Date Author Title

VMWARE ESX SNMP LIBMXL PYTHON NTP BIND BUFFER OVERFLOW PATCH

2010-02-17Rob VandenBrinkMultiple Security Updates for ESX 3.x and ESXi 3.x

VMWARE

2025-03-12/a>Johannes UllrichScans for VMWare Hybrid Cloud Extension (HCX) API (Log4j - not brute forcing)
2023-10-20/a>Yee Ching TokVMware Releases Security Patches for Fusion, Workstation and Aria Operations for Logs
2023-05-14/a>Guy BruneauVMware Aria Operations addresses multiple Local Privilege Escalations and a Deserialization issue
2023-03-18/a>Xavier MertensOld Backdoor, New Obfuscation
2023-02-03/a>Jim ClausingVMware workstation 17.0.1 fixes arbitrary file deletion issue - https://www.vmware.com/security/advisories/VMSA-2023-0003.html
2021-11-04/a>Tom WebbXmount for Disk Images
2020-08-22/a>Guy BruneauVMware App Volumes patches address Stored Cross-Site Scripting (XSS) vulnerability - https://www.vmware.com/security/advisories/VMSA-2020-0019.html
2020-07-11/a>Guy BruneauVMware XPC Client validation privilege escalation vulnerability - https://www.vmware.com/security/advisories/VMSA-2020-0017.html
2020-06-15/a>Rick WannerVMWare Security Advisory - VMSA-2020-0013 - https://www.vmware.com/security/advisories/VMSA-2020-0013.html
2020-05-19/a>Rick WannerVMWare Security Advisory - VMSA-2020-0010 - https://www.vmware.com/security/advisories/VMSA-2020-0010.html
2020-05-09/a>Rick WannerVMWare vRealize Critical vulnerabilities due to SaltStack - VMSA-2020-0009
2020-04-10/a>Scott FendleyCritical Vuln in vCenter vmdir (CVE-2020-3952)
2018-11-20/a>Xavier MertensVMware Affected by Dell EMC Avamar Vulnerability
2018-10-17/a>Russ McReeVMSA-2018-0026 VMware ESXi, Workstation & Fusion updates address out-of-bounds read vulnerability https://www.vmware.com/security/advisories/VMSA-2018-0026.html
2018-05-22/a>Xavier MertensVMware Workstation and Fusion updates address signature bypass and multiple denial-of-service vulnerabilities https://www.vmware.com/security/advisories/VMSA-2018-0013.html
2017-12-20/a>Richard PorterVMWare Security Advisory: VMSA-2017-0021: https://www.vmware.com/security/advisories/VMSA-2017-0021.html
2017-09-16/a>Guy BruneauVMware ESXi, vCenter Server, Fusion and Workstation updates resolve multiple security vulnerabilities - https://www.vmware.com/security/advisories/VMSA-2017-0015.html
2017-03-29/a>Xavier MertensCritical VMware vulnerabilities disclosed
2017-01-31/a>Johannes UllrichVMWare Security Advisory for AirWatch http://www.vmware.com/security/advisories/VMSA-2017-0001.html
2016-11-23/a>Tom WebbVmware Patches VMSA-2016-0005.5, VMSA-2016-0018.3 and VMSA-2016-0021
2016-10-26/a>Johannes UllrichNew VMWare Security Advisory: VMSA-2016-0017 Information Disclosure in VMWare Fusion and VMWare Tools https://www.vmware.com/security/advisories/VMSA-2016-0017.html
2016-05-25/a>Rick WannerVMWare Security Advisories
2016-02-23/a>Xavier MertensVMware VMSA-2016-0002
2016-02-13/a>Guy BruneauVMware VMSA-2015-0007.3 has been Re-released
2016-01-10/a>Jim ClausingVMware security update
2015-12-19/a>Russell EubanksVMWare Security Advisory
2015-04-04/a>Didier StevensVMware Product Updates Address Critical Information Disclosure Issue In JRE
2014-12-05/a>Basil Alawi S.TaherVMware new and updated security advisories
2014-10-23/a>Russ McReeDigest: 23 OCT 2014
2014-10-01/a>Russ McReeVMware security advisory: VMSA-2014-0010 http://www.vmware.com/security/advisories/VMSA-2014-0010.html
2014-09-12/a>Chris MohanVMware NSX and vCNS product updates address a critical information disclosure vulnerability http://www.vmware.com/security/advisories/VMSA-2014-0009.html
2014-08-14/a>Basil Alawi S.TaherThreats to virtual environments
2014-08-05/a>Johannes UllrichCenter for Internet Security Releases Benchmark for VMWare ESXi 5.5 https://benchmarks.cisecurity.org/downloads/form/index.cfm?download=esxi55.100
2014-04-15/a>Richard PorterVMWare Advisory VMSA-2014-0004 - Updates on OpenSSL HeartBleed http://www.vmware.com/security/advisories/VMSA-2014-0004.html
2014-04-11/a>Rob VandenBrinkVMware Security Advisories / Patches released for 2 issues (NOT Heartbleed) - http://www.vmware.com/security/advisories/VMSA-2014-0003.html and http://www.vmware.com/security/advisories/VMSA-2014-0002.html
2014-01-17/a>Russ McReeNew and updated VMWare security advisories - http://www.vmware.com/security/advisories
2013-12-23/a>Scott FendleyVMWare ESX/ESXi Security Advisory
2013-12-04/a>Adrien de BeaupreVMware Security Advisory VMSA-2013-0014
2013-11-15/a>Johannes UllrichVMWare Security Advisory: http://www.vmware.com/security/advisories/VMSA-2013-0013.html
2013-08-30/a>Kevin ListonVMware ESXi and ESX address an NFC Protocol Unhandled Exception
2013-08-02/a>Chris MohanVMware Security Advisory VMSA-2013-0009 - http://www.vmware.com/security/advisories/VMSA-2013-0009.html
2013-06-11/a>Swa Frantzenvmware security advisory VMSA-2013-0008
2013-05-31/a>Chris MohanVMware releases new and updated security advisories
2013-02-22/a>Chris MohanVMware releases new and updated security advisories
2013-02-08/a>Johannes UllrichVMWare Advisories (ESX, Workstation, Fusion...) http://www.vmware.com/security/advisories/VMSA-2013-0002.html
2013-02-01/a>Jim ClausingVMware vSphere security updates for the authentication service and third party libraries (see http://www.vmware.com/security/advisories/VMSA-2013-0001.html)
2012-11-16/a>Guy BruneauVMware security updates for vSphere API and ESX Service Console - http://www.vmware.com/security/advisories/VMSA-2012-0016.html
2012-10-05/a>Richard PorterVMWare Security Advisory: VMSA-2012-0014 - http://www.vmware.com/security/advisories/VMSA-2012-0014.html
2012-08-31/a>Johannes UllrichVMware Updates
2012-07-13/a>Russ McReeVMWare Security Advisory 12 JUL 2012
2012-06-14/a>Johannes UllrichVMWare Security Advisories
2012-06-04/a>Rob VandenBrinkvSphere 5.0 Hardening Guide Officially Released
2012-05-25/a>Guy BruneauVMware vMA Security Advisory VMSA-2012-0010 - http://www.vmware.com/security/advisories/VMSA-2012-0010.html
2012-05-03/a>Guy BruneauVMware Critical Security Issues Advisory - http://www.vmware.com/security/advisories/VMSA-2012-0009.html
2012-05-02/a>Bojan ZdrnjaMonitoring VMWare logs
2012-04-13/a>Daniel WesemannVMware ESX/ESXi privilege escalation vuln. advisory: http://www.vmware.com/security/advisories/VMSA-2012-0007.html
2012-03-16/a>Guy BruneauVMware New and Updated Security Advisories
2012-03-09/a>Guy BruneauVMware New and Updated Advisories
2012-01-31/a>Russ McReeFirefox 10 and VMWare advisories and updates
2011-11-18/a>Kevin ListonRecent VMWare security advisories
2011-10-13/a>Kevin ShorttVMware ESXi and ESX updates to third party libraries and ESX Service Console - http://www.vmware.com/security/advisories/VMSA-2011-0012.html
2011-10-05/a>Jim ClausingVMware Advisory - UDF file system handling
2011-08-17/a>Rob VandenBrinkPutting all of Your Eggs in One Basket - or How NOT to do Layoffs
2011-04-28/a>Guy BruneauVMware ESXi 4.1 Security and Firmware Updates
2011-03-08/a>Jim ClausingVMware ESX/ESXi security updates released, see http://www.vmware.com/security/advisories/VMSA-2011-0004.html
2011-02-08/a>Chris MohanVMWare Security Advisory
2011-01-05/a>Johannes UllrichVMWare Security Advisory VMSA-2011-0001
2010-07-13/a>Jim ClausingVMware Studio Security Update
2010-05-30/a>Kevin ListonVMware ESX/ESXi Updates
2010-04-09/a>Mark HofmanVMware has released the following patch "VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues". Make sure you test before applying to production.
2010-04-02/a>Guy BruneauSecurity Advisory for ESX Service Console
2010-03-30/a>Pedro BuenoVMWare Security Advisories Out
2010-02-17/a>Rob VandenBrinkDefining Clouds - " A Cloud by any Other Name Would be a Lot Less Confusing"
2010-02-17/a>Rob VandenBrinkMultiple Security Updates for ESX 3.x and ESXi 3.x
2010-02-10/a>Marcus SachsDatacenters and Directory Traversals
2010-01-30/a>Stephen HallNew and updated VMWare advisories
2010-01-26/a>Rob VandenBrinkVMware vSphere Hardening Guide Draft posted for public review
2009-11-21/a>Mark HofmanVMware vCenter and ESX updates available http://lists.vmware.com/pipermail/security-announce/2009/000070.html
2009-10-27/a>Rob VandenBrinkNew VMware Desktop Products Released (Workstation, Fusion, ACE)
2009-10-16/a>Stephen HallVMWare updates ESX
2009-10-02/a>Stephen HallVMware Fusion updates to fixes a couple of bugs
2009-08-21/a>Rick WannerUpdates to VMWare Products
2009-07-11/a>Rick WannerVMWare Security Advisories
2009-07-01/a>Bojan ZdrnjaNew VMWare Security Advisory
2009-05-29/a>Lorna HutchesonVMWare Patches Released
2009-04-14/a>Swa FrantzenVMware exploits - just how bad is it ?
2009-04-10/a>Stephen HallPatches for critical VMWare vulnerability
2009-04-04/a>Tony CarothersRecent VMware Updates Available
2009-01-31/a>Swa FrantzenVMware updates
2008-09-19/a>Bojan ZdrnjaVMWare ESX(i) 3.5 security patches
2008-08-12/a>Johannes UllrichVMWare ESX 3.5u2 Errors
2008-06-01/a>Mari NicholsUpdates to VMware resolve critical security issues
2008-03-19/a>Raul SilesVMware updates resolve critical security issues (VMSA-2008-0005)

