WSUS Can’t Handle This

Microsoft Releases Fix for Patch Tuesday Blunder When Patch Tuesday rolled out earlier this month, it came with an unexpected problem. Two updates, KB4480970 and KB4480960, created network shares accessing errors. Patch deployment strategies had to be halted and the update required removal. Now, Microsoft has released a new update, KB4487345, that should fix the…

Do Not Deploy These Updates!

Microsoft’s monthly rollup causing network problems When Microsoft releases their monthly ‘Patch Tuesday’ rollup, the idea is to address vulnerabilities causing issues. But sometimes the release creates new issues. This month, that is what has happened. KB4480970 (Monthly Rollup) and KB4480960 (Security Update) are causing serious network issues where network shares can no longer be…

Urgent Adobe Update

Adobe Releases Critical Updates for Reader and Acrobat Two out-of-band security updates have been released by Adobe, patching critical vulnerabilities in Acrobat and Reader. These updates effect both the Windows and macOS operating systems. The first vulnerability, CVE-2018-16011, is a use-after-free problem which can lead to arbitrary code execution if exploited could permit the execution…

Emergency Fix for IE Zero Day

Microsoft Releases Patch to Address Active Exploit After learning about it from Google, Microsoft has moved to fix CVE-2018-8653. This flaw in Internet Explorer is being actively exploited in the wild. According to the Microsoft release, this remote code execution issue “could corrupt memory in such a way that an attacker could execute arbitrary code…

Google’s Project Zero Discloses Logitech Vulnerability

Logitech’s Logic Called Into Question On December 11, Google’s Project Zero disclosed a vulnerability in Logitech’s Options application. It seems that the application opened a port (10134) to simplify client-server communication. However, this also means that authentication steps would be skipped, creating possible security risks. The researcher who discovered the vulnerability, Tavis Ormandy, suggests that…

Microsoft Re-Releases Windows 10 v1809

Issue-Plagued October Update is Available…again. After being publicly pulled twice, Microsoft is tentatively releasing Windows 10 version 1809 again. To be able to deploy this update now, one would have to manually check systems through Windows Update. It will not be automatically pushed to any devices. Of the 7 issues Microsoft has been tracking, 3…

Equifax Blames One IT Guy for Not Patching

Former Equifax CEO Blames One Employee for Massive Hack After over a year of investigation, the U.S. House of Representatives Oversight and Government Reform Committee have released their report on the Equifax data breach. Their report is scathing, drawing immediate attention to massive failures. The report calls the hack “entirely preventable” and states that there…