Time to Drop Flash? How about Java?

There are many articles gleefully advancing when Mozilla and Chrome stopped Flash from running on Tuesday of this week.  (until the new vulnerability was patched) readwrite: http://readwrite.com/2015/07/15/firefox-mozilla-kill-adobe-flash there is even a movement against Flash now: http://www.tomshardware.com/news/mozilla-blocks-flash-in-firefox,29583.html With an interesting militant image:   Why did this happen? Well the problem is that Flash is multi-platform and multi-browser … Continue reading “Time to Drop Flash? How about Java?”


2nd Tuesday(Patch Tuesday) came & went now what?

I did not post about Patch Tuesday last week, So here is the rundown of what happened: Microsoft:   Cisco issued an Advisory on the 13th (Wednesday actually) http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150513-tp It is for their TelePresence products. http://windowsitpro.com/patch-tuesday/patch-tuesday-may-2015-brings-unlucky-13-3-critical-updates I had to show this picture of me on the switchboard after seeing the image in WindowsITPRo   The … Continue reading “2nd Tuesday(Patch Tuesday) came & went now what?”

Forever Day Vulnerability Affects All Windows Versions

Forever Day is a play on the “Zero-day” vulnerability which means the application vulnerability has not been patched and can be hacked. Forever-day now means it is always vulnerable (unless the software vendors figure out a patch), although it may be a configuration problem.   Dark reading has the story: http://www.darkreading.com/endpoint/new-security-flaw-spans-all-versions-of-windows/d/d-id/1319884 The most interesting paragraph: … Continue reading “Forever Day Vulnerability Affects All Windows Versions”

Patching Software “Security” Dilemma

We have a dilemma when deciding how and when to patch the software we depend on. Not all vulnerability patches are built to fix the problems they were set to resolve without causing any other problem.  Picture is from #TheHackerNews How do we resolve this while also realizing that the window to patch our software … Continue reading “Patching Software “Security” Dilemma”