ESX

2023-12-10/a>Guy BruneauHoneypots: From the Skeptical Beginner to the Tactical Enthusiast
2020-11-21/a>Guy BruneauVMware privilege escalation vulnerabilities (CVE-2020-4004, CVE-2020-4005) - https://www.vmware.com/security/advisories/VMSA-2020-0026.html
2018-07-02/a>Guy BruneauVMware ESXi, Workstation, and Fusion address multiple out-of-bounds read vulnerabilities https://www.vmware.com/security/advisories/VMSA-2018-0016.html
2017-09-16/a>Guy BruneauVMware ESXi, vCenter Server, Fusion and Workstation updates resolve multiple security vulnerabilities - https://www.vmware.com/security/advisories/VMSA-2017-0015.html
2016-02-13/a>Guy BruneauVMware VMSA-2015-0007.3 has been Re-released
2013-12-23/a>Scott FendleyVMWare ESX/ESXi Security Advisory
2013-12-06/a>Guy BruneauVMware ESX 4.x Security Advisory
2013-10-18/a>Guy BruneauVMware Release Multiple Security Updates
2013-08-19/a>Johannes UllrichRunning Snort on ESXi using the Distributed Switch
2012-11-16/a>Guy BruneauVMware security updates for vSphere API and ESX Service Console - http://www.vmware.com/security/advisories/VMSA-2012-0016.html
2012-03-16/a>Guy BruneauVMware New and Updated Security Advisories
2012-03-09/a>Guy BruneauVMware New and Updated Advisories
2011-06-03/a>Guy BruneauVMware ESX Patches and VI Client Update http://www.vmware.com/security/advisories/VMSA-2011-0009.html
2011-04-28/a>Guy BruneauVMware ESXi 4.1 Security and Firmware Updates
2010-05-30/a>Kevin ListonVMware ESX/ESXi Updates
2010-02-17/a>Rob VandenBrinkMultiple Security Updates for ESX 3.x and ESXi 3.x
2009-10-16/a>Stephen HallVMWare updates ESX
2009-07-01/a>Bojan ZdrnjaNew VMWare Security Advisory
2008-09-19/a>Bojan ZdrnjaVMWare ESX(i) 3.5 security patches

SNMP

2016-09-28/a>Xavier MertensSNMP Pwn3ge
2016-09-08/a>Kevin ShorttCurious SNMP Traffic Spike
2014-09-15/a>Johannes UllrichGoogle DNS Server IP Address Spoofed for SNMP reflective Attacks
2014-06-02/a>Rick WannerUsing nmap to scan for DDOS reflectors
2010-07-10/a>Tony CarothersSoftware Update for Cisco IE 3000 Series Switches
2010-02-17/a>Rob VandenBrinkMultiple Security Updates for ESX 3.x and ESXi 3.x
2009-10-11/a>Mark HofmanCyber Security Awareness Month - Day 12 Ports 161/162 Simple Network Management Protocol (SNMP)
2009-01-31/a>Swa FrantzenVMware updates
2008-06-10/a>Swa FrantzenSNMP v3 trouble

