Patch Tuesday

Adobe Security Bulletins Posted APSB14-11 – Security hotfix available for Adobe Illustrator (CS6) APSB14-14 – Security updates available for Adobe Flash Player  APSB14-15 – Security updates available for Adobe Reader and Acrobat Microsoft updates Posted Not so bad, but the days not over yet 🙂

Windows 8 Group Policy to prevent Dual Home

After years of refusing customers demands to be able to block wireless connections when on a wired network, Microsoft has finally relented in Windows 8. A blog post by Tal Sarid, a Microsoft Consultant, Windows 8 has new policy to prevent users from being connected to your corporate network and an external wireless network–and vise versa! …

Continue reading ‘Windows 8 Group Policy to prevent Dual Home’ »

LinkedIn Outlook Social Connector Password

After the recent Linkedin password hash disclosure, I thought it best to change my password.   Better safe than sorry.   So I logged into the website and set the password to something long (12) and random with Uppers, lowers, Numbers and special characters.    I verified the new password worked and was stored safely in LastPass and all was good.   For a while. …

Continue reading ‘LinkedIn Outlook Social Connector Password’ »

Windows 8 Patch Reboot Policy

I’m kind of confused by the headlines that Microsoft is streamlining the security update process in Windows 8 resulting in less reboots. One could easily conclude from the headline that Microsoft has gone to work to make it less necessary to reboot when updates are applied.   Instead they are saving up reboots until patch Tuesday. It …

Continue reading ‘Windows 8 Patch Reboot Policy’ »

Patch Tuesday

Mozilla took mercy on us and wont have their previously announced updates for Firefox and Thunderbird ready until next week. Adobe took up the slack by releasing updates for Adobe Flash and Shockwave in addition to the previously announced updates for Adobe Acrobat and Reader.    I was wondering about an Adobe AIR update.   Seems like …

Continue reading ‘Patch Tuesday’ »

Why Microsoft cannot open Windows Update to third-party developers

This morning I saw a post from Larry Seltzer rehashing the argument that Microsoft should be allowing the deployment of third part updates via Microsoft Update.  (He uses the older term “Windows Update” which is for Windows products only.   Microsoft Update is the term for the update server for the broader group of Microsoft products).  He argues, there …

Continue reading ‘Why Microsoft cannot open Windows Update to third-party developers’ »

Microsoft MHTML Handler Zero Day

Microsoft issued a security advisory on Friday for a vulnerability in all supported versions of Windows. The vulnerability exists due to the way MHTML interprets MIME-formatted requests for content blocks within a document. It is possible under certain conditions for this vulnerability to allow an attacker to inject a client-side script in the response of …

Continue reading ‘Microsoft MHTML Handler Zero Day’ »

KB2264107 Available Through Microsoft Update

A mere 5 months after its initial release, Microsoft has made update KB 2264107 available through Microsoft Update.   Previously it had been available only as a direct download.  This patch was created to control the DLL search path algorithm.  As I understand it deploying the patch only gives you the ability to then deploy a …

Continue reading ‘KB2264107 Available Through Microsoft Update’ »