Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.


Network Security


April 2015 Patch Tuesday

Posted April 14, 2015    BeyondTrust Research Team

Microsoft gave everyone a breather in this month’s Patch Tuesday, serving up fixes for a surprisingly modest 26 vulnerabilities. The fixes address various flaws including remote code execution, information disclosure, security feature bypass and cross-site scripting to name a few. Let’s dive right in: MS15-032 – Cumulative Security Update for Internet Explorer (3038314) IE makes…

, ,

On Demand Webinar: Group Policy Backup and Restore

Posted March 19, 2015    Lindsay Marsh

Join Group Policy MVP, Jeremy Moskowitz of, and learn several ways to backup your GPOs, and ensure that when disasters occur (and they always do) that you’re prepared and ready to act. This is a webinar you don’t want to miss!

Enterprise Password Management

On-Demand Webinar: The Dark and Bright Side of Enterprise Password Management

Posted March 12, 2015    BeyondTrust Software

New webinar featuring Security Expert MVP, Paula Januszkiewicz in a discussion on Enterprise Password Management.

, , ,

March 2015 Patch Tuesday

Posted March 10, 2015    BeyondTrust Research Team

Microsoft patched 44 CVEs across 14 bulletins this month, with vulnerabilities in Internet Explorer and Adobe Font Driver necessitating the bulk of those fixes. With so many bulletins, it was only natural that a wide variety of security flaws were found:  remote code execution, elevation of privilege, denial of service, information disclosure, cross-site scripting, spoofing and security feature bypass were all present and accounted…

, ,

Fuzzing for MS15-010

Posted February 17, 2015    Bill Finlayson

Intro This past Patch Tuesday Microsoft released MS15-010: Vulnerabilities in Windows Kernel-Mode Driver Could Allow Remote Code Execution.  This patch addressed multiple privately reported vulnerabilities in win32k.sys and one publicly disclosed vulnerability in cng.sys. Win32k.sys Diff The first notable thing we noticed was that several handlers for TrueType instructions, @irtp_*, were touched.  While we did…

, ,

February 2015 Patch Tuesday

Posted February 10, 2015    BeyondTrust Research Team

Microsoft patched a fairly hefty 58 CVEs across 9 bulletins this month, with Internet Explorer taking the lion’s share of those fixes. Among the offending flaws are remote code execution, security bypass, elevation of privilege, and information disclosure vulnerabilities. MS15-009 fixes 41 assorted flaws in Internet Explorer including remote code execution, ASLR bypass, privilege elevation…

, ,
Anthem Breach

The Anthem Breach: What We Know Now

Posted February 5, 2015    Morey Haber

I learned about the breach directly from the CEO before all the hype and speculation hit. This is the level of caring and responsibility I personally expect as an Anthem customer. So now that the news is out there, let’s talk about the technical aspects of the breach.

, , , ,

Advanced Threat Analytics Reveals Hidden Risks: Introducing BeyondInsight Clarity

Posted February 3, 2015    Chris Burd

BeyondInsight Clarity, now shipping standard with BeyondInsight v5.4, enables our customers to detect critical IT security threats previously lost amidst volumes of data, while identifying specific users, accounts and assets exhibiting patterns of risky activity.

, , , , , , , , ,

GHOST Vulnerability…Scary Indeed

Posted January 28, 2015    BeyondTrust Research Team

A vulnerability discovered by Qualys security researchers has surfaced within the GNU C Library that affects virtually all Linux operating systems. The vulnerability lies within the various gethostbyname*() functions and, as such, has been dubbed “GHOST.” GHOST is particularly nasty considering remote, arbitrary code execution can be achieved. In an effort to avoid taxing DNS lookups, glibc developers introduced…


Adobe Patches Zero-Day Flaw Being Exploited in the Wild

Posted January 22, 2015    BeyondTrust Research Team

Earlier this week, French malware researcher Kafeine reported on a new Adobe Flash zero-day vulnerability that was being exploited in the wild using the latest versions of the Angler Exploit Toolkit. “Any version of Internet Explorer or Firefox with any version of Windows will get owned if Flash up to (included) is installed and enabled”…

, , , , ,