LIBMXL

2010-02-17/a>Rob VandenBrinkMultiple Security Updates for ESX 3.x and ESXi 3.x

PYTHON

2025-04-09/a>Xavier MertensObfuscated Malicious Python Scripts with PyArmor
2025-03-18/a>Xavier MertensPython Bot Delivered Through DLL Side-Loading
2025-03-10/a>Xavier MertensShellcode Encoded in UUIDs
2025-02-17/a>Russ McReeModelScan - Protection Against Model Serialization Attacks
2025-02-14/a>Xavier MertensFake BSOD Delivered by Malicious Python Script
2025-02-06/a>Xavier MertensThe Unbreakable Multi-Layer Anti-Debugging System
2025-01-29/a>Xavier MertensFrom PowerShell to a Python Obfuscation Race!
2025-01-28/a>Xavier MertensFileless Python InfoStealer Targeting Exodus
2025-01-18/a>Jim ClausingNew tool: immutable.py
2025-01-03/a>Xavier MertensSwaetRAT Delivery Through Python
2024-12-31/a>Xavier MertensNo Holiday Season for Attackers
2024-12-26/a>Jesse La GrewCapturing Honeypot Data Beyond the Logs
2024-12-17/a>Xavier MertensPython Delivering AnyDesk Client as RAT
2024-11-30/a>Xavier MertensFrom a Regular Infostealer to its Obfuscated Version
2024-11-22/a>Xavier MertensAn Infostealer Searching for « BIP-0039 » Data
2024-11-19/a>Xavier MertensDetecting the Presence of a Debugger in Linux
2024-11-07/a>Xavier MertensSteam Account Checker Poisoned with Infostealer
2024-11-05/a>Xavier MertensPython RAT with a Nice Screensharing Feature
2024-09-18/a>Xavier MertensPython Infostealer Patching Windows Exodus App
2024-09-17/a>Xavier Mertens23:59, Time to Exfiltrate!
2024-09-16/a>Xavier MertensManaging PE Files With Overlays
2024-09-13/a>Jesse La GrewFinding Honeypot Data Clusters Using DBSCAN: Part 2
2024-09-11/a>Xavier MertensPython Libraries Used for Malicious Purposes
2024-08-30/a>Jesse La GrewSimulating Traffic With Scapy
2024-08-29/a>Xavier MertensLive Patching DLLs with Python
2024-08-27/a>Xavier MertensWhy Is Python so Popular to Infect Windows Hosts?
2024-08-26/a>Xavier MertensFrom Highly Obfuscated Batch File to XWorm and Redline
2024-08-23/a>Jesse La GrewPandas Errors: What encoding are my logs in?
2024-08-19/a>Xavier MertensDo you Like Donuts? Here is a Donut Shellcode Delivered Through PowerShell/Python
2024-08-16/a>Jesse La Grew[Guest Diary] 7 minutes and 4 steps to a quick win: A write-up on custom tools
2024-07-26/a>Xavier MertensExelaStealer Delivered "From Russia With Love"
2024-07-24/a>Xavier Mertens"Mouse Logger" Malicious Python Script
2024-07-10/a>Jesse La GrewFinding Honeypot Data Clusters Using DBSCAN: Part 1
2024-06-06/a>Xavier MertensMalicious Python Script with a "Best Before" Date
2024-05-31/a>Xavier Mertens"K1w1" InfoStealer Uses gofile.io for Exfiltration
2024-05-30/a>Xavier MertensFeeding MISP with OSSEC
2024-03-13/a>Xavier MertensUsing ChatGPT to Deobfuscate Malicious Scripts
2024-02-20/a>Xavier MertensPython InfoStealer With Dynamic Sandbox Detection
2024-02-08/a>Xavier MertensA Python MP3 Player with Builtin Keylogger Capability
2024-01-25/a>Xavier MertensFacebook AdsManager Targeted by a Python Infostealer
2024-01-19/a>Xavier MertensmacOS Python Script Replacing Wallet Applications with Rogue Apps
2024-01-17/a>Jesse La GrewNumber Usage in Passwords
2024-01-08/a>Jesse La GrewWhat is that User Agent?
2023-12-23/a>Xavier MertensPython Keylogger Using Mailtrap.io
2023-12-22/a>Xavier MertensShall We Play a Game?
2023-12-16/a>Xavier MertensAn Example of RocketMQ Exploit Scanner
2023-11-20/a>Jesse La GrewOverflowing Web Honeypot Logs
2023-10-31/a>Xavier MertensMultiple Layers of Anti-Sandboxing Techniques
2023-09-30/a>Xavier MertensSimple Netcat Backdoor in Python Script
2023-08-25/a>Xavier MertensPython Malware Using Postgresql for C2 Communications
2023-08-23/a>Guy BruneauHow I made a qwerty ?keyboard walk? password generator with ChatGPT [Guest Diary]
2023-08-22/a>Xavier MertensHave You Ever Heard of the Fernet Encryption Algorithm?
2023-08-17/a>Jesse La GrewCommand Line Parsing - Are These Really Unique Strings?
2023-08-11/a>Xavier MertensShow me All Your Windows!
2023-07-28/a>Xavier MertensShellCode Hidden with Steganography
2023-06-20/a>Xavier MertensMalicious Code Can Be Anywhere
2023-04-28/a>Xavier MertensQuick IOC Scan With Docker
2023-03-18/a>Xavier MertensOld Backdoor, New Obfuscation
2023-03-11/a>Xavier MertensOverview of a Mirai Payload Generator
2023-03-01/a>Xavier MertensPython Infostealer Targeting Gamers
2023-02-09/a>Xavier MertensA Backdoor with Smart Screenshot Capability
2022-11-14/a>Jesse La GrewExtracting 'HTTP CONNECT' Requests with Python
2022-10-24/a>Xavier MertensC2 Communications Through outlook.com
2022-10-18/a>Xavier MertensPython Obfuscation for Dummies
2022-09-26/a>Xavier MertensEasy Python Sandbox Detection
2022-09-14/a>Xavier MertensEasy Process Injection within Python
2022-08-19/a>Johannes UllrichWindows Security Blocks UPX Compressed (packed) Binaries
2022-08-18/a>Johannes UllrichHoneypot Attack Summaries with Python
2022-07-20/a>Xavier MertensMalicious Python Script Behaving Like a Rubber Ducky
2022-06-24/a>Xavier MertensPython (ab)using The Windows GUI
2022-05-24/a>Yee Ching Tokctx Python Library Updated with "Extra" Features
2022-04-21/a>Xavier MertensMulti-Cryptocurrency Clipboard Swapper
2022-01-20/a>Xavier MertensRedLine Stealer Delivered Through FTP
2022-01-07/a>Xavier MertensCustom Python RAT Builder
2022-01-06/a>Xavier MertensMalicious Python Script Targeting Chinese People
2021-12-10/a>Xavier MertensPython Shellcode Injection From JSON Data
2021-12-01/a>Xavier MertensInfo-Stealer Using webhook.site to Exfiltrate Data
2021-08-30/a>Xavier MertensCryptocurrency Clipboard Swapper Delivered With Love
2021-07-16/a>Xavier MertensMultiple BaseXX Obfuscations
2021-07-08/a>Xavier MertensUsing Sudo with Python For More Security Controls
2021-07-06/a>Xavier MertensPython DLL Injection Check
2021-07-02/a>Xavier Mertens"inception.py"... Multiple Base64 Encodings
2021-06-11/a>Xavier MertensKeeping an Eye on Dangerous Python Modules
2021-05-31/a>Rick WannerQuick and dirty Python: nmap
2021-05-04/a>Rick WannerQuick and dirty Python: masscan
2021-04-29/a>Xavier MertensFrom Python to .Net
2021-04-09/a>Xavier MertensNo Python Interpreter? This Simple RAT Installs Its Own Copy
2021-04-02/a>Xavier MertensC2 Activity: Sandboxes or Real Victims?
2021-03-18/a>Xavier MertensSimple Python Keylogger
2020-12-10/a>Xavier MertensPython Backdoor Talking to a C2 Through Ngrok
2020-11-20/a>Xavier MertensMalicious Python Code and LittleSnitch Detection
2020-11-09/a>Xavier MertensHow Attackers Brush Up Their Malicious Scripts
2020-10-20/a>Xavier MertensMirai-alike Python Scanner
2020-10-14/a>Xavier MertensNicely Obfuscated Python RAT
2020-09-18/a>Xavier MertensA Mix of Python & VBA in a Malicious Word Document
2020-09-03/a>Xavier MertensSandbox Evasion Using NTP
2020-09-02/a>Xavier MertensPython and Risky Windows API Calls
2020-08-18/a>Xavier MertensUsing API's to Track Attackers
2020-07-30/a>Johannes UllrichPython Developers: Prepare!!!
2019-10-29/a>Xavier MertensGenerating PCAP Files from YAML
2018-11-26/a>Russ McReeViperMonkey: VBA maldoc deobfuscation
2017-11-23/a>Xavier MertensProactive Malicious Domain Search
2017-10-05/a>Johannes Ullrichpcap2curl: Turning a pcap file into a set of cURL commands for "replay"
2017-08-22/a>Xavier MertensDefang all the things!
2017-04-19/a>Xavier MertensHunting for Malicious Excel Sheets
2017-01-12/a>Mark BaggettSystem Resource Utilization Monitor
2017-01-01/a>Didier Stevenspy2exe Decompiling - Part 1
2016-11-27/a>Russ McReeScapy vs. CozyDuke
2016-07-25/a>Didier StevensPython Malware - Part 4
2016-07-16/a>Didier StevensPython Malware - Part 3
2016-05-15/a>Didier StevensPython Malware - Part 1
2014-12-04/a>Mark BaggettAutomating Incident data collection with Python
2011-02-21/a>Adrien de BeaupreWhat’s New, it's Python 3.2
2010-08-15/a>Manuel Humberto Santander PelaezPython to test web application security
2010-06-14/a>Manuel Humberto Santander PelaezPython on a microcontroller?
2010-03-30/a>Marcus SachsZigbee Analysis Tools
2010-02-17/a>Rob VandenBrinkMultiple Security Updates for ESX 3.x and ESXi 3.x
2009-05-25/a>Jim ClausingMore tools for (US) Memorial Day

