannes UllrichAdobe Flash Update
2014-10-17/a>Johannes UllrichApple Updates (not just Yosemite)
2014-10-14/a>Johannes UllrichMicrosoft October 2014 Patch Tuesday
2014-10-14/a>Johannes UllrichAdobe October 2014 Bulletins for Flash Player and Coldfusion
2014-09-29/a>Johannes UllrichApple Released Update to Fix Shellshock Vulnerability http://support.apple.com/kb/DL1769
2014-09-09/a>Alex StanfordMicrosoft Patch Tuesday - September 2014
2014-08-12/a>Alex StanfordMicrosoft Patch Tuesday - August 2014
2014-07-15/a>Daniel WesemannOracle July 2014 CPU (patch bundle)
2014-07-08/a>Alex StanfordMicrosoft Patch Tuesday - July
2014-07-01/a>Johannes UllrichApple Releases Patches for All Products
2014-06-10/a>Alex StanfordMicrosoft Patch Tuesday June 2014
2014-06-06/a>Johannes UllrichMicrosoft June Patch Tuesday Advance Notification
2014-05-13/a>Johannes UllrichMicrosoft May 2014 Patch Tuesday
2014-05-01/a>Johannes UllrichMicrosoft Announces Special Patch for IE 0-day (Win XP included!)
2014-04-22/a>Johannes UllrichApple Patches for OS X, iOS and Apple TV.
2014-04-16/a>Johannes UllrichOracle Critical Patch Update for April 2014
2014-04-08/a>Richard PorterApril 2014 Microsoft Patches
2014-03-21/a>Johannes UllrichCisco AsyncOS Patch
2014-03-11/a>Johannes UllrichAdobe Updates: Flash Player
2014-03-11/a>Johannes UllrichMicrosoft Patch Tuesday March 2014
2014-03-08/a>Guy BruneauMicrosoft March Patch Pre-Announcement
2014-02-25/a>Alex StanfordApple releases OS X 10.9.2 patching SSL vulnerability and updates Safari
2014-02-11/a>Johannes UllrichFebruary 2014 Microsoft Patch Tuesday
2014-02-11/a>Johannes UllrichAdobe February 2014 Patch Tuesday
2014-02-07/a>Johannes UllrichMicrosoft Advance Notification for February 2014
2014-02-04/a>Johannes UllrichAdobe Flash Player Emergency Patch
2014-01-30/a>Johannes UllrichOracle Reports Vulnerability
2014-01-14/a>Johannes UllrichMicrosoft Patch Tuesday January 2014
2014-01-14/a>Johannes UllrichAdobe Patch Tuesday January 2014
2014-01-14/a>Johannes UllrichOracle Critical Patch Update January 2014
2014-01-10/a>Basil Alawi S.TaherCisco Small Business Devices backdoor fix
2014-01-09/a>Johannes UllrichMicrosoft Security Bulletin Advance Notification for January 2014 http://technet.microsoft.com/en-us/security/bulletin/ms14-jan
2013-12-10/a>Johannes UllrichMicrosoft December Patch Tuesday
2013-12-07/a>Guy BruneauMicrosoft December Patch Pre-Announcement
2013-12-04/a>Adrien de BeaupreVMware Security Advisory VMSA-2013-0014
2013-11-12/a>Johannes UllrichNovember 2013 Microsoft Patch Tuesday
2013-11-08/a>Johannes UllrichMicrosoft Patch Tuesday Preview
2013-11-01/a>Russ McReeSecunia's PSI Country Report - Q3 2013
2013-10-08/a>Johannes UllrichMicrosoft October 2013 Patch Tuesday
2013-10-03/a>Johannes UllrichOctober Patch Tuesday Preview (CVE-2013-3893 patch coming!)
2013-09-11/a>Johannes UllrichReboot Wednesday: Yesterday's Patch Tuesday Aftermath
2013-09-10/a>Swa FrantzenAdobe September 2013 Black Tuesday Overview
2013-09-10/a>Swa FrantzenMicrosoft September 2013 Black Tuesday Overview
2013-09-10/a>Swa FrantzenMacs need to patch too!
