BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Filter:

Security Research

patch-tuesday

August 2013 Patch Tuesday

Posted August 13, 2013    BeyondTrust Research Team

Just a little over one week after hackers flooded Vegas for BlackHat and Defcon, August’s Patch Tuesday greets us with eight bulletins: three critical and five important. Software fixed this month includes Internet Explorer, Exchange, Windows, and Active Directory. MS13-059 addresses 11 privately disclosed vulnerabilities, including multiple memory corruptions, an information disclosure, and a privilege…

Tags:
,
patch-tuesday

July 2013 Patch Tuesday

Posted July 9, 2013    BeyondTrust Research Team

July’s patch Tuesday fixes vulnerabilities in .NET, Windows, and Internet Explorer. There are a total of seven bulletins addressing 34 unique vulnerabilities; six bulletins are rated critical and one is rated important. MS13-052 addresses a TrueType font parsing vulnerability in .NET (CVE-2013-3129, also addressed in MS13-053 and MS13-054), as well as six other vulnerabilities. This…

Tags:
, ,

May 2013 Patch Tuesday

Posted May 14, 2013    BeyondTrust Research Team

In May’s Patch Tuesday, the fixes provided by Microsoft mostly target client-sided applications, along with a fix for a server-sided component. These 10 patches address 33 vulnerabilities in Internet Explorer (including the recent 0day), .NET, Lync, Publisher, Word, Visio, Windows Essentials, Kernel mode drivers, and the HTTP.sys component. Two patches were released this month for…

January 2013 Patch Tuesday: Patches, but none for the IE 0day!

Posted January 8, 2013    BeyondTrust Research Team

Happy New Year! Starting off 2013, we’ve got a critical vulnerability within the Windows Print Spooler, and we’re still seeing bugs surface in widely used software like MSXML, the .NET framework, and SSL/TLS. January’s Patch Tuesday greets us with seven patches, addressing 12 vulnerabilities across a spectrum of Microsoft software. Two of these bulletins are…

thumbnail

December 2012 Patch Tuesday: Oracle Outside In, TrueType, and more

Posted December 11, 2012    Carter Jones

December’s Patch Tuesday brings us a great collection of vulnerabilities, ranging from Oracle Outside In vulnerabilities within Exchange to TrueType vulnerabilities in every version of Windows. It seems like these are the vulnerabilities that just keep giving. Along with these, other bugs were squashed in Internet Explorer, Microsoft Word, Windows File Handling, DirectPlay, and IP-HTTPS….

img

Don’t say “Lockdown”!

Posted October 15, 2012    Peter McCalister

Here at BeyondTrust, we have been fortunate to be able to speak with thousands of security professionals in dozens of industries, and it is astonishing how differently organizations assess risk and approach computer security. Some organizations are very strict about security and are able to completely lock down desktops. Others are significantly more lax about…

Tags:
, ,
winning

July VEF Participant Wins a Kindle Fire

Posted July 31, 2012    Sarah Lieber

As you all know, every month we host our Vulnerability Expert Forum (VEF) webinar. This is a time where our experts share valuable insight regarding new vulnerabilities that are discovered and the actions that need to be taken as a result. It’s a quick way to get up to speed on current potential risks to…

Tags:
, , , , ,
google-bouncer

Google’s Bouncer Gets Roughed Up; Why You Should Care

Posted June 28, 2012    Jerome Diggs

With the increasing number of devices and applications in the enterprise, driven by the “consumerization of IT” and Bring Your Own Device (BYOD), companies are faced with the need for visibility as to what risk is being introduced to the enterprise. One might think this is a challenge the handset or mobile platform vendors are…

Tags:
, , , , , ,
kindle

June VEF Participant Wins a Kindle Fire

Posted June 21, 2012    Sarah Lieber

As you all know, every month we host our Vulnerability Expert Forum (VEF) webinar. This is a time where our experts share valuable insight regarding new vulnerabilities that are discovered and the actions that need to be taken as a result. It’s a quick way to get up to speed on current potential risks to…

Tags:
, , , , ,
VEF-March-newsletter-98x98

eEye’s May Patch Tuesday Assessment Now Available On Demand

Posted May 17, 2012    Sarah Lieber

Miss our live VEF webinar earlier this week? In case you did, I’ve put all of the content together for you below. Enjoy! Additionally, access this month’s Security Bulletin, a list of all the Audit IDs, and the PDF of the presentation. If you have additional questions you’d like to ask the research team about…

Tags:
, , , , , ,