Skip Links

Patch Management Research Center

Your source for patch management news, opinion, product comparisons and reviews.

Patch Management News
Netgear patch said to leave backdoor problem in router
The security researcher who identified an admin backdoor in a range of routers last year has found that Netgear's patches don't adequately...
BlackBerry Releases BES 10 Security Update to Address 'Heartbleed' Flaw
BlackBerry today released an update to its BlackBerry Enterprise Service (BES) 10 software designed to address a "Heartbleed"-related...
Tor anonymity network to shrink as a result of Heartbleed flaw
The Tor Project has flagged 380 Tor relays vulnerable to the critical Heartbleed flaw to be rejected from the Tor anonymity network, reducing the...
Tor anonymity network to shrink as a result of Heartbleed flaw
The Tor Project has flagged 380 Tor relays vulnerable to the critical Heartbleed flaw to be rejected from the Tor anonymity network, reducing the...
Oracle identifies products affected by Heartbleed, but work remains on fixes
Oracle has issued a comprehensive list of its software that may or may not be affected by the OpenSSL (secure sockets layer) vulnerability known as...
VMware promises Heartbleed patches for affected products by the weekend
VMware started patching its products against the critical Heartbleed flaw that puts encrypted communications at risk, and plans to have updates ready...
Jetpack for WordPress pushes patch for two year-old flaw
The developers behind Jetpack, one of WordPress' most popular plugins, have patched a serious flaw introduced in 2012 that would enable an...
Don't overlook URL fetching agents when fixing Heartbleed flaw on servers, researchers say
Website operators should assess their whole Web infrastructure when patching the critical Heartbleed flaw in OpenSSL, otherwise they risk leaving...
Website operators will have a hard time dealing with the Heartbleed vulnerability
Website and server administrators will have to spend considerable time, effort and money to mitigate all the security risks associated with...
Security update for BlackBerry 10 OS fixes remote code execution vulnerability
BlackBerry released a security update for its BlackBerry 10 OS to address a critical vulnerability that could allow remote attackers to execute...
Adobe patches a critical flaw in Flash Player and AIR shown at Pwn2Own contest
Adobe Systems released security updates for Flash Player and AIR in order to address four critical vulnerabilities that could lead to arbitrary code...
Cisco fixes denial-of-service flaws in IOS software for networking devices
Cisco Systems released security updates for its IOS software used on routers, switches and other networking gear in order to fix seven...
Patch management flubs facilitate cybercrime
Failures in patch management of vulnerable systems have been a key enabler of cybercrime, according to the conclusions reached in Solutionary’s...
Full Disclosure security mailing list reborn under new management
The recently closed Full Disclosure security mailing list, which served as an open discussion forum for security researchers since 2002, was replaced...
Proprietary firmware poses a security threat, Ubuntu founder says
Mark Shuttleworth, the founder of the popular Ubuntu Linux distribution, believes proprietary firmware and unverifiable firmware code poses a serious...
All major browsers fall during second day at Pwn2Own hacking contest
Security researchers demonstrated zero-day exploits against Google Chrome, Microsoft Internet Explorer, Apple Safari, Mozilla Firefox and Adobe Flash...
Adobe patches a critical vulnerability in Shockwave Player
Adobe Systems released a new security update for Shockwave Player in order to fix a critical vulnerability that could allow attackers to remotely...
Adobe patches two important vulnerabilities in Flash Player
Adobe released updates for Flash Player that fix two vulnerabilities that could allow attackers to bypass security controls in the software.
Microsoft Patch Tuesday rounds up IE flaws
For this month's "Patch Tuesday" round of bug fixes, Microsoft has focused on correcting multiple vulnerabilities in Internet Explorer...
Joomla receives patches for zero-day SQL injection vulnerability, other flaws
Recently released security updates for the popular Joomla content management system (CMS) address a SQL injection vulnerability that poses a high...