2013-09-07/a>Guy BruneauMicrosoft September Patch Pre-Announcement
2013-08-19/a>Johannes UllrichMicrosoft re-releases MS13-066: https://technet.microsoft.com/security/bulletin/MS13-066
2013-08-15/a>Johannes UllrichMicrosoft Pulls MS013-061 due to problems with Exchange Server 2013 http://blogs.technet.com/b/exchange/archive/2013/08/14/exchange-2013-security-update-ms13-061-status-update.aspx
2013-08-13/a>Swa FrantzenMicrosoft August 2013 Black Tuesday Overview
2013-08-13/a>Swa FrantzenMicrosoft security advisories: RDP and MD5 deprecation in Microsoft root certificates
2013-07-09/a>Swa FrantzenMicrosoft July 2013 Black Tuesday Overview
2013-07-09/a>Swa FrantzenAdobe July 2013 Black Tuesday Overview
2013-07-06/a>Guy BruneauMicrosoft July Patch Pre-Announcement
2013-06-26/a>Adrien de BeaupreMultiple Cisco security advisories
2013-06-11/a>Swa FrantzenMicrosoft June 2013 Black Tuesday Overview
2013-06-11/a>Swa FrantzenAdobe June 2013 Black Tuesday Overview
2013-06-11/a>Swa Frantzenvmware security advisory VMSA-2013-0008
2013-06-05/a>Richard PorterBIND 9 Update fixing CVE-2013-3919
2013-05-22/a>Adrien de BeauprePrivilege escalation, why should I care?
2013-05-14/a>Swa FrantzenMicrosoft May 2013 Black Tuesday Overview
2013-05-14/a>Swa FrantzenFirefox & Thunderbird released
2013-05-14/a>Swa FrantzenAdobe May 2013 Black Tuesday Overview
2013-05-14/a>Swa FrantzenMicrosoft Security Advisory 2846338
2013-04-09/a>Swa FrantzenMicrosoft April 2013 Black Tuesday Overview
2013-04-09/a>Swa FrantzenAdobe April 2013 Black Tuesday Overview
2013-04-04/a>Johannes UllrichMicrosoft April Patch Tuesday Advance Notification
2013-03-12/a>Swa FrantzenMicrosoft March 2013 Black Tuesday Overview
2013-03-12/a>Swa FrantzenAdobe March 2013 Black Tueday
2013-02-27/a>Adam SwangerAdobe Flash Player Security Update - http://www.adobe.com/support/security/bulletins/apsb13-08.html
2013-02-22/a>Chris MohanVMware releases new and updated security advisories
2013-02-14/a>Adam SwangerISC Monthly Threat Update - February 2013 http://isc.sans.edu/podcastdetail.html?id=3121
2013-02-12/a>Adam SwangerMicrosoft February 2013 Black Tuesday Update - Overview
2013-02-12/a>Swa FrantzenAdobe Feb 2013 Black Tuesday patches
2013-02-08/a>Johannes UllrichMicrosoft February Patch Tuesday Advance Notification
2013-01-22/a>Richard PorterUsing Metasploit for Patch Sanity Checks
2013-01-14/a>Richard PorterJanuary 2013 Microsoft Out of Cycle Patch
2013-01-10/a>Adam SwangerISC Monthly Threat Update New Format
2013-01-09/a>Rob VandenBrinkFirefox and Thunderbird Updates
2013-01-09/a>Rob VandenBrinkSecurity Updates for Adobe Reader / Acrobat - http://www.adobe.com/support/security/bulletins/apsb13-02.html
2013-01-09/a>Rob VandenBrinkSQL Injection Flaw in Ruby on Rails
2013-01-08/a>Richard PorterMicrosoft January 2013 Black Tuesday Update - Overview
2013-01-08/a>Richard PorterFirefox 18 Released, Security Fixes http://www.mozilla.org/security/known-vulnerabilities/firefox.html
2013-01-04/a>Daniel WesemannPatch pre-notification from Adobe and Microsoft
2012-12-11/a>John BambenekMicrosoft December 2012 Black Tuesday Update - Overview
2012-11-13/a>Jim ClausingMicrosoft November 2012 Black Tuesday Update - Overview
2012-10-17/a>Mark HofmanOracle Critical Patch Update October
2012-10-09/a>Johannes UllrichAdobe Flash Player update http://www.adobe.com/support/security/bulletins/apsb12-22.html
2012-10-09/a>Johannes UllrichMicrosoft October 2012 Black Tuesday Update - Overview
2012-10-04/a>Johannes UllrichMicrosoft October Patch Pre-Announcement
2012-09-11/a>Adam SwangerMicrosoft September 2012 Black Tuesday Update - Overview
2012-08-14/a>Rick WannerMicrosoft August 2012 Black Tuesday Update - Overview
2012-08-14/a>Rick WannerAdobe Security Bulletins - http://blogs.adobe.com/psirt/2012/08/adobe-security-bulletins-posted-2.html
