May Day, May Day, Patch Day – Daily Security Byte EP. 261

Do you want to stay safe online? Then you need to keep your patches up-to-date since most Internet exploits target old flaws. Tuesday’s Byte video covers Microsoft and Adobe’s security bulletins for May. Watch below, but more importantly, go update.

(Episode Runtime: 2:38)

Direct YouTube Link: https://www.youtube.com/watch?v=tbmSGgL3TzY

EPISODE REFERENCES:

• Summary of Microsoft’s May 2016 Patch Day – Microsoft
• Adobe’s main security summary page – Adobe
• A good write-up of Microsoft Patch Day – Ghacks

— Corey Nachreiner, CISSP (@SecAdept)

Remove QuickTime for Windows – Daily Security Byte EP. 248

Trend Micro researchers found two serious vulnerabilities in Quicktime for Windows. Normally I’d tell you to patch, but instead I’m suggestion you remove. Watch today’s video to find out why.

(Episode Runtime: 1:36)

Direct YouTube Link: https://www.youtube.com/watch?v=9JmCwViLPuM

EPISODE REFERENCES:

• Trend Micro find two remote code execution flaws in Quictime for Windows – Trend Micro
• US-CERT recommend you remove Quicktime for Windows – US-CERT

— Corey Nachreiner, CISSP (@SecAdept)

April Patch Day 2016 – Daily Security Byte EP. 247

Microsoft and Adobe have delivered a fresh batch of security updates for April. If you use products from either vendor, watch today’s short Security Byte to get a summary of the updates, and more importantly, follow the links below to get your patches.

(Episode Runtime: 2:00)

Direct YouTube Link: https://www.youtube.com/watch?v=r95SPareQU4

EPISODE REFERENCES:

• Microsoft Patch Day summary for April 2016 – Microsoft
• Adobe’s April Security updates – Adobe

— Corey Nachreiner, CISSP (@SecAdept)

Badlock – Daily Security Byte EP. 242

Last week, a researcher mysteriously warned the world about an upcoming critical SMB flaw, without sharing any technical details. The warning says the flaw is bad enough that network administrators will want to prepare for it, so they know what to patch immediately. Watch below to learn what little we know about this flaw, and how the security community has reacted to the early warning.

(Episode Runtime: 3:37)

Direct YouTube Link: https://www.youtube.com/watch?v=HnpMNsprYlU

EPISODE REFERENCES:

• Early warning about a new Samba and Windows vulnerability – Badlock
• Some criticize the Badlock warning – Wired
• Getting ready for Badlock – ISC SANS
• The latest rumors about Badlock – ThreatPost

— Corey Nachreiner, CISSP (@SecAdept)

March Patch Day – Daily Security Byte EP. 227

It’s that time of the month again… Patch Day. On Tuesday, both Microsoft and Adobe released their security updates for the month of March. If you use Windows, IE, Edge, Office, or Reader, you’ll want to get these updates quickly. Watch today’s video for a quick summary, and check out the links below to find the relevant updates.

(Episode Runtime: 2:25)

Direct YouTube Link: https://www.youtube.com/watch?v=u86IswJMMow

EPISODE REFERENCES:

• Microsoft’s March Patch Day Summary – Microsoft
• Adobe’s March Patch Day Summary –  Adobe

— Corey Nachreiner, CISSP (@SecAdept)

February Patch Day Plugs Microsoft and Adobe Flaws- Daily Security Byte EP. 214

If you’re an IT administrator, you probably know that yesterday was Microsoft Patch Day. You might even know that Adobe shares this day. Watch today’s video for a quick summary of the affected products, and the scope and impact of some of the flaws. More importantly, be sure to follow the links in the Reference section to find out where to get the updates so you can patch quickly.

