content top

Microsoft Security Bulletins for May 2014

Microsoft Security Bulletins for May 2014

Microsoft released eight security bulletins (MS14-022 – MS14-029) on Tuesday, May 13, 2014.  Also announced was a number of security advisories which will be covered in this blog post.  Affected software includes SharePoint, Office, Internet Explorer, Remote Server Administration Tools, .NET Framework, Windows Shell handler, iSCSI and Adobe Flash.  Microsoft has placed them into three deployment priorities with MS14-029, MS14-024,...

Read More

The importance of using two-factor authentication

The importance of using two-factor authentication

What is two-factor authentication?  Tech Target defines it as, “Two-factor authentication is a security process in which the user provides two means of identification, one of which is typically a physical token, such as a card, and the other of which is typically something memorized, such as a security code. In this context, the two factors involved are sometimes spoken of as something you have and something you know.”  Many websites use...

Read More

Microsoft Security Bulletin Advanced Notification for May 2014

Microsoft Security Bulletin Advanced Notification for May 2014

May 13th 2014 is the next security patch release by Microsoft.  The release will feature eight security bulletins, which is the most that have been released at one time since the start of this year.  Microsoft mentions that “this notification replaces the out-of-band bulletin summary that was released on May 1, 2014, and does not include the out-of-band bulletin (MS14-021), which was released on May 1, 2014.” Microsoft will be...

Read More

DropBox patches shared links security flaw

DropBox patches shared links security flaw

The cloud storage company Dropbox has announced a security flaw based on shared links to files containing hyperlinks.  The flaw allows third parties to be able to access information without your consent. The security flaw involves refer headers,  which is how websites learn where the visitor of the site has come from in order to better understand traffic sources.  This is the standard process for all web browsers, and in itself in regards...

Read More

Microsoft Zero-Day IE CVE-2014-1776 patch available

Microsoft Zero-Day IE CVE-2014-1776 patch available

On May 1st Microsoft announced a fix for the zero-day IE security flaw that was discovered in April.  “This security update resolves a publicly disclosed vulnerability in Internet Explorer. The vulnerability could allow remote code execution if a user views a specially crafted webpage using an affected version of Internet Explorer. An attacker who successfully exploited this vulnerability could gain the same user rights as the...

Read More
content top