2012-08-04/a>Kevin ListonVendors: More Patch-Release Options Please
2012-07-15/a>Guy BruneauOracle July 2012 Critical Patch Pre-Release Announcement
2012-07-10/a>Swa FrantzenMicrosoft fix-it to disable gadgets - SA 2719662
2012-07-10/a>Swa FrantzenMicrosoft July 2012 Black Tuesday Update - Overview
2012-07-10/a>Swa FrantzenMicrosoft revoking trust in Microsoft certificates - SA 2728973
2012-07-05/a>Adrien de BeaupreMicrosoft advanced notification for July 2012 patch Tuesday
2012-06-22/a>Kevin ListonUpdated Poll: Which Patch Delivery Schedule Works the Best for You?
2012-06-12/a>Swa FrantzenAdobe June 2012 Black Tuesday patches
2012-06-12/a>Swa FrantzenMicrosoft June 2012 Black Tuesday Update - Overview
2012-06-12/a>Swa FrantzenJava 7u5 and 6u33 released
2012-06-11/a>Johannes UllrichMicrosoft Update Security
2012-06-07/a>Johannes UllrichMicrosoft June Security Bulletin Advance Notification
2012-05-23/a>Mark BaggettProblems with MS12-035 affecting XP, SBS and Windows 2003?
2012-05-08/a>Adam SwangerMicrosoft May 2012 Black Tuesday Update - Overview
2012-04-15/a>Rick Wanner.Net update affects printing from some applications
2012-04-13/a>Daniel WesemannOracle CPU Patches announced for Apr 17
2012-04-10/a>Swa FrantzenMicrosoft April 2012 Black Tuesday Update - Overview
2012-04-10/a>Swa FrantzenAdobe April 2012 Black Tuesday Update
2012-04-06/a>Johannes UllrichAdobe Patch Tuesday Prerelease (Reader/Acrobat) http://www.adobe.com/support/security/bulletins/apsb12-08.html
2012-04-06/a>Johannes UllrichAnother OS X Java Patch
2012-04-06/a>Johannes UllrichMicrosoft April Patch Tuesday Pre-Announcement (6 Patches): http://technet.microsoft.com/en-us/security/bulletin/ms12-apr
2012-03-13/a>Lenny ZeltserMarch 2012 Microsoft Black Tuesday
2012-03-12/a>Johannes UllrichApple Released Safari 5.1.4
2012-03-08/a>Johannes UllrichApple Patches
2012-03-08/a>Johannes UllrichMicrosoft March Patch Tuesday Pre-Anouncement out. 6 patches, 1 critical: http://technet.microsoft.com/en-us/security/bulletin/ms12-mar
2012-03-05/a>Johannes UllrichAdobe Flash Player Security Update
2012-02-16/a>Tony CarothersJava Update for February
2012-02-14/a>Johannes UllrichAdobe Shockwave Player and RoboHelp for Word Patches
2012-02-14/a>Johannes UllrichFebruary 2012 Microsoft Black Tuesday
2012-02-01/a>Russ McReeOracle Security Alert: http://www.oracle.com/technetwork/topics/security/alert-cve-2011-5035-1506603.html
2012-01-31/a>Russ McReeFirefox 10 and VMWare advisories and updates
2012-01-18/a>Richard PorterOracle Quarterly Released, http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html
2012-01-10/a>Adrien de BeaupreJanuary 2012 Microsoft Black Tuesday Summary
2012-01-10/a>Adrien de BeaupreAdobe January 2012 Black Tuesday overview
2012-01-06/a>Guy BruneauJanuary 2012 Patch Tuesday Pre-release
2011-12-13/a>Johannes UllrichDecember 2011 Microsoft Black Tuesday Summary
2011-12-08/a>Adrien de BeaupreMicrosoft Security Bulletin Advance Notification for December 2011
2011-11-08/a>Swa FrantzenMicrosoft November 2011 Black Tuesday Overview
2011-11-08/a>Swa FrantzenAbobe November 2011 Black Tuesday Overview
2011-11-08/a>Swa FrantzenApple Black Tuesday
2011-11-03/a>Guy BruneauNovember 2011 Patch Tuesday Pre-release
2011-10-19/a>Mark HofmanOracle Critical Patch Update
2011-10-11/a>Swa FrantzenMicrosoft Black Tuesday Overview October 2011
2011-10-11/a>Swa FrantzenApple iTunes 10.5
2011-09-21/a>Swa FrantzenEmergency patch expected for Flash Player
2011-09-13/a>Swa FrantzenMicrosoft September 2011 Black Tuesday
2011-09-13/a>Swa FrantzenAdobe September 2011 Black Tuesday overview
2011-09-09/a>Johannes UllrichEarly Patch Tuesday Today: Microsoft September 2011 Patches
2011-09-08/a>Rob VandenBrinkShould We Still Test Patches?
