Not all patching problems are created equal

Credit to Author: Susan Bradley| Date: Mon, 16 May 2022 09:00:00 -0700

It’s the third week of the month — the week we find out whether Microsoft acknowledges any side effects it’s investigating as part of the monthly patch-release process.

First, a bit of background. Microsoft has released patches for years. But they haven’t always been released on a schedule. In the early days, Microsoft would release updates any day of the week. Then in October 2003, Microsoft formalized the release of normal security updates on the second Tuesday of the month. Thus was born Patch Tuesday. (Note: depending on where you are in the world, Patch Tuesday may be a Patch Wednesday.) The following day, or in some cases, over the next week, users and admins report issues with updates — and Microsoft finally acknowledges that, yes, there are issues.

To read this article in full, please click here

Read more

May's Patch Tuesday updates make urgent patching a must

Credit to Author: Greg Lambert| Date: Sat, 14 May 2022 05:51:00 -0700

This past week’s Patch Tuesday started with 73 updates, but ended up (so far) with three revisions and a late addition (CVE-2022-30138) for a total of 77 vulnerabilities addressed this month. Compared with the broad set of updates released in April, we see a greater urgency in patching Windows — especially wiith three zero-days and several very serious flaws in key server and authentication areas. Exchange will require attention, too, due to new server update technology.

To read this article in full, please click here

Read more

Europe puts Apple’s CSAM plans back in the spotlight

Credit to Author: Jonny Evans| Date: Thu, 12 May 2022 08:38:00 -0700

Apple may have put some of its plans to scan devices for CSAM material on hold, but the European Commission has put them right back in the spotlight with a move to force messaging services to begin monitoring for such material.

CSAM is emerging as a privacy test

In terms of child protection, it’s a good thing. Child Sexual Abuse Material (CSAM) is a far bigger problem than many people realize; victims of this appalling trade end up with shattered lives.

To read this article in full, please click here

Read more

Google responds to EU data rulings with new Workspace controls

Credit to Author: Charlotte Trueman| Date: Wed, 04 May 2022 04:22:00 -0700

Google Cloud has announced a new set of Sovereign Controls for users of its Workspace productivity software, aimed at allowing organizations in both the public and private sector to better control, limit, and monitor data transfers to and from the European Union.

The changes look to have come in response to a range of recent European Union efforts to better protect the personal data of members when using cloud services, following the collapse of Privacy Shield.

To read this article in full, please click here

Read more

Enterprise mobility 2022: UEM adds user experience, AI, automation

Credit to Author: Bob Violino| Date: Tue, 03 May 2022 03:00:00 -0700

The past two years have seen mobility management take on a greater importance than ever in the enterprise. As remote and hybrid work models take hold at many organizations, “mobility management” has expanded its meaning from management of mobile devices to management of all devices used by mobile employees, wherever they happen to be working from.

Unified endpoint management (UEM) has become a strategic technology at the center of companies’ efforts to control this increasingly complex environment. Essentially combining enterprise mobility management (EMM) tools with PC management tools, UEM platforms help companies manage and protect a range of devices including smartphones, tablets, laptops, and desktop computers across multiple operating systems — all from a unified interface.

To read this article in full, please click here

Read more

Russia is losing the cyberwar against Ukraine, too

Credit to Author: Preston Gralla| Date: Mon, 02 May 2022 03:00:00 -0700

When Russia launched its all-out attack against Ukraine in February, the world expected the invaders to roll over the country quickly. That didn’t happen, and Ukraine today, though still under assault, has so far thwarted Russia’s ambitions to conquer it.

Russia has also been fighting a quieter war against Ukraine, a cyberwar, deploying what had been considered the most feared state-sponsored hackers in the world. And in the same way that Ukraine has fended off Russia’s military might, it’s been winning the cyberwar as well.

In that cyberwar, as always, the terrain is primarily Windows, because it represents the largest and most vulnerable attack surface in the world. The facts about what exactly is going on have been shadowy. But there’s plenty of evidence that Ukraine may keep the upper hand.

To read this article in full, please click here

Read more

12 Android settings that'll strengthen your security

Credit to Author: JR Raphael| Date: Fri, 22 Apr 2022 02:50:00 -0700

You might not know it from all the panic-inducing headlines out there, but Android is actually packed with practical and powerful security options. Some are activated by default and protecting you whether you realize it or not, while others are more out of the way but equally deserving of your attention.

So stop wasting your time worrying about the Android malware monster du jour and which security company is using it to scare you into an unnecessary subscription, and take a moment instead to look through these far more impactful Android settings — ranging from core system-level elements to some more advanced and easily overlooked options.

To read this article in full, please click here

Read more

April's Patch Tuesday: a lot of large, diverse and urgent updates

Credit to Author: Greg Lambert| Date: Fri, 15 Apr 2022 10:40:00 -0700

This week’s Patch Tuesday release was huge, diverse, risky, and urgent, with late update arrivals for Microsoft browsers (CVE-2022-1364) and two zero-day vulnerabilities affecting Windows (CVE-2022-26809 and CVE-2022-24500). Fortunately, Microsoft has not released any patches for Microsoft Exchange, but this month we do have to deal with more Adobe (PDF) printing related vulnerabilities and associated testing efforts. We have added the Windows and Adobe updates to our “Patch Now” schedule, and will be watching closely to see what happens with any further Microsoft Office updates. 

To read this article in full, please click here

Read more