NTP

2020-09-03/a>Xavier MertensSandbox Evasion Using NTP
2015-11-01/a>Guy BruneauCisco Products Affected by Multiple Vulnerabilities in ntpd - http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-ntp
2014-08-17/a>Rick WannerPart 1: Is your home network unwittingly contributing to NTP DDOS attacks?
2014-08-17/a>Rick WannerPart 2: Is your home network unwittingly contributing to NTP DDOS attacks?
2014-06-24/a>Kevin ShorttNTP DDoS Counts Have Dropped
2014-06-02/a>Rick WannerUsing nmap to scan for DDOS reflectors
2014-02-26/a>Russ McReeOngoing NTP Amplification Attacks
2014-02-17/a>Chris MohanNTP reflection attacks continue
2012-11-20/a>John BambenekBehind the Random NTP Bizarreness of Incorrect Year Being Set
2012-05-08/a>Kevin ListonIncident-response without NTP
2010-02-17/a>Rob VandenBrinkMultiple Security Updates for ESX 3.x and ESXi 3.x
2009-12-09/a>Swa Frantzenntpd upgrade to prevent spoofed looping
2009-10-29/a>Johannes UllrichHelp me assemble a list of "days of doom" as a followup to the ntp diary. http://jbu.me/25
2009-10-28/a>Johannes UllrichCyber Security Awareness Month - Day 28 - ntp (123/udp)
2009-05-25/a>Jim ClausingNTPD autokey vulnerability

BIND

2021-07-31/a>Guy BruneauUnsolicited DNS Queries
2019-11-25/a>Xavier MertensMy Little DoH Setup
2019-07-13/a>Guy BruneauGuidance to Protect DNS Against Hijacking & Scanning for Version.BIND Still a Thing
2014-06-12/a>Guy BruneauBIND Security Update for CVE-2014-3859
2013-07-26/a>Scott FendleyISC BIND DoS
2013-06-05/a>Richard PorterBIND 9 Update fixing CVE-2013-3919
2012-07-30/a>Guy BruneauBIND 9 Security Updates
2012-06-06/a>Jim ClausingBIND 9 Update - DoS or information disclosure vulnerability
2011-12-05/a>Stephen HallISC describe DNS crash bug analysis
2011-11-16/a>Jason LamPotential 0-day on Bind 9
2011-07-05/a>Raul SilesTwo DoS remotely exploitable vulnerabilities affect BIND 9: http://www.isc.org/advisories/bind Updgrade to 9.8.0-P4.
2011-06-28/a>Johannes UllrichDNSSEC Tips
2011-05-09/a>Johannes UllrichPatch for BIND 9.8.0 DoS Vulnerability
2011-02-23/a>Manuel Humberto Santander PelaezBind DOS vulnerability (CVE-2011-0414)
2010-07-29/a>Rob VandenBrinkNoScript 2.0 released
2010-02-17/a>Rob VandenBrinkMultiple Security Updates for ESX 3.x and ESXi 3.x
2009-12-15/a>Johannes UllrichImportant BIND name server updates - DNSSEC
2009-11-24/a>John BambenekBIND Security Advisory (DNSSEC only)
2009-07-29/a>Bojan ZdrnjaBIND 9 DoS attacks in the wild
2009-01-08/a>Kyle HaugsnessBIND OpenSSL follow-up
2009-01-07/a>William SaluskyBIND 9.x security patch - resolves potentially new DNS poisoning vector
2008-08-14/a>Johannes UllrichDNSSEC for DShield.org
2008-08-02/a>Swa FrantzenBIND: -P2 patches are released
2008-07-08/a>Johannes UllrichMulitple Vendors DNS Spoofing Vulnerability

BUFFER

2024-08-29/a>Xavier MertensLive Patching DLLs with Python
2021-02-15/a>Johannes UllrichSecuring and Optimizing Networks: Using pfSense Traffic Shaper Limiters to Combat Bufferbloat
2017-02-24/a>Rick WannerCloudflare data leak...what does it mean to me?
2013-05-07/a>Jim ClausingNGINX updates address buffer overflow (CVE-2013-2028) see http://nginx.org/en/CHANGES-1.4
2013-01-18/a>Russ McReeSourcefire VRT rules update addresses remote stack buffer overflow in rule 3:20275
2012-12-02/a>Guy BruneauZero Day MySQL Buffer Overflow
2010-06-06/a>Manuel Humberto Santander PelaezNice OS X exploit tutorial
2010-02-17/a>Rob VandenBrinkMultiple Security Updates for ESX 3.x and ESXi 3.x
2009-12-24/a>Guy BruneauF5 BIG-IP ASM and PSM Remote Buffer Overflow
2008-06-10/a>Swa FrantzenLinux ASN.1 BER kernel buffer overflow

OVERFLOW

2017-02-24/a>Rick WannerCloudflare data leak...what does it mean to me?
2013-05-07/a>Jim ClausingNGINX updates address buffer overflow (CVE-2013-2028) see http://nginx.org/en/CHANGES-1.4
2013-01-18/a>Russ McReeSourcefire VRT rules update addresses remote stack buffer overflow in rule 3:20275
2012-12-02/a>Guy BruneauZero Day MySQL Buffer Overflow
2010-06-06/a>Manuel Humberto Santander PelaezNice OS X exploit tutorial
2010-02-17/a>Rob VandenBrinkMultiple Security Updates for ESX 3.x and ESXi 3.x
2009-12-24/a>Guy BruneauF5 BIG-IP ASM and PSM Remote Buffer Overflow
2008-06-10/a>Swa FrantzenLinux ASN.1 BER kernel buffer overflow