2011-09-08/a>Mark HofmanMicrosoft has released their advanced notification for patch Tuesday. 15 Vulnerabilities to be addressed. more here --> http://blogs.technet.com/b/msrc/archive/2011/09/08/advanced-notification-for-the-september-2011-bulletin-release.aspx
2011-08-31/a>Johannes UllrichFirefox/Thunderbird 6.0.1 released to blocklist bad DigiNotar SSL certificates
2011-08-30/a>Johannes UllrichApache patch out for "byte range" DoS vulnerability http://www.apache.org/dist/httpd/Announcement2.2.html
2011-08-09/a>Swa FrantzenMicrosoft August 2011 Black Tuesday Overview
2011-08-09/a>Swa FrantzenAdobe August 2011 Black Tuesday Overview
2011-08-05/a>Johannes UllrichMicrosoft Patch Tuesday Advance Notification: 13 Bulletins coming http://www.microsoft.com/technet/security/Bulletin/MS11-aug.mspx
2011-07-12/a>Swa FrantzenMicrosoft July 2011 Black Tuesday Overview
2011-07-07/a>Rob VandenBrink"There's a Patch for that" (or maybe not)
2011-07-06/a>Rob VandenBrink"Too Important to Patch" - Wait? What?
2011-06-28/a>Johannes UllrichUpdate: Google Chrome 12.0.742.112 released http://googlechromereleases.blogspot.com/2011/06/stable-channel-update_28.html
2011-06-14/a>Swa FrantzenAdobe releases patches
2011-06-14/a>Swa FrantzenMicrosoft June 2011 Black Tuesday Overview
2011-06-09/a>Richard PorterChrome Version 12.0.742.91 Released
2011-05-10/a>Swa FrantzenMay 2011 Microsoft Black Tuesday Overview
2011-05-06/a>Richard PorterUpdated Exploit Index for Microsoft
2011-04-11/a>Jim ClausingApril 2011 Microsoft Black Tuesday Summary
2011-04-08/a>Johannes UllrichDark Black Tuesday Coming Up: 17 Microsoft Bulletins
2011-03-08/a>Jim ClausingMarch 2011 Microsoft Black Tuesday Summary
2011-02-09/a>Mark HofmanAdobe Patches (shockwave, Flash, Reader & Coldfusion)
2011-02-08/a>Joel EslerFeburary 2011 Microsoft Black Tuesday Summary
2011-02-04/a>Daniel WesemannBusy patch tuesday ahead
2011-01-18/a>Daniel WesemannOracle Patches (Jan2011 CPU)
2011-01-13/a>Rob VandenBrinkBlackberry BES Server Updates for PDF Vulnerabilities
2011-01-11/a>Kevin ShorttJanuary 2011 Microsoft Black Tuesday Summary
2011-01-08/a>Guy BruneauJanuary 2011 Patch Tuesday Pre-release
2010-12-20/a>Guy BruneauPatch Issues with Outlook 2007
2010-12-14/a>Manuel Humberto Santander PelaezDecember 2010 Microsoft Black Tuesday Summary
2010-12-10/a>Mark HofmanMicrosoft patches
2010-12-02/a>Kevin JohnsonSQL Injection: Wordpress 3.0.2 released
2010-12-02/a>Kevin JohnsonProFTPD distribution servers compromised
2010-11-29/a>Stephen HallSun security updates
2010-11-09/a>Johannes UllrichNovember 2010 Microsoft Black Tuesday Summary
2010-11-04/a>Johannes UllrichMicrosoft Patches Pre-Announcement
2010-10-12/a>Adrien de BeaupreOctober 2010 Microsoft Black Tuesday Summary
2010-10-08/a>Rick WannerPatch Tuesday Pre-release -- 16 updates
2010-09-30/a>Pedro BuenoMS OOB .NET patch is now also available via Windows Update.
