Emergency Fix for IE Zero Day

Microsoft Releases Patch to Address Active Exploit After learning about it from Google, Microsoft has moved to fix CVE-2018-8653. This flaw in Internet Explorer is being actively exploited in the wild. According to the Microsoft release, this remote code execution issue “could corrupt memory in such a way that an attacker could execute arbitrary code…

Google’s Project Zero Discloses Logitech Vulnerability

Logitech’s Logic Called Into Question On December 11, Google’s Project Zero disclosed a vulnerability in Logitech’s Options application. It seems that the application opened a port (10134) to simplify client-server communication. However, this also means that authentication steps would be skipped, creating possible security risks. The researcher who discovered the vulnerability, Tavis Ormandy, suggests that…

Microsoft Re-Releases Windows 10 v1809

Issue-Plagued October Update is Available…again. After being publicly pulled twice, Microsoft is tentatively releasing Windows 10 version 1809 again. To be able to deploy this update now, one would have to manually check systems through Windows Update. It will not be automatically pushed to any devices. Of the 7 issues Microsoft has been tracking, 3…

Whitepaper: Why You Will Replace Microsoft SCCM

The Systems Management Replacement Cycle We have spent more than a decade helping IT organizations install and maintain their systems management solutions. Over time, we noticed an unfortunate pattern: many companies were stuck in an endless cycle of replacing their systems management solutions every few years. This never-ending replacement cycle is not just expensive and…

Equifax Blames One IT Guy for Not Patching

Former Equifax CEO Blames One Employee for Massive Hack After over a year of investigation, the U.S. House of Representatives Oversight and Government Reform Committee have released their report on the Equifax data breach. Their report is scathing, drawing immediate attention to massive failures. The report calls the hack “entirely preventable” and states that there…

December Patch Tuesday: Disclosed & Exploited

Patch Tuesday Release: The Latest News Microsoft has released half the updates they released last month: 39 security patches total. Thee cover Internet Explorer (IE), Edge, ChakraCore, Hyper-V, Exchange, Windows components, .NET Core, SQL Server, and Microsoft Office.  9 of these are listed as Critical with the remaining 30 as Important. Adobe Fixes Many Vulnerabilities…

December Patch Tuesday: Disclosed & Exploited

Patch Tuesday Release: The Latest News Microsoft has released half the updates they released last month: 39 security patches total. Thee cover Internet Explorer (IE), Edge, ChakraCore, Hyper-V, Exchange, Windows components, .NET Core, SQL Server, and Microsoft Office.  9 of these are listed as Critical with the remaining 30 as Important. Adobe Fixes Many Vulnerabilities…

Prepare for Patch Tuesday!

Do you have a patching strategy? It should include turning off Automatic Windows update. Patch Tuesday is here. To avoid the usual splitting headache, we recommend disabling automatic updates for Windows and implementing a reliable patch strategy. Windows 10 updates whether you want it to or not…unless you know the trick. While we recommend that…

What’s Better Than WSUS?

Microsoft WSUS is Not Enough While you may already have Microsoft® Windows Server Update Services (WSUS) in your IT environment for deploying Microsoft product updates to your Windows workstations, have you thought about patching non-Microsoft software that you run on your enterprise computers? These non-Microsoft software products, such as Oracle, Java®, and Adobe Reader®, may…

Critical 9.9 Zoom Vulnerability

Exploit Could Install Malware on Desktops Research done by Tenable®, Inc. has revealed a critical vulnerability in Zoom’s Desktop Conferencing Application. Over 750,000 companies use Zoom as their conferencing and webinar platform. This exploit could be leveraged to spoof chat messages, remove and lock out conference attendees, and even bypass screen control permissions to execute…