PATCH

2025-03-11/a>Johannes UllrichMicrosoft Patch Tuesday: March 2025
2024-12-11/a>Johannes UllrichApple Updates Everything (iOS, iPadOS, macOS, watchOS, tvOS, visionOS)
2024-12-10/a>Johannes UllrichMicrosoft Patch Tuesday: December 2024
2024-08-29/a>Xavier MertensLive Patching DLLs with Python
2024-07-09/a>Johannes UllrichMicrosoft Patch Tuesday July 2024
2024-06-11/a>Johannes UllrichMicrosoft Patch Tuesday June 2024
2024-03-12/a>Johannes UllrichMicrosoft Patch Tuesday - March 2024
2024-03-05/a>Johannes UllrichApple Releases iOS/iPadOS Updates with Zero Day Fixes.
2023-12-12/a>Johannes UllrichMicrosoft Patch Tuesday December 2023
2023-10-10/a>Johannes UllrichOctober 2023 Microsoft Patch Tuesday Summary
2023-09-26/a>Johannes UllrichApple Releases MacOS Sonoma Including Numerous Security Patches
2023-09-11/a>Johannes UllrichApple fixes 0-Day Vulnerability in Older Operating Systems
2023-03-27/a>Johannes UllrichApple Updates Everything (including Studio Display)
2023-02-14/a>Johannes UllrichMicrosoft February 2023 Patch Tuesday
2023-01-24/a>Johannes UllrichApple Updates (almost) Everything: Patch Overview
2022-10-11/a>Johannes UllrichOctober 2022 Microsoft Patch Tuesday
2022-10-07/a>Xavier MertensCritical Fortinet Vulnerability Ahead
2022-07-20/a>Johannes UllrichApple Patches Everything Day
2022-05-16/a>Johannes UllrichApple Patches Everything
2022-05-10/a>Renato MarinhoMicrosoft May 2022 Patch Tuesday
2022-05-03/a>Rob VandenBrinkFinding the Real "Last Patched" Day (Interim Version)
2022-03-31/a>Johannes UllrichApple Patches Actively Exploited Vulnerability in macOS, iOS and iPadOS,
2022-02-10/a>Johannes UllrichiOS/iPadOS and MacOS Update: Single WebKit 0-Day Vulnerability Patched
2022-01-11/a>Johannes UllrichMicrosoft Patch Tuesday - January 2022
2021-09-14/a>Renato MarinhoMicrosoft September 2021 Patch Tuesday
2021-08-20/a>Xavier MertensWaiting for the C2 to Show Up
2021-04-13/a>Richard PorterMicrosoft April 2021 Patch Tuesday
2020-12-08/a>Johannes UllrichDecember 2020 Microsoft Patch Tuesday: Exchange, Sharepoint, Dynamics and DNS Spoofing
2020-11-25/a>Xavier MertensLive Patching Windows API Calls Using PowerShell
2020-05-14/a>Rob VandenBrinkPatch Tuesday Revisited - CVE-2020-1048 isn't as "Medium" as MS Would Have You Believe
2020-03-10/a>Johannes UllrichMicrosoft Patch Tuesday March 2020
2020-02-29/a>Guy BruneauHazelcast IMDG Discover Scan
2019-07-09/a>John BambenekMSFT July 2019 Patch Tuesday
2018-12-19/a>Xavier MertensMicrosoft OOB Patch for Internet Explorer: Scripting Engine Memory Corruption Vulnerability
2018-12-11/a>Richard PorterMicrosoft December 2018 Patch Tuesday
2018-11-13/a>Johannes UllrichNovember 2018 Microsoft Patch Tuesday
2018-10-09/a>Johannes UllrichOctober 2018 Microsoft Patch Tuesday
2018-09-11/a>Johannes UllrichMicrosoft September Patch Tuesday Summary
2018-07-17/a>Scott FendleyOracle Critical Patch Update Release
2018-06-12/a>Johannes UllrichMicrosoft June 2018 Patch Tuesday
2018-04-25/a>Johannes UllrichYet Another Drupal RCE Vulnerability
2017-12-20/a>Richard PorterVMWare Security Advisory: VMSA-2017-0021: https://www.vmware.com/security/advisories/VMSA-2017-0021.html
2017-12-12/a>Johannes UllrichDecember Microsoft Patch Tuesday Summary
2017-09-08/a>Adrien de BeaupreYASRV (Yet Another Struts RCE Vulnerability) yes a different one from yesterday
2017-09-05/a>Adrien de BeaupreStruts vulnerability patch released by apache, patch now
2017-07-11/a>Renato MarinhoJuly's Microsoft Patch Tuesday
2017-03-14/a>Johannes UllrichFebruary and March Microsoft Patch Tuesday
2017-02-14/a>Johannes UllrichMicrosoft Patch Tuesday Delayed
2017-02-04/a>Xavier MertensDetecting Undisclosed Vulnerabilities with Security Tools & Features
2017-01-10/a>Johannes UllrichJanuary 2017 Microsoft Patch Tuesday
2016-09-13/a>Rob VandenBrinkMicrosoft Patch Tuesday Analysis
2016-09-02/a>Johannes UllrichApple Patches "Trident" Vulnerabilities in OS X / Safari
2016-07-12/a>Johannes UllrichMicrosoft Patch Tuesday Summary for July 2016
2016-02-09/a>Johannes UllrichMicrosoft February 2016 Patch Tuesday
2016-01-12/a>Alex StanfordJanuary 2016 Microsoft Patch Tuesday
2015-12-08/a>Johannes UllrichDecember 2015 Microsoft Patch Tuesday
2015-11-10/a>Johannes UllrichNovember 2015 Microsoft Patch Tuesday
2015-10-13/a>Alex StanfordOctober 2015 Microsoft Patch Tuesday
2015-09-08/a>Johannes UllrichSeptember 2015 Microsoft Patch Tuesday
2015-08-11/a>Manuel Humberto Santander PelaezAugust 2015 Microsoft Patch Tuesday
2015-07-23/a>Mark HofmanSome more 0-days from ZDI
2015-07-14/a>Johannes UllrichAdobe Updates Flash Player, Shockwave and PDF Reader
2015-07-14/a>Johannes UllrichJuly 2015 Microsoft Patch Tuesday
2015-06-09/a>Johannes UllrichMicrosoft Patch Tuesday Summary for June 2015
2015-05-12/a>Johannes UllrichMay 2015 Microsoft Patch Tuesday Summary
2015-04-14/a>Alex StanfordMicrosoft Patch Tuesday - April 2015
2015-03-10/a>Johannes UllrichMicrosoft March Patch Tuesday
2015-02-13/a>Johannes UllrichMicrosoft February Patch Failures Continue: KB3023607 vs. Cisco AnyConnect Client
2015-02-11/a>Johannes UllrichMicrosoft Hardens GPO by Fixing Two Serious Vulnerabilities.
2015-02-10/a>Mark BaggettMicrosoft Update Advisory for February 2015
2015-01-23/a>Adrien de BeaupreInfocon change to yellow for Adobe Flash issues
2015-01-13/a>Johannes UllrichMicrosoft Patch Tuesday - January 2015 (Really? Telnet?)
2014-12-09/a>Alex StanfordMicrosoft Patch Tuesday - December 2014
2014-11-18/a>Jim ClausingMicrosoft November out-of-cycle patch MS14-068
2014-11-11/a>Johannes UllrichMicrosoft November 2014 Patch Tuesday
2014-11-11/a>Johannes UllrichAdobe Flash Update
2014-10-17/a>Johannes UllrichApple Updates (not just Yosemite)
2014-10-14/a>Johannes UllrichMicrosoft October 2014 Patch Tuesday
2014-10-14/a>Johannes UllrichAdobe October 2014 Bulletins for Flash Player and Coldfusion
2014-09-29/a>Johannes UllrichApple Released Update to Fix Shellshock Vulnerability http://support.apple.com/kb/DL1769
2014-09-09/a>Alex StanfordMicrosoft Patch Tuesday - September 2014
2014-08-12/a>Alex StanfordMicrosoft Patch Tuesday - August 2014
2014-07-15/a>Daniel WesemannOracle July 2014 CPU (patch bundle)
2014-07-08/a>Alex StanfordMicrosoft Patch Tuesday - July
2014-07-01/a>Johannes UllrichApple Releases Patches for All Products
2014-06-10/a>Alex StanfordMicrosoft Patch Tuesday June 2014
2014-06-06/a>Johannes UllrichMicrosoft June Patch Tuesday Advance Notification
2014-05-13/a>Johannes UllrichMicrosoft May 2014 Patch Tuesday
2014-05-01/a>Johannes UllrichMicrosoft Announces Special Patch for IE 0-day (Win XP included!)
2014-04-22/a>Johannes UllrichApple Patches for OS X, iOS and Apple TV.
2014-04-16/a>Johannes UllrichOracle Critical Patch Update for April 2014
2014-04-08/a>Richard PorterApril 2014 Microsoft Patches
2014-03-21/a>Johannes UllrichCisco AsyncOS Patch
2014-03-11/a>Johannes UllrichAdobe Updates: Flash Player
2014-03-11/a>Johannes UllrichMicrosoft Patch Tuesday March 2014
2014-03-08/a>Guy BruneauMicrosoft March Patch Pre-Announcement
2014-02-25/a>Alex StanfordApple releases OS X 10.9.2 patching SSL vulnerability and updates Safari