(Episode Runtime: 2:48)

Direct YouTube Link: https://www.youtube.com/watch?v=bhZFzPAjN8Q

EPISODE REFERENCES:

• Microsoft’s February Patch Day summary post – Microsoft
• Microsoft’s new advisories for February –Microsoft
• Good summary of Microsoft Patch Day – Ghacks
• Microsoft announces an update history page for Windows 10 – Microsoft
• Adobe’s security page with February advisories – Adobe

— Corey Nachreiner, CISSP (@SecAdept)

IT Pros Get Patches for Xmas? – Daily Security Byte EP. 188

It’s hard to call today, “Microsoft Patch Day,” when both Adobe and Apple piled on with tons of security fixes of their own. Microsoft released a dozen security bulletins today, eight rated Critical; Adobe released a Flash update fixing 78 vulnerabilities; and Apple released fixes for all their OSes and a few other products. If you use software from any of those three vendors, watch today’s episode to learn what to do, and check out the references below for more details on the updates.

(Episode Runtime: 2:54)

Direct YouTube Link: https://www.youtube.com/watch?v=6Of-SSZ7gtc

EPISODE REFERENCES:

• Microsoft’s security bulletin summary for  December 2015 – Microsoft
• Microsoft added three new security advisories this month – Microsoft
• Great blog post summarizing Microsoft Patch Day – gHacks.net
• Adobe Flash security bulletin for December 2015 – Adobe
• Apple’s security summary page with links to alerts – Apple

— Corey Nachreiner, CISSP (@SecAdept)

Patch Day Improves Browser Security – Daily Security Byte EP.157

As boring and repetitive as it may seem, patching is one of the most effective things you can do to improve your security. That’s why I suggest you keep up with Microsoft Patch Day on the second Tuesday of every month. Today, I quickly highlight Microsoft’s October security updates, so that you know the types of holes you’ll be patching. I even throw in an Adobe update as an extra. Whether or not you stick around to watch the video, I highly recommend you at least follow the links below to get the latest Microsoft patches, or let Windows’ auto-update feature apply them for you.

(Episode Runtime: 2:37)

Direct YouTube Link: https://www.youtube.com/watch?v=HHupnMtLztE

EPISODE REFERENCES:

• Summary post for October’s Microsoft Patch Day – Microsoft
  • October’s Internet Explorer update – Microsoft
  • October’s Edge update – Microsoft
  • October’s Windows Jscript/VBscript update – Microsoft
  • October’s Windows Shell update – Microsoft
  • October’s Office update – Microsoft
  • October’s Windows Kernel update – Microsoft
  • Don’t forget to check out Microsoft’s October security advisories – Microsoft
• Latest security update for Adobe Flash – Adobe

— Corey Nachreiner, CISSP (@SecAdept)

July Patch Avalanche – Daily Security Byte EP.114

This Patch Tuesday, Adobe and Oracle shared the spotlight with Microsoft, releasing updates for well over 200 vulnerabilities. Furthermore, the patches included fixes for flaws leaked during The Hacking Team fiasco. Watch today’s video for details, and be sure to update as soon as you can.

Show Note: Due to continued travel, there will likely be no video on Thursday, though I will return with one on Friday. I’ll probably skip the weekly video this time due to the light week.

(Episode Runtime: 2:21)

Direct YouTube Link: https://www.youtube.com/watch?v=aoLhMVu4zzI

EPISODE REFERENCES:

• Microsoft July Patch Day summary – Microsoft
  • A good Patch Tuesday summary – ZDNet
  • A few Microsoft Security Advisories – Microsoft
• • IE11 update fixes a Hacking Team 0day – Help Net Security
• Adobe’s security update summary – Adobe
• Oracle’s July CPU advisory – Oracle
  • A decent Oracle CPU summary – ZDNet

— Corey Nachreiner, CISSP (@SecAdept)

Microsoft Posts Critical Patches – Daily Security Byte EP.95

It happens every month… Microsoft released their June patches on Tuesday, fixing 45 vulnerabilities in a range of popular products. If you manage a Windows network, you should watch this video to get the Patch Day highlights, and to learn which products to update first. As an aside, I recorded this video Wednesday, but was not able to edit and post it until today due to travel.

 

(Episode Runtime: 2:07)

Direct YouTube Link: https://www.youtube.com/watch?v=1dUGG1eP3A8

EPISODE REFERENCES:

• Microsoft’s June Patch Day Summary Bulletin – Microsoft
• Nice blog write up will all you need for June Patch Day – Ghacks.net

— Corey Nachreiner, CISSP (@SecAdept)