2010-09-28/a>Daniel WesemannMS10-070 OOB Patch for ASP.NET vulnerability
2010-09-27/a>Adrien de BeaupreMS OOB patch tomorrow for Security Advisory 2416728
2010-09-14/a>Adrien de BeaupreSeptember 2010 Microsoft Black Tuesday Summary
2010-08-29/a>Swa FrantzenDLL hijacking - what are you doing ?
2010-08-10/a>Jason LamAdobe critical security updates
2010-08-10/a>Jim ClausingAugust 2010 Micrsoft Black Tuesday Summary
2010-08-07/a>Stephen HallCountdown to Tuesday...
2010-08-02/a>Johannes UllrichMicrosoft Out-of-Band bulletin addresses LNK/Shortcut vulnerability
2010-07-13/a>Jim ClausingJuly 2010 Microsoft Black Tuesday Summary
2010-06-08/a>Manuel Humberto Santander PelaezJune 2010 Microsoft Black Tuesday Summary
2010-06-03/a>Guy BruneauMicrosoft Patch Tuesday June 2010 Pre-Release
2010-05-11/a>Scott FendleyMay 2010 Microsoft Patches
2010-05-08/a>Guy BruneauMicrosoft Patch Tuesday May 2010 Pre-Release
2010-04-14/a>Mark HofmanAnd let the patching games continue
2010-04-14/a>Mark HofmanOracle has released 47 critical patches (Includes SUN patches)
2010-04-13/a>Johannes UllrichMicrosoft April 2010 Patch Tuesday
2010-04-08/a>Guy BruneauMicrosoft Patch Tuesday April 2010 Pre-Release
2010-04-02/a>Guy BruneauOracle Java SE and Java for Business Critical Patch Update Advisory
2010-03-29/a>Pedro BuenoMicrosoft to release out-of-band security bulletin tomorrow for IE6/IE7 with cumulative fix.
2010-03-29/a>Adrien de BeaupreOOB Update for Internet Explorer MS10-018
2010-03-09/a>John BambenekMarch 2010 - Microsoft Patch Tuesday Diary
2010-03-03/a>Mark HofmanMS10-015 re-released
2010-02-17/a>Rob VandenBrinkMultiple Security Updates for ESX 3.x and ESXi 3.x
2010-02-11/a>Johannes UllrichMS10-015 may cause Windows XP to blue screen
2010-02-09/a>Mark HofmanOracle has an unscheduled security alert and patch for CVE-2010-0073. The issue affects WebLogic Server and is remotely exploitable. Details and patch are here http://www.oracle.com/technology/deploy/security/alerts/alert-cve-2010-0073.html
2010-02-09/a>Johannes UllrichFebruary 2010 Black Tuesday Overview
2010-02-04/a>Johannes UllrichMicrosoft Patch Tuesday Pre-Release
2010-01-21/a>Chris CarboniSecurity Update Available for Shockwave Player
2010-01-21/a>Chris Carboni* Microsoft Out Of Band Patch Release
2010-01-21/a>Johannes UllrichMicrosoft January Out of Band Patch
2010-01-12/a>Johannes UllrichMicrosoft Security Bulletin: January 2010
2010-01-12/a>Johannes UllrichOracle Patches Relased
2010-01-12/a>Johannes UllrichPre-Announced Adobe Reader and Acrobat Patch Found!
2009-12-09/a>Swa FrantzenAdobe flash player and air patched
2009-12-08/a>Deborah HaleDecember 2009 Black Tuesday Overview
2009-12-03/a>Mark HofmanApple released some Java updates today APPLE-SA-2009-12-03-1 & 2 (for 10.5 and 10.6). Fixes a number of security issues so updating is a good idea.