2014-02-11/a>Johannes UllrichAdobe February 2014 Patch Tuesday
2014-02-11/a>Johannes UllrichFebruary 2014 Microsoft Patch Tuesday
2014-02-07/a>Johannes UllrichMicrosoft Advance Notification for February 2014
2014-02-04/a>Johannes UllrichAdobe Flash Player Emergency Patch
2014-01-30/a>Johannes UllrichOracle Reports Vulnerability
2014-01-14/a>Johannes UllrichMicrosoft Patch Tuesday January 2014
2014-01-14/a>Johannes UllrichAdobe Patch Tuesday January 2014
2014-01-14/a>Johannes UllrichOracle Critical Patch Update January 2014
2014-01-10/a>Basil Alawi S.TaherCisco Small Business Devices backdoor fix
2014-01-09/a>Johannes UllrichMicrosoft Security Bulletin Advance Notification for January 2014 http://technet.microsoft.com/en-us/security/bulletin/ms14-jan
2013-12-10/a>Johannes UllrichMicrosoft December Patch Tuesday
2013-12-07/a>Guy BruneauMicrosoft December Patch Pre-Announcement
2013-12-04/a>Adrien de BeaupreVMware Security Advisory VMSA-2013-0014
2013-11-12/a>Johannes UllrichNovember 2013 Microsoft Patch Tuesday
2013-11-08/a>Johannes UllrichMicrosoft Patch Tuesday Preview
2013-11-01/a>Russ McReeSecunia's PSI Country Report - Q3 2013
2013-10-08/a>Johannes UllrichMicrosoft October 2013 Patch Tuesday
2013-10-03/a>Johannes UllrichOctober Patch Tuesday Preview (CVE-2013-3893 patch coming!)
2013-09-11/a>Johannes UllrichReboot Wednesday: Yesterday's Patch Tuesday Aftermath
2013-09-10/a>Swa FrantzenAdobe September 2013 Black Tuesday Overview
2013-09-10/a>Swa FrantzenMicrosoft September 2013 Black Tuesday Overview
2013-09-10/a>Swa FrantzenMacs need to patch too!
2013-09-07/a>Guy BruneauMicrosoft September Patch Pre-Announcement
2013-08-19/a>Johannes UllrichMicrosoft re-releases MS13-066: https://technet.microsoft.com/security/bulletin/MS13-066
2013-08-15/a>Johannes UllrichMicrosoft Pulls MS013-061 due to problems with Exchange Server 2013 http://blogs.technet.com/b/exchange/archive/2013/08/14/exchange-2013-security-update-ms13-061-status-update.aspx
2013-08-13/a>Swa FrantzenMicrosoft August 2013 Black Tuesday Overview
2013-08-13/a>Swa FrantzenMicrosoft security advisories: RDP and MD5 deprecation in Microsoft root certificates
2013-07-09/a>Swa FrantzenMicrosoft July 2013 Black Tuesday Overview
2013-07-09/a>Swa FrantzenAdobe July 2013 Black Tuesday Overview
2013-07-06/a>Guy BruneauMicrosoft July Patch Pre-Announcement
2013-06-26/a>Adrien de BeaupreMultiple Cisco security advisories
2013-06-11/a>Swa FrantzenAdobe June 2013 Black Tuesday Overview
2013-06-11/a>Swa Frantzenvmware security advisory VMSA-2013-0008
2013-06-11/a>Swa FrantzenMicrosoft June 2013 Black Tuesday Overview
2013-06-05/a>Richard PorterBIND 9 Update fixing CVE-2013-3919
2013-05-22/a>Adrien de BeauprePrivilege escalation, why should I care?
2013-05-14/a>Swa FrantzenMicrosoft May 2013 Black Tuesday Overview
2013-05-14/a>Swa FrantzenFirefox & Thunderbird released
2013-05-14/a>Swa FrantzenAdobe May 2013 Black Tuesday Overview
2013-05-14/a>Swa FrantzenMicrosoft Security Advisory 2846338
2013-04-09/a>Swa FrantzenMicrosoft April 2013 Black Tuesday Overview
2013-04-09/a>Swa FrantzenAdobe April 2013 Black Tuesday Overview
2013-04-04/a>Johannes UllrichMicrosoft April Patch Tuesday Advance Notification
2013-03-12/a>Swa FrantzenMicrosoft March 2013 Black Tuesday Overview
2013-03-12/a>Swa FrantzenAdobe March 2013 Black Tueday
2013-02-27/a>Adam SwangerAdobe Flash Player Security Update - http://www.adobe.com/support/security/bulletins/apsb13-08.html
2013-02-22/a>Chris MohanVMware releases new and updated security advisories
2013-02-14/a>Adam SwangerISC Monthly Threat Update - February 2013 http://isc.sans.edu/podcastdetail.html?id=3121
2013-02-12/a>Swa FrantzenAdobe Feb 2013 Black Tuesday patches
2013-02-12/a>Adam SwangerMicrosoft February 2013 Black Tuesday Update - Overview
2013-02-08/a>Johannes UllrichMicrosoft February Patch Tuesday Advance Notification
2013-01-22/a>Richard PorterUsing Metasploit for Patch Sanity Checks
2013-01-14/a>Richard PorterJanuary 2013 Microsoft Out of Cycle Patch
2013-01-10/a>Adam SwangerISC Monthly Threat Update New Format
2013-01-09/a>Rob VandenBrinkSQL Injection Flaw in Ruby on Rails
2013-01-09/a>Rob VandenBrinkFirefox and Thunderbird Updates
2013-01-09/a>Rob VandenBrinkSecurity Updates for Adobe Reader / Acrobat - http://www.adobe.com/support/security/bulletins/apsb13-02.html
2013-01-08/a>Richard PorterMicrosoft January 2013 Black Tuesday Update - Overview
2013-01-08/a>Richard PorterFirefox 18 Released, Security Fixes http://www.mozilla.org/security/known-vulnerabilities/firefox.html
2013-01-04/a>Daniel WesemannPatch pre-notification from Adobe and Microsoft
2012-12-11/a>John BambenekMicrosoft December 2012 Black Tuesday Update - Overview
2012-11-13/a>Jim ClausingMicrosoft November 2012 Black Tuesday Update - Overview
2012-10-17/a>Mark HofmanOracle Critical Patch Update October
2012-10-09/a>Johannes UllrichAdobe Flash Player update http://www.adobe.com/support/security/bulletins/apsb12-22.html
2012-10-09/a>Johannes UllrichMicrosoft October 2012 Black Tuesday Update - Overview
2012-10-04/a>Johannes UllrichMicrosoft October Patch Pre-Announcement
2012-09-11/a>Adam SwangerMicrosoft September 2012 Black Tuesday Update - Overview
2012-08-14/a>Rick WannerMicrosoft August 2012 Black Tuesday Update - Overview
2012-08-14/a>Rick WannerAdobe Security Bulletins - http://blogs.adobe.com/psirt/2012/08/adobe-security-bulletins-posted-2.html
2012-08-04/a>Kevin ListonVendors: More Patch-Release Options Please
2012-07-15/a>Guy BruneauOracle July 2012 Critical Patch Pre-Release Announcement
2012-07-10/a>Swa FrantzenMicrosoft July 2012 Black Tuesday Update - Overview
2012-07-10/a>Swa FrantzenMicrosoft revoking trust in Microsoft certificates - SA 2728973
2012-07-10/a>Swa FrantzenMicrosoft fix-it to disable gadgets - SA 2719662
2012-07-05/a>Adrien de BeaupreMicrosoft advanced notification for July 2012 patch Tuesday
2012-06-22/a>Kevin ListonUpdated Poll: Which Patch Delivery Schedule Works the Best for You?
2012-06-12/a>Swa FrantzenAdobe June 2012 Black Tuesday patches
2012-06-12/a>Swa FrantzenMicrosoft June 2012 Black Tuesday Update - Overview
2012-06-12/a>Swa FrantzenJava 7u5 and 6u33 released
2012-06-11/a>Johannes UllrichMicrosoft Update Security
2012-06-07/a>Johannes UllrichMicrosoft June Security Bulletin Advance Notification
2012-05-23/a>Mark BaggettProblems with MS12-035 affecting XP, SBS and Windows 2003?
2012-05-08/a>Adam SwangerMicrosoft May 2012 Black Tuesday Update - Overview
2012-04-15/a>Rick Wanner.Net update affects printing from some applications
2012-04-13/a>Daniel WesemannOracle CPU Patches announced for Apr 17
2012-04-10/a>Swa FrantzenMicrosoft April 2012 Black Tuesday Update - Overview
2012-04-10/a>Swa FrantzenAdobe April 2012 Black Tuesday Update
2012-04-06/a>Johannes UllrichAnother OS X Java Patch
2012-04-06/a>Johannes UllrichMicrosoft April Patch Tuesday Pre-Announcement (6 Patches): http://technet.microsoft.com/en-us/security/bulletin/ms12-apr
2012-04-06/a>Johannes UllrichAdobe Patch Tuesday Prerelease (Reader/Acrobat) http://www.adobe.com/support/security/bulletins/apsb12-08.html
