BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Filter:

Posts Tagged ‘Microsoft’

patch-tuesday

November 2013 Patch Tuesday

Posted November 12, 2013    BeyondTrust Research Team

November’s Patch Tuesday cycle brings us fixes for a variety of software including Internet Explorer, the Graphics Device Interface (GDI), Office, Hyper-V, Outlook, and others. There are a total of 8 patches, fixing 19 unique vulnerabilities; three bulletins are rated as critical and the other five are rated as important. If you’ve been following the…

Tags:
, ,
patch-tuesday

October 2013 Patch Tuesday: 10 Year Anniversary Edition

Posted October 8, 2013    BeyondTrust Research Team

Happy 10th birthday, Patch Tuesday! This month marks the 10th anniversary of the Patch Tuesday process we’re all familiar with. To kick off the anniversary celebrations, October’s patch Tuesday fixes vulnerabilities in Internet Explorer, the Windows Kernel, .NET, SharePoint, Office, and more. There are a total of 8 patches, fixing 26 unique vulnerabilities; four bulletins…

Tags:
, ,
patch-tuesday

September 2013 Patch Tuesday

Posted September 10, 2013    BeyondTrust Research Team

September’s Patch Tuesday fixes vulnerabilities in SharePoint, Outlook, Word, Excel, Kernel drivers, and more. There are a total of 13 patches, fixing 47 unique CVEs; four bulletins are rated critical and nine bulletins are rated important. MS13-067 addresses ten vulnerabilities in SharePoint server, including versions 2003, 2007, 2010, and 2013, along with Office Web Apps…

Tags:
,
patch-tuesday

July 2013 Patch Tuesday

Posted July 9, 2013    BeyondTrust Research Team

July’s patch Tuesday fixes vulnerabilities in .NET, Windows, and Internet Explorer. There are a total of seven bulletins addressing 34 unique vulnerabilities; six bulletins are rated critical and one is rated important. MS13-052 addresses a TrueType font parsing vulnerability in .NET (CVE-2013-3129, also addressed in MS13-053 and MS13-054), as well as six other vulnerabilities. This…

Tags:
, ,
usa-today

Our CTO, Marc Maiffret Interviewed on USA Today

Posted June 21, 2013    Sarah Lieber

Marc Maiffret, BeyondTrust’s CTO, was recently interviewed on USA Today in the article, “The long road from Code Red to Microsoft’s bug bounty”, where he discussed with Byron Acohido Microsoft’s concession to finally begin paying bug bounties. They talked about why this is a big deal for Microsoft and what Maiffret thinks about this new program. An excerpt…

Tags:
, , , , , ,
retinacs-dashboard

Our Newest Product Release: Retina CS 4.5

Posted June 13, 2013    Sarah Lieber

We are very excited for our latest release of Retina CS 4.5. With this release, the Retina CS platform continues to extend our leadership in risk identification and prioritization. By integrating the PowerBroker product portfolio with Retina CS, our customers are able to combine vulnerability data with privileged identity and password management risk intelligence, which provides them with improved situational…

Tags:
, , , , , , , , , ,
IE-0day

Internet Explorer 8 0day

Posted May 6, 2013    BeyondTrust Research Team

Last week, news broke that the U.S. Department of Labor’s (DoL) website was compromised… and that it had been serving up Internet Explorer 0day to its visitors. This 0day, CVE-2013-1347 (Retina Audit 19041 – Microsoft Internet Explorer 8 Remote Code Execution Vulnerability (Zero-Day)), only affects Internet Explorer 8 on Windows XP, Vista, and Windows 7 (as well as Server 2003,…

Tags:
, , , , , ,
patch-tuesday

March 2013 Patch Tuesday: Cleaning House

Posted March 12, 2013    BeyondTrust Research Team

Patch Tuesday is upon us and this month, Microsoft is doing a little spring cleaning of vulnerabilities, fixing a well-rounded collection of client-side vulnerabilities, along with a few server-side vulnerabilities for good measure. This month, the affected software includes Internet Explorer, Silverlight, Visio Viewer, SharePoint, OneNote, Outlook for Mac, and a Windows kernel-mode driver. In…

Tags:
, , , ,
sccminteg-img2

Microsoft SCCM Integration with Retina CS Threat Management Console

Posted November 28, 2012    Jerome Diggs

Overview Retina CS enables teams to centrally manage organization-wide IT security and compliance initiatives from a single, web-based console. It provides discovery, prioritization, and remediation of security risks by delivering what matters the most – context. Retina CS is the centerpiece of the BeyondTrust vision of Context Aware Security Intelligence which helps organizations answer the…

Tags:
, , , , , , ,

IE 0day Fixed in Out-of-Band Patch

Posted September 21, 2012    The eEye Research Team

Microsoft has released a patch to fix the IE 0day, CVE-2012-4969, along with four other privately reported CVEs that lead to remote code execution (CVE-2012-1529, CVE-2012-2546, CVE-2012-2548, and CVE-2012-2557). One interesting thing to note is that CVE-2012-2546 and CVE-2012-2548 only affect the most recent version of Internet Explorer, IE 9. The now-patched 0day, CVE-2012-4969, affects…

Tags:
, , , ,