2 min
Nexpose
Nexpose Content Release Cadence
Over the past year our Nexpose team has taken on the challenge of overhauling
our product and internal processes to enable more frequent and seamless content
releases. The objective is simple, get customers content to their consoles
faster without disrupting their workflow and currently running or scheduled
scans. This enables security teams to respond to industry trends much faster and
coupled with our new adaptive security feature enables low impact delta scans of
just the new or updated vulne
Read Full Post
1 min
Update Tuesday, September 2015
This month, Microsoft includes 12 security bulletins, comprised of 52 CVEs, with
five bulletins being rated critical. All five critical bulletins (MS15-094,
MS15-095, MS15-097, MS15-098, MS15-099) and MS15-100 are remote code execution
issues affecting Internet Explorer, Edge, Microsoft Graphics, Windows Journal,
Microsoft Office and Media Center. Users can be affected by the remote execution
issues by viewing a specially crafted web page, journal file, office file or
media center link (.mcl).
Read Full Post
3 min
Microsoft
Update Tuesday, August 2015
This month's update includes 14 Microsoft security bulletins (52 CVEs), with
three being rated as critical. One of these vulnerabilities has already affected
MS office (MS15-081) and has been detected as being exploited in the wild. As
per the norm, Adobe has also released a high priority Air\Flash security patch
(APSB15-19) to address 34 CVEs on multiple affected platforms (IE, Edge,
Windows, Macintosh, Android and iOS).
Microsoft seems to have implemented a new strategy for Windows 10, as the
Read Full Post
2 min
Patch Tuesday, July 2015
Administrators and security teams are in for a hectic week tackling 14
[https://technet.microsoft.com/library/security/ms15-jul] Microsoft security
bulletins, 2 [https://helpx.adobe.com/security.html] Adobe updates addressing 4
CVEs for Flash\Shockwave and Oracle has released their quarterly update for 63
[http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html] of
their product suites (including Java, Oracle DB, MySQL and Solaris).
Of the 14 Microsoft security bulletins, 4 re
Read Full Post
1 min
Patch Tuesday, June 2015
This month Microsoft has released 8 security bulletins, affecting all supported
platforms through remote code execution and elevation of privilege. Of the 8
Microsoft security bulletins, two are critical. Both critical bulletins
(MS15-056 and MS15-057) are phishing based attacks requiring execution of a
specially crafted website or specially crafted Microsoft Office file. An
escalation of privilege could be possible in Microsoft Exchange Server
(MS15-064) by means of Server-Side Request Forgery
Read Full Post
1 min
Patch Tuesday
Patch Tuesday, May 2015
This month Microsoft has released 13 security bulletins, once again this affects
all supported platforms and includes remote code execution and elevation of
privilege vulnerabilities. To accompany these patch updates, Adobe has released
new versions of Reader, Acrobat and Flash Player resulting in vulnerability
fixes for 52 CVEs (most of which are rated as critical). Of the 13 Microsoft
bulletins, 3 are rated as critical and require user interaction for
exploitability, this is typical of attacks
Read Full Post
2 min
Patch Tuesday
Patch Tuesday, April 2015
Administrators and security teams are in for a busy couple days tackling 11
Microsoft security bulletins, 3 Adobe updates and Oracle updates for 43 of their
product suites (including Java, Databases and Solaris).
Of the 11 Microsoft bulletins, 4 are rated as 'Critical' and affect virtually
all supported desktop/server platforms and all supported installations of MS
Office (including Office for Mac 2011). These 11 bulletins address 26 CVEs, with
the exploitation of CVE-2015-1641 being detected i
Read Full Post
1 min
Patch Tuesday, March 2015
This month Microsoft has released 14 new bulletins, 5 of which are rated as
“Critical” and another 9 as “Important”. As a déjà vu from last month, a
critical remote code execution vulnerability (MS15-018) affecting all supported
Internet Explorer versions (6-11) is being patched, which addresses 12 CVEs. The
patch addresses issues with Internet Explorer's memory management that could
allow the remote corruption of memory and result in the execution of malicious
code as the current user. As alway
Read Full Post