Vulnerabilities | Tek Tips Whitepaper Library

Shavlik Statement on Today’s Patch Tuesday Releases
by Jason Miller

Microsoft has released 4 new security bulletins in the July 2010 edition of patch Tuesday. These bulletins address 5 vulnerabilities. It is not uncommon, and has become expected, for a light patch Tuesday to follow a heavy patch Tuesday release from Microsoft. Last month, Microsoft released a heft...

Join the discussion

Shavlik Statement on June Patch Tuesday
by Jason Miller

"Today’s Patch Tuesday could be one of the more challenging ones for IT administrators this year. Today, Microsoft has released 10 new security bulletins for the June 2010 edition of patch Tuesday. These 10 bulletins address a total of 34 vulnerabilities. Two security advisories have be...

Join the discussion

May 2010 Patch Tuesday affects Microsoft Visual Basic for Applications
by Jason Miller

Jason Miller. Data and Security Team Manager for Shavlik Technologies’ Patch Patrol has a contrarian point of view on today’s patch releases; while few in number, the vulnerabilities are pretty serious. Shavlik is based in Minneapolis. "Microsoft has released 2 new secu...

Join the discussion

Shavlik statement on Microsoft’s re-release of MS10-106 patch for Microsoft Producer 2003
by Jason Miller

Microsoft has re-released MS1-106 which was originally released during the March 2010 version of Patch Tuesday. When the bulletin was released, Microsoft stated that Microsoft Producer 2003 contained the vulnerability. But, Microsoft chose not to supply a patch for the vulnerability. With this re-...

Join the discussion

Shavlik Statement on April 13 Patch Tuesday Releases
by Jason Miller

Microsoft has released 11 new security bulletins for this month’s Patch Tuesday, addressing 29 vulnerabilities. This month’s security bulletins range from servers to workstations with a lot of affected products. This month you can count on pretty much every type of Windows computer bei...

Join the discussion

Shavlik Advanced Commentary for Next Week’s Patch Tuesday
by Jason Miller

Microsoft just announced their Patch Tuesday Advanced Notification for the April 2010 edition of Patch Tuesday. They are planning on releasing 11 new security bulletins fixing 25 vulnerabilities. • 5 bulletins are rated Critical • 5 bulletins are rated Important • 1 bulletin is rated...

Join the discussion

Justifying IT Security: Managing Risk & Keeping Your Network Secure
by Qualys

The goal of a security program is to choose and implement cost effective countermeasures that mitigate the vulnerabilities that will most likely lead to loss. This paper discusses the management of Risk and how Vulnerability Management is one of the few counter-measures easily justified by its abili...

Join the discussion

Delays Lead To Zero Day Vulnerability
by Tek-Tips

Democracy, the elusive political system, got a lift from Twitter’s Founder, Evan Williams. As we shared earlier this week, prior to Google’s recent refusal to abide by China’s censorship rules, CCTV’s Tian Wei reminded everyone that Google courted and vowed to keep within...

Join the discussion

Shavlik Statement on Emergency Out-of-Band Patch for IE Attack Code Used to Hack Google
by Jason Miller

"Microsoft has gone out-of-band from their normal release cycle for a critical security bulletin release. The bulletin addresses the zero-day vulnerability described in Security Advisory KB979352. The last time Microsoft went out-of-band for a security bulletin was in July 2009. That bulletin...

Join the discussion

Effective Management of Static Analysis Vulnerabilities and Defects
by Coverity

Whether your organization utilizes an agile or waterfall development methodology, the addition of static analysis will bring about a change in the way your development team thinks about their code. This is because an accurate static analysis tool is a source of information that demands the attention...

Join the discussion

The Top 10 Reports for Managing Vulnerabilities
by Qualys

New network vulnerabilities appear constantly and the ability for IT security professionals to handle new flaws, fix misconfigurations and protect against threats requires constant attention. However, with shrinking budgets and growing responsibilities, time and resources are at constrained. Therefo...

Join the discussion

Shavlik Technologies on November Patch Tuesday Releases
by Jason Miller

“Microsoft has released six new security bulletins in November’s Patch Tuesday. Administrators are getting a bit of a break after last month’s mammoth security bulletin release. MS09-065 is the first bulletin administrators should address. This bulletin affects the Windows Kernel...

Join the discussion

When Less is More: Why Small Companies Should Think Outside the (Red/Yellow) Box for Protecting Endpoints
by Sunbelt Software

Endpoint security issues simply can’t be ignored, regardless of the size of the organization. Small enterprises in particular often need to "do more with less" when it comes to protecting their endpoints from Internet-based threats and vulnerabilities. Read this “Sector Insig...

Join the discussion

Free Guide: Web Application Security - How to Minimize Prevalent Risk of Attacks
by Tek-Tips

Vulnerabilities in web applications are now the largest vector of enterprise security attacks. Stories about exploits that compromise sensitive data frequently mention culprits such as “cross-site scripting,” “SQL injection,” and “buffer overflow.” Vulnerabilities...

Join the discussion

Another Lesson The Twitter Worm Teaches
by Tek-Tips

Twitter may be in the news this week for the wave of attacks on it users but the past year has shown repeated cross-site scripting infiltrations on sites such as Facebook, eBay and HSBC, the financial institution. What’s different this time is how much faster the community can respond due to ...

1 Comment