2009-12-03/a>Mark HofmanNext week will be a big patch week - Adobe is also releasing patches "Adobe is planning to release an update for Adobe Flash Player 10.0.32.18 and earlier versions, and an update to Adobe AIR 1.5.2 and earlier versions, to resolve critical security issues
2009-11-21/a>Mark HofmanVMware vCenter and ESX updates available http://lists.vmware.com/pipermail/security-announce/2009/000070.html
2009-11-13/a>Adrien de BeaupreConficker patch via email?
2009-11-10/a>Swa FrantzenMicrosoft November Black Tuesday Overview
2009-10-28/a>Johannes UllrichFirefox 3.5.4 released. Lots of security bug fixes. (thanks Gilbert!)
2009-10-16/a>Adrien de BeaupreDisable MS09-054 patch, or Firefox Plugin?
2009-10-13/a>Johannes UllrichMicrosoft October 2009 Black Tuesday Overview
2009-10-13/a>Daniel WesemannAdobe Reader and Acrobat - Black Tuesday continues
2009-09-08/a>Guy BruneauMicrosoft September 2009 Black Tuesday Overview
2009-08-19/a>Daniel WesemannChecking your protection
2009-08-11/a>Swa FrantzenMicrosoft August 2009 Black Tuesday Overview
2009-07-31/a>Deborah HaleThe iPhone patch is out
2009-07-30/a>Mark HofmanHappy patching day
2009-07-28/a>Adrien de BeaupreMS released two OOB bulletins and an advisory
2009-07-24/a>Rick WannerMicrosoft Out of Band Patch
2009-07-14/a>Swa FrantzenMicrosoft July Black Tuesday Overview
2009-07-14/a>Swa FrantzenISC DHCP client updated
2009-07-14/a>Swa FrantzenOracle Black Tuesday
2009-07-02/a>Daniel WesemannTime to update updating on PCs for 3rd party apps
2009-07-02/a>Daniel WesemannUnpatched Bloatware on new PCs
2009-06-23/a>Bojan ZdrnjaNew Thunderbird out, patches couple of vulnerabilities
2009-06-09/a>Swa FrantzenMicrosoft June Black Tuesday Overview
2009-06-09/a>Swa FrantzenAdobe June Black Tuesday upgrades
2009-05-29/a>Lorna HutchesonBlackberry Server Vulnerability
2009-05-29/a>Lorna HutchesonVMWare Patches Released
2009-05-22/a>Mark HofmanPatching and Apple - Java issue
2009-05-22/a>Mark HofmanPatching and Adobe
2009-05-12/a>Swa FrantzenMSFT's version of responsible disclosure
2009-05-12/a>Swa FrantzenMay Black Tuesday Overview
2009-05-12/a>Swa FrantzenApple patches and updates
2009-05-12/a>Swa FrantzenAdobe Acrobat (reader) patches released
2009-04-14/a>Swa FrantzenApril Black Tuesday Overview
2009-04-14/a>Swa FrantzenOracle quarterly patches
2009-03-18/a>Adrien de BeaupreAdobe Security Bulletin Adobe Reader and Acrobat
2009-03-10/a>Swa FrantzenMarch black Tuesday overview
2009-03-10/a>Swa FrantzenAdobe Acrobat 9.1 released
2009-02-25/a>Andre LudwigAdobe flash player patch
2009-02-25/a>donald smithAutoRun disabling patch released
2009-02-10/a>Swa FrantzenFebruary Black Tuesday Overview
2009-02-06/a>Adrien de BeaupreTime to patch your HP printers
2009-02-06/a>Adrien de BeaupreOther patches and updates du jour...
