Naked Security

Microsoft Patch Tuesday: 74 CVEs plus 2 “Exploit Detected” advisories

74 CVEs, and two "Exploitation Detected" advisories, which are nearly but not quite the same as 0-days. Also, two potential Teams treacheries that you really want to fix.

Naked Security

S3 Ep143: Supercookie surveillance shenanigans

Latest episode - listen now! (Full transcript inside.)

Naked Security

Microsoft patches four zero-days, finally takes action against crimeware kernel drivers

Here's a brief reminder to do two things. The first is to patch. The second is to read up why it's a good idea to patch...

Naked Security

Patch Tuesday fixes 4 critical RCE bugs, and a bunch of Office holes

No zero-days this month, if you ignore the Edge RCE hole patched last week

Naked Security

Patch Tuesday: Microsoft fixes a zero-day, and two curious bugs that take the Secure out of Secure Boot

Is Secure Boot without the Secure just "Boot"?

Naked Security

S3 Ep 126: The price of fast fashion (and feature creep) [Audio + Text]

Worried about rogue apps? Unsure about the new Outlook zero-day? Clear advice in plain English... just like old times, with Duck and Chet!

Naked Security

Microsoft fixes two 0-days on Patch Tuesday – update now!

An email you haven't even looked at yet could be used to trick Outlook into helping crooks to logon as you.

Naked Security

S3 Ep122: Stop calling every breach “sophisticated”! [Audio + Text]

Latest episode - listen now! (Full transcript inside.)

Naked Security

Microsoft Patch Tuesday: 36 RCE bugs, 3 zero-days, 75 CVEs

Lots of lovely patches for your Valentine's Day delight. Get 'em as soon as you can...

Naked Security

Microsoft Patch Tuesday: One 0-day; Win 7 and 8.1 get last-ever patches

Get 'em while they're hot. And get 'em for the very last time, if you still have Windows 7 or 8.1...

Naked Security

Patch Tuesday: 0-days, RCE bugs, and a curious tale of signed malware

Tales of derring-do in the cyberunderground! (And some zero-days.)

Naked Security

S3 Ep108: You hid THREE BILLION dollars in a popcorn tin?

Patches, busts, leaks and why even low-likelihood exploits can be high-severity risks - listen now!

Naked Security

Exchange 0-days fixed (at last) – plus 4 brand new Patch Tuesday 0-days!

In all the excitement, we kind of lost track ourselves. Were there six 0-days, or only four?

Naked Security

S3 Ep105: WONTFIX! The MS Office cryptofail that “isn’t a security flaw” [Audio + Text]

The coolest video game ever! And lots of solid cybersecurity advice - listen now!

Naked Security

Patch Tuesday in brief – one 0-day fixed, but no patches for Exchange!

There's a zero-day patch, but it's not for the zero-day you thought.

Naked Security

Follina gets fixed – but it’s not listed in the Patch Tuesday patches!

We tried it out to make sure, so you don't have to.

Naked Security

Wormable Windows HTTP hole – what you need to know

One bug in the January 2022 Patch Tuesday list is getting lots of attention: "HTTP Protocol Stack Remote Code Execution Vulnerability".

Naked Security

Check your patches – public exploit now out for critical Exchange bug

It was a zero-day bug until Patch Tuesday, now there's an anyone-can-use-it exploit. Don't be the one who hasn't patched.

Naked Security

Patch Tuesday updates the Win 7 updater… for at most 1 more year of updates

The clock stopped long ago on Windows 7, except for those who paid for overtime. But there won't be any double overtime!