end-of-the-line-for-windows-xp

End of the line for Windows XP

Support for Windows XP is ending: after today there will be no new security updates, non-security hotfixes, free or paid assisted support options or online technical content updates. Is this a problem? After all, it’s a 12-year old operating system.… Read Full Article

adobes-first-patch-tuesday-of-2014

Adobe's First Patch Tuesday of 2014

This month’s Adobe Patch Tuesday release sees fixes for Flash Player, Acrobat and Reader. All vulnerabilities get the highest priority rating. This means future exploits are likely. The Flash Player bulletin was only announced today. CVE-2014-0491 and CVE-2014-0492 both concern remote code… Read Full Article

patch-tuesday-april-2012-patching-multiple-web-based-client-side-and-spearphishing-exposures-21

Patch Tuesday April 2012 - Patching Multiple Web Based Client Side and Spearphishing Exposures

This month’s patch Tuesday fixes a small set of critical vulnerabilities in a variety of client side software. Six bulletins have been created to address eleven exploitable flaws. Two of the bulletins are top priority and should be addressed ASAP. These are the MS12-023 bulletin, patching a set of five Internet Explorer vulnerabilities leading to remote code execution, and the MS12-027 bulletin, patching the MSCOMCTL ActiveX Control. Read Full Article

when-certificate-authority-business-models-and-vendor-certificate-policies-clash-26

When Certificate Authority Business Models and Vendor Certificate Policies Clash

A very important “internet trust” discussion is underway that has been hidden behind closed doors for years and in part, still is. While the Comodo , Diginotar, and Verisign Certificate Authority breaches forced discussion and action into the open, this time, this “dissolution of trust” discussion trigger seems to have been volunteered by Trustwave’s policy clarification , and followup discussions on Mozilla’s bugzilla tracking and mozilla.dev.security.policy .

Read Full Article