2009-02-04/a>Daniel WesemannFirefox 3.0.6
2009-02-03/a>Swa FrantzenOn the importance of patching fast
2009-01-31/a>Swa FrantzenVMware updates
2009-01-13/a>Johannes UllrichJanuary Black Tuesday Overview
2008-12-17/a>donald smithOpera 9.6.3 released with security fixes
2008-12-17/a>donald smithInternet Explorer 960714 is released
2008-12-16/a>donald smithMicrosoft announces an out of band patch for IE zero day
2008-12-09/a>Swa FrantzenDecember Black Tuesday Overview
2008-11-11/a>Swa FrantzenNovember Black Tuesday Overview
2008-10-23/a>Mark HofmanMicrosoft out-of-band patch - Severity Critical
2008-10-21/a>Johannes UllrichWireshark 1.0.4 released
2008-10-14/a>Swa FrantzenOctober Black Tuesday Overview
2008-10-14/a>Swa FrantzenOracle quarterly patches on black tuesday
2008-09-29/a>Daniel WesemannPatchbag: WinZip / MPlayer / RealWin SCADA vuln
2008-09-09/a>Swa FrantzenGoogle Chrome being polished
2008-09-09/a>Swa FrantzenSeptember 2008 Black Tuesday Overview
2008-09-09/a>Swa FrantzenApple updates iTunes+QuickTime
2008-08-20/a>Adrien de BeaupreFrom the mailbag, Opera 9.52...
2008-08-12/a>Stephen HallAugust 2008 Black Tuesday Overview
2008-08-01/a>Swa FrantzenApple's Security Update 2008-005: DNS workaround finally included
2008-07-30/a>David GoldsmithSerious 0-Day Flaw in Oracle -- Patch Released
2008-07-16/a>Maarten Van HorenbeeckFirefox 2.0.0.16 fixes two security vulnerabilities
2008-07-15/a>Maarten Van HorenbeeckOracle (and BEA, Hyperion and TimesTen) critical patch update July 15th, 2008
2008-07-08/a>Swa FrantzenJuly 2008 black tuesday overview
2008-06-10/a>Swa FrantzenJune 2008 Black Tuesday Overview
2008-05-13/a>Swa FrantzenMay 2008 black tuesday overview
2008-05-05/a>John BambenekDefenses Against Automated Patch-Based Exploit Generation
2008-04-18/a>John BambenekThe Patch Window is Gone: Automated Patch-Based Exploit Generation
2008-04-09/a>Joel EslerISC Podcast Episode Number 2
2008-04-08/a>Swa FrantzenApril 2008 - Black Tuesday Overview
2008-04-08/a>Swa FrantzenNotes file viewer vulnerabilities
2008-03-11/a>Swa FrantzenMarch Black Tuesday Overview
2008-02-12/a>Swa FrantzenFebruary Black Tuesday Overview
2008-01-08/a>Swa FrantzenJanuary Black Tuesday overview
2007-12-11/a>Swa FrantzenDecember black tuesday overview
2007-11-13/a>Swa Frantzennovember black tuesday overview
2007-10-09/a>Swa FrantzenOctober Black Tuesday overview
2007-09-11/a>Swa FrantzenSeptember microsoft patch overview
2007-08-14/a>Swa FrantzenAugust 'Black Tuesday' overview
2007-07-10/a>Swa FrantzenJuly 'Black Tuesday' overview
2007-06-12/a>Johannes UllrichJune 2007, Microsoft Patch Tuesday Overview.
2007-05-08/a>Swa FrantzenMay 2007, Black Tuesday patch overview
2007-04-10/a>Swa FrantzenMicrosoft black Tuesday patches - April 2007
2007-04-03/a>Swa Frantzen* Microsoft out of cycle patch
2007-02-13/a>Swa FrantzenMicrosoft Black Tuesday patches - February 2007
2007-01-09/a>Swa FrantzenMicrosoft Patches - January 2007 - overview
2006-12-12/a>Robert DanfordMS06-078: 2 Windows Media Format Vulnerabilities (CVE-2006-4702, CVE-2006-6134)
2006-12-12/a>Swa FrantzenOffline Microsoft Patching
2006-12-12/a>Swa FrantzenThe missing Microsoft patches
2006-12-12/a>Swa FrantzenMicrosoft Black Tuesday - December 2006 overview
2006-11-14/a>Swa FrantzenMicrosoft Black Tuesday Overview
2006-10-09/a>Swa FrantzenMicrosoft black tuesday - October 2006 STATUS
2006-09-26/a>Jim ClausingMS06-049 re-release
2006-09-12/a>Swa FrantzenMicrosoft security patches for September 2006
2006-08-17/a>Swa FrantzenMicrosoft August 2006 Patches: STATUS