2012-03-13/a>Lenny ZeltserMarch 2012 Microsoft Black Tuesday
2012-03-12/a>Johannes UllrichApple Released Safari 5.1.4
2012-03-08/a>Johannes UllrichApple Patches
2012-03-08/a>Johannes UllrichMicrosoft March Patch Tuesday Pre-Anouncement out. 6 patches, 1 critical: http://technet.microsoft.com/en-us/security/bulletin/ms12-mar
2012-03-05/a>Johannes UllrichAdobe Flash Player Security Update
2012-02-16/a>Tony CarothersJava Update for February
2012-02-14/a>Johannes UllrichFebruary 2012 Microsoft Black Tuesday
2012-02-14/a>Johannes UllrichAdobe Shockwave Player and RoboHelp for Word Patches
2012-02-01/a>Russ McReeOracle Security Alert: http://www.oracle.com/technetwork/topics/security/alert-cve-2011-5035-1506603.html
2012-01-31/a>Russ McReeFirefox 10 and VMWare advisories and updates
2012-01-18/a>Richard PorterOracle Quarterly Released, http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html
2012-01-10/a>Adrien de BeaupreJanuary 2012 Microsoft Black Tuesday Summary
2012-01-10/a>Adrien de BeaupreAdobe January 2012 Black Tuesday overview
2012-01-06/a>Guy BruneauJanuary 2012 Patch Tuesday Pre-release
2011-12-13/a>Johannes UllrichDecember 2011 Microsoft Black Tuesday Summary
2011-12-08/a>Adrien de BeaupreMicrosoft Security Bulletin Advance Notification for December 2011
2011-11-08/a>Swa FrantzenMicrosoft November 2011 Black Tuesday Overview
2011-11-08/a>Swa FrantzenAbobe November 2011 Black Tuesday Overview
2011-11-08/a>Swa FrantzenApple Black Tuesday
2011-11-03/a>Guy BruneauNovember 2011 Patch Tuesday Pre-release
2011-10-19/a>Mark HofmanOracle Critical Patch Update
2011-10-11/a>Swa FrantzenMicrosoft Black Tuesday Overview October 2011
2011-10-11/a>Swa FrantzenApple iTunes 10.5
2011-09-21/a>Swa FrantzenEmergency patch expected for Flash Player
2011-09-13/a>Swa FrantzenMicrosoft September 2011 Black Tuesday
2011-09-13/a>Swa FrantzenAdobe September 2011 Black Tuesday overview
2011-09-09/a>Johannes UllrichEarly Patch Tuesday Today: Microsoft September 2011 Patches
2011-09-08/a>Rob VandenBrinkShould We Still Test Patches?
2011-09-08/a>Mark HofmanMicrosoft has released their advanced notification for patch Tuesday. 15 Vulnerabilities to be addressed. more here --> http://blogs.technet.com/b/msrc/archive/2011/09/08/advanced-notification-for-the-september-2011-bulletin-release.aspx
2011-08-31/a>Johannes UllrichFirefox/Thunderbird 6.0.1 released to blocklist bad DigiNotar SSL certificates
2011-08-30/a>Johannes UllrichApache patch out for "byte range" DoS vulnerability http://www.apache.org/dist/httpd/Announcement2.2.html
2011-08-09/a>Swa FrantzenMicrosoft August 2011 Black Tuesday Overview
2011-08-09/a>Swa FrantzenAdobe August 2011 Black Tuesday Overview
2011-08-05/a>Johannes UllrichMicrosoft Patch Tuesday Advance Notification: 13 Bulletins coming http://www.microsoft.com/technet/security/Bulletin/MS11-aug.mspx
2011-07-12/a>Swa FrantzenMicrosoft July 2011 Black Tuesday Overview
2011-07-07/a>Rob VandenBrink"There's a Patch for that" (or maybe not)
2011-07-06/a>Rob VandenBrink"Too Important to Patch" - Wait? What?
2011-06-28/a>Johannes UllrichUpdate: Google Chrome 12.0.742.112 released http://googlechromereleases.blogspot.com/2011/06/stable-channel-update_28.html
2011-06-14/a>Swa FrantzenMicrosoft June 2011 Black Tuesday Overview
2011-06-14/a>Swa FrantzenAdobe releases patches
2011-06-09/a>Richard PorterChrome Version 12.0.742.91 Released
2011-05-10/a>Swa FrantzenMay 2011 Microsoft Black Tuesday Overview
2011-05-06/a>Richard PorterUpdated Exploit Index for Microsoft
2011-04-11/a>Jim ClausingApril 2011 Microsoft Black Tuesday Summary
2011-04-08/a>Johannes UllrichDark Black Tuesday Coming Up: 17 Microsoft Bulletins
2011-03-08/a>Jim ClausingMarch 2011 Microsoft Black Tuesday Summary
2011-02-09/a>Mark HofmanAdobe Patches (shockwave, Flash, Reader & Coldfusion)
2011-02-08/a>Joel EslerFeburary 2011 Microsoft Black Tuesday Summary
2011-02-04/a>Daniel WesemannBusy patch tuesday ahead
2011-01-18/a>Daniel WesemannOracle Patches (Jan2011 CPU)
2011-01-13/a>Rob VandenBrinkBlackberry BES Server Updates for PDF Vulnerabilities
2011-01-11/a>Kevin ShorttJanuary 2011 Microsoft Black Tuesday Summary
2011-01-08/a>Guy BruneauJanuary 2011 Patch Tuesday Pre-release
2010-12-20/a>Guy BruneauPatch Issues with Outlook 2007
2010-12-14/a>Manuel Humberto Santander PelaezDecember 2010 Microsoft Black Tuesday Summary
2010-12-10/a>Mark HofmanMicrosoft patches
2010-12-02/a>Kevin JohnsonSQL Injection: Wordpress 3.0.2 released
2010-12-02/a>Kevin JohnsonProFTPD distribution servers compromised
2010-11-29/a>Stephen HallSun security updates
2010-11-09/a>Johannes UllrichNovember 2010 Microsoft Black Tuesday Summary
2010-11-04/a>Johannes UllrichMicrosoft Patches Pre-Announcement
2010-10-12/a>Adrien de BeaupreOctober 2010 Microsoft Black Tuesday Summary
2010-10-08/a>Rick WannerPatch Tuesday Pre-release -- 16 updates
2010-09-30/a>Pedro BuenoMS OOB .NET patch is now also available via Windows Update.
2010-09-28/a>Daniel WesemannMS10-070 OOB Patch for ASP.NET vulnerability
2010-09-27/a>Adrien de BeaupreMS OOB patch tomorrow for Security Advisory 2416728
2010-09-14/a>Adrien de BeaupreSeptember 2010 Microsoft Black Tuesday Summary
2010-08-29/a>Swa FrantzenDLL hijacking - what are you doing ?
2010-08-10/a>Jason LamAdobe critical security updates
2010-08-10/a>Jim ClausingAugust 2010 Micrsoft Black Tuesday Summary
2010-08-07/a>Stephen HallCountdown to Tuesday...
2010-08-02/a>Johannes UllrichMicrosoft Out-of-Band bulletin addresses LNK/Shortcut vulnerability
2010-07-13/a>Jim ClausingJuly 2010 Microsoft Black Tuesday Summary
2010-06-08/a>Manuel Humberto Santander PelaezJune 2010 Microsoft Black Tuesday Summary
2010-06-03/a>Guy BruneauMicrosoft Patch Tuesday June 2010 Pre-Release
2010-05-11/a>Scott FendleyMay 2010 Microsoft Patches
2010-05-08/a>Guy BruneauMicrosoft Patch Tuesday May 2010 Pre-Release
2010-04-14/a>Mark HofmanOracle has released 47 critical patches (Includes SUN patches)
2010-04-14/a>Mark HofmanAnd let the patching games continue
2010-04-13/a>Johannes UllrichMicrosoft April 2010 Patch Tuesday
2010-04-08/a>Guy BruneauMicrosoft Patch Tuesday April 2010 Pre-Release
2010-04-02/a>Guy BruneauOracle Java SE and Java for Business Critical Patch Update Advisory
2010-03-29/a>Pedro BuenoMicrosoft to release out-of-band security bulletin tomorrow for IE6/IE7 with cumulative fix.
2010-03-29/a>Adrien de BeaupreOOB Update for Internet Explorer MS10-018
2010-03-09/a>John BambenekMarch 2010 - Microsoft Patch Tuesday Diary
2010-03-03/a>Mark HofmanMS10-015 re-released
2010-02-17/a>Rob VandenBrinkMultiple Security Updates for ESX 3.x and ESXi 3.x
2010-02-11/a>Johannes UllrichMS10-015 may cause Windows XP to blue screen
2010-02-09/a>Mark HofmanOracle has an unscheduled security alert and patch for CVE-2010-0073. The issue affects WebLogic Server and is remotely exploitable. Details and patch are here http://www.oracle.com/technology/deploy/security/alerts/alert-cve-2010-0073.html
2010-02-09/a>Johannes UllrichFebruary 2010 Black Tuesday Overview
2010-02-04/a>Johannes UllrichMicrosoft Patch Tuesday Pre-Release
