BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Filter:

Posts Tagged ‘Microsoft’

patch-tuesday

July 2013 Patch Tuesday

Posted July 9, 2013    BeyondTrust Research Team

July’s patch Tuesday fixes vulnerabilities in .NET, Windows, and Internet Explorer. There are a total of seven bulletins addressing 34 unique vulnerabilities; six bulletins are rated critical and one is rated important. MS13-052 addresses a TrueType font parsing vulnerability in .NET (CVE-2013-3129, also addressed in MS13-053 and MS13-054), as well as six other vulnerabilities. This…

Tags:
, ,
usa-today

Our CTO, Marc Maiffret Interviewed on USA Today

Posted June 21, 2013    Sarah Lieber

Marc Maiffret, BeyondTrust’s CTO, was recently interviewed on USA Today in the article, “The long road from Code Red to Microsoft’s bug bounty”, where he discussed with Byron Acohido Microsoft’s concession to finally begin paying bug bounties. They talked about why this is a big deal for Microsoft and what Maiffret thinks about this new program. An excerpt…

Tags:
, , , , , ,
retinacs-dashboard

Our Newest Product Release: Retina CS 4.5

Posted June 13, 2013    Sarah Lieber

We are very excited for our latest release of Retina CS 4.5. With this release, the Retina CS platform continues to extend our leadership in risk identification and prioritization. By integrating the PowerBroker product portfolio with Retina CS, our customers are able to combine vulnerability data with privileged identity and password management risk intelligence, which provides them with improved situational…

Tags:
, , , , , , , , , ,
IE-0day

Internet Explorer 8 0day

Posted May 6, 2013    BeyondTrust Research Team

Last week, news broke that the U.S. Department of Labor’s (DoL) website was compromised… and that it had been serving up Internet Explorer 0day to its visitors. This 0day, CVE-2013-1347 (Retina Audit 19041 – Microsoft Internet Explorer 8 Remote Code Execution Vulnerability (Zero-Day)), only affects Internet Explorer 8 on Windows XP, Vista, and Windows 7 (as well as Server 2003,…

Tags:
, , , , , , ,
patch-tuesday

March 2013 Patch Tuesday: Cleaning House

Posted March 12, 2013    BeyondTrust Research Team

Patch Tuesday is upon us and this month, Microsoft is doing a little spring cleaning of vulnerabilities, fixing a well-rounded collection of client-side vulnerabilities, along with a few server-side vulnerabilities for good measure. This month, the affected software includes Internet Explorer, Silverlight, Visio Viewer, SharePoint, OneNote, Outlook for Mac, and a Windows kernel-mode driver. In…

Tags:
, , , ,
sccminteg-img2

Microsoft SCCM Integration with Retina CS Threat Management Console

Posted November 28, 2012    Jerome Diggs

Overview Retina CS enables teams to centrally manage organization-wide IT security and compliance initiatives from a single, web-based console. It provides discovery, prioritization, and remediation of security risks by delivering what matters the most – context. Retina CS is the centerpiece of the BeyondTrust vision of Context Aware Security Intelligence which helps organizations answer the…

Tags:
, , , , , , ,

IE 0day Fixed in Out-of-Band Patch

Posted September 21, 2012    The eEye Research Team

Microsoft has released a patch to fix the IE 0day, CVE-2012-4969, along with four other privately reported CVEs that lead to remote code execution (CVE-2012-1529, CVE-2012-2546, CVE-2012-2548, and CVE-2012-2557). One interesting thing to note is that CVE-2012-2546 and CVE-2012-2548 only affect the most recent version of Internet Explorer, IE 9. The now-patched 0day, CVE-2012-4969, affects…

Tags:
, , , ,
blackholetoolkit1

BlackHole toolkit targets Microsoft XML Core Services flaw

Posted August 1, 2012    Sarah Lieber

Blackhole is a popular exploit kit used to inject malware onto PCs that visit an exploited site, or are redirected to such a site from another, compromised website.  As hackers get bolder they use these types of toolkits to compromise computer networks.  This allows less sophisticated individuals and organizations to compromise computer networks since these…

Tags:
, , , , , , , ,
winning

July VEF Participant Wins a Kindle Fire

Posted July 31, 2012    Sarah Lieber

As you all know, every month we host our Vulnerability Expert Forum (VEF) webinar. This is a time where our experts share valuable insight regarding new vulnerabilities that are discovered and the actions that need to be taken as a result. It’s a quick way to get up to speed on current potential risks to…

Tags:
, , , , ,
kindle

June VEF Participant Wins a Kindle Fire

Posted June 21, 2012    Sarah Lieber

As you all know, every month we host our Vulnerability Expert Forum (VEF) webinar. This is a time where our experts share valuable insight regarding new vulnerabilities that are discovered and the actions that need to be taken as a result. It’s a quick way to get up to speed on current potential risks to…

Tags:
, , , , ,