2010-01-21/a>Chris CarboniSecurity Update Available for Shockwave Player
2010-01-21/a>Chris Carboni* Microsoft Out Of Band Patch Release
2010-01-21/a>Johannes UllrichMicrosoft January Out of Band Patch
2010-01-12/a>Johannes UllrichMicrosoft Security Bulletin: January 2010
2010-01-12/a>Johannes UllrichOracle Patches Relased
2010-01-12/a>Johannes UllrichPre-Announced Adobe Reader and Acrobat Patch Found!
2009-12-09/a>Swa FrantzenAdobe flash player and air patched
2009-12-08/a>Deborah HaleDecember 2009 Black Tuesday Overview
2009-12-03/a>Mark HofmanApple released some Java updates today APPLE-SA-2009-12-03-1 & 2 (for 10.5 and 10.6). Fixes a number of security issues so updating is a good idea.
2009-12-03/a>Mark HofmanNext week will be a big patch week - Adobe is also releasing patches "Adobe is planning to release an update for Adobe Flash Player 10.0.32.18 and earlier versions, and an update to Adobe AIR 1.5.2 and earlier versions, to resolve critical security issues
2009-11-21/a>Mark HofmanVMware vCenter and ESX updates available http://lists.vmware.com/pipermail/security-announce/2009/000070.html
2009-11-13/a>Adrien de BeaupreConficker patch via email?
2009-11-10/a>Swa FrantzenMicrosoft November Black Tuesday Overview
2009-10-28/a>Johannes UllrichFirefox 3.5.4 released. Lots of security bug fixes. (thanks Gilbert!)
2009-10-16/a>Adrien de BeaupreDisable MS09-054 patch, or Firefox Plugin?
2009-10-13/a>Johannes UllrichMicrosoft October 2009 Black Tuesday Overview
2009-10-13/a>Daniel WesemannAdobe Reader and Acrobat - Black Tuesday continues
2009-09-08/a>Guy BruneauMicrosoft September 2009 Black Tuesday Overview
2009-08-19/a>Daniel WesemannChecking your protection
2009-08-11/a>Swa FrantzenMicrosoft August 2009 Black Tuesday Overview
2009-07-31/a>Deborah HaleThe iPhone patch is out
2009-07-30/a>Mark HofmanHappy patching day
2009-07-28/a>Adrien de BeaupreMS released two OOB bulletins and an advisory
2009-07-24/a>Rick WannerMicrosoft Out of Band Patch
2009-07-14/a>Swa FrantzenMicrosoft July Black Tuesday Overview
2009-07-14/a>Swa FrantzenISC DHCP client updated
2009-07-14/a>Swa FrantzenOracle Black Tuesday
2009-07-02/a>Daniel WesemannUnpatched Bloatware on new PCs
2009-07-02/a>Daniel WesemannTime to update updating on PCs for 3rd party apps
2009-06-23/a>Bojan ZdrnjaNew Thunderbird out, patches couple of vulnerabilities
2009-06-09/a>Swa FrantzenMicrosoft June Black Tuesday Overview
2009-06-09/a>Swa FrantzenAdobe June Black Tuesday upgrades
2009-05-29/a>Lorna HutchesonBlackberry Server Vulnerability
2009-05-29/a>Lorna HutchesonVMWare Patches Released
2009-05-22/a>Mark HofmanPatching and Adobe
2009-05-22/a>Mark HofmanPatching and Apple - Java issue
2009-05-12/a>Swa FrantzenMSFT's version of responsible disclosure
2009-05-12/a>Swa FrantzenMay Black Tuesday Overview
2009-05-12/a>Swa FrantzenApple patches and updates
2009-05-12/a>Swa FrantzenAdobe Acrobat (reader) patches released
2009-04-14/a>Swa FrantzenApril Black Tuesday Overview
2009-04-14/a>Swa FrantzenOracle quarterly patches
2009-03-18/a>Adrien de BeaupreAdobe Security Bulletin Adobe Reader and Acrobat
2009-03-10/a>Swa FrantzenAdobe Acrobat 9.1 released
2009-03-10/a>Swa FrantzenMarch black Tuesday overview
2009-02-25/a>Andre LudwigAdobe flash player patch
2009-02-25/a>donald smithAutoRun disabling patch released
2009-02-10/a>Swa FrantzenFebruary Black Tuesday Overview
2009-02-06/a>Adrien de BeaupreTime to patch your HP printers
2009-02-06/a>Adrien de BeaupreOther patches and updates du jour...
2009-02-04/a>Daniel WesemannFirefox 3.0.6
2009-02-03/a>Swa FrantzenOn the importance of patching fast
2009-01-31/a>Swa FrantzenVMware updates
2009-01-13/a>Johannes UllrichJanuary Black Tuesday Overview
2008-12-17/a>donald smithOpera 9.6.3 released with security fixes
2008-12-17/a>donald smithInternet Explorer 960714 is released
2008-12-16/a>donald smithMicrosoft announces an out of band patch for IE zero day
2008-12-09/a>Swa FrantzenDecember Black Tuesday Overview
2008-11-11/a>Swa FrantzenNovember Black Tuesday Overview
2008-10-23/a>Mark HofmanMicrosoft out-of-band patch - Severity Critical
2008-10-21/a>Johannes UllrichWireshark 1.0.4 released
2008-10-14/a>Swa FrantzenOctober Black Tuesday Overview
2008-10-14/a>Swa FrantzenOracle quarterly patches on black tuesday
2008-09-29/a>Daniel WesemannPatchbag: WinZip / MPlayer / RealWin SCADA vuln
2008-09-09/a>Swa FrantzenGoogle Chrome being polished
2008-09-09/a>Swa FrantzenSeptember 2008 Black Tuesday Overview
2008-09-09/a>Swa FrantzenApple updates iTunes+QuickTime
2008-08-20/a>Adrien de BeaupreFrom the mailbag, Opera 9.52...
2008-08-12/a>Stephen HallAugust 2008 Black Tuesday Overview
2008-08-01/a>Swa FrantzenApple's Security Update 2008-005: DNS workaround finally included
2008-07-30/a>David GoldsmithSerious 0-Day Flaw in Oracle -- Patch Released
2008-07-16/a>Maarten Van HorenbeeckFirefox 2.0.0.16 fixes two security vulnerabilities
2008-07-15/a>Maarten Van HorenbeeckOracle (and BEA, Hyperion and TimesTen) critical patch update July 15th, 2008
2008-07-08/a>Swa FrantzenJuly 2008 black tuesday overview
2008-06-10/a>Swa FrantzenJune 2008 Black Tuesday Overview
2008-05-13/a>Swa FrantzenMay 2008 black tuesday overview
2008-05-05/a>John BambenekDefenses Against Automated Patch-Based Exploit Generation
2008-04-18/a>John BambenekThe Patch Window is Gone: Automated Patch-Based Exploit Generation
2008-04-09/a>Joel EslerISC Podcast Episode Number 2
2008-04-08/a>Swa FrantzenApril 2008 - Black Tuesday Overview
2008-04-08/a>Swa FrantzenNotes file viewer vulnerabilities
2008-03-11/a>Swa FrantzenMarch Black Tuesday Overview
2008-02-12/a>Swa FrantzenFebruary Black Tuesday Overview
2008-01-08/a>Swa FrantzenJanuary Black Tuesday overview
2007-12-11/a>Swa FrantzenDecember black tuesday overview
2007-11-13/a>Swa Frantzennovember black tuesday overview
2007-10-09/a>Swa FrantzenOctober Black Tuesday overview
2007-09-11/a>Swa FrantzenSeptember microsoft patch overview
2007-08-14/a>Swa FrantzenAugust 'Black Tuesday' overview
2007-07-10/a>Swa FrantzenJuly 'Black Tuesday' overview
2007-06-12/a>Johannes UllrichJune 2007, Microsoft Patch Tuesday Overview.
2007-05-08/a>Swa FrantzenMay 2007, Black Tuesday patch overview
2007-04-10/a>Swa FrantzenMicrosoft black Tuesday patches - April 2007
2007-04-03/a>Swa Frantzen* Microsoft out of cycle patch
2007-02-13/a>Swa FrantzenMicrosoft Black Tuesday patches - February 2007
2007-01-09/a>Swa FrantzenMicrosoft Patches - January 2007 - overview
2006-12-12/a>Swa FrantzenMicrosoft Black Tuesday - December 2006 overview
2006-12-12/a>Robert DanfordMS06-078: 2 Windows Media Format Vulnerabilities (CVE-2006-4702, CVE-2006-6134)
2006-12-12/a>Swa FrantzenOffline Microsoft Patching
2006-12-12/a>Swa FrantzenThe missing Microsoft patches
2006-11-14/a>Swa FrantzenMicrosoft Black Tuesday Overview
2006-10-09/a>Swa FrantzenMicrosoft black tuesday - October 2006 STATUS
2006-09-26/a>Jim ClausingMS06-049 re-release
2006-09-12/a>Swa FrantzenMicrosoft security patches for September 2006
2006-08-17/a>Swa FrantzenMicrosoft August 2006 Patches: STATUS