Microsoft Patch Tuesday and patch management

Patch management can be a full-time job by itself. Get advice on how to install a security patch, patch deployment, tools, and policy. Also get the latest news on Microsoft Patch Tuesday and vulnerabilities and security patch management updates from other major software vendors .

Top Stories

News 12 Jan 2022
Exchange Server woes continue on January Patch Tuesday

Exchange Server admins who had to cope with a Y2K22 error to start the new year have three more vulnerabilities of varying levels of severity to resolve for Patch Tuesday. Continue Reading
By
- Tom Walat, Editor
News 10 Nov 2021
Exchange zero-day corrected on November Patch Tuesday

Microsoft released a security update to shut down a publicly exploited vulnerability in the beleaguered on-premises messaging platform. Continue Reading
By
- Tom Walat, Editor

News 06 May 2016
Commercial code riddled with open source vulnerabilities

Roundup: Customers, vendors both unaware of unpatched open source vulnerabilities in commercial software. Plus OpenSSL patches, warrantless wiretaps and more. Continue Reading
By
- Peter Loshin, Former Senior Technology Editor
Answer 01 Mar 2016
Outdated apps: What are the best ways to address them?

Dead and outdated apps can pose serious security risks for enterprises. Expert Nick Lewis explains how to find and remove dead apps before they become a problem. Continue Reading
By
- Nick Lewis
Tip 12 Oct 2015
Getting to the bottom of the software vulnerability disclosure debate

The vulnerability disclosure debate rages on: Enterprises should know they are at risk, but vendors need time to patch flaws. Which side should prevail? Expert Michael Cobb discusses. Continue Reading
By
- Michael Cobb
Tip 06 Feb 2015
SSL/TLS security: Addressing WinShock, the Schannel vulnerability

Schannel is the latest cryptographic library to encounter SSL/TLS security issues. Expert Michael Cobb discusses the WinShock vulnerability and how to mitigate enterprise risks. Continue Reading
By
- Michael Cobb
Tip 13 Jan 2015
Lessons learned: Network security implications of Shellshock

Shellshock had a tremendous impact on network security, affecting many popular vendors and products. Expert Kevin Beaver discusses what Shellshock means to network security, and the lessons that can be learned from the vulnerability. Continue Reading
By
- Kevin Beaver, Principle Logic, LLC
Answer 18 Nov 2014
How vulnerable is Silverlight security?

Microsoft Silverlight has been in the spotlight due to an increase in the number of exploit kits it is included in. Expert Nick Lewis explains the threat's severity and how to mitigate it. Continue Reading
By
- Nick Lewis
Tip 23 Sep 2009
Determine your Microsoft Windows patch level

A handful of patch management tools from Microsoft and third -parties can help your organization determine your Windows patch level and identify missing security patches. Continue Reading
By
- Tony Bradley, Bradley Strategy Group
Tip 17 Jan 2008
Developing a patch management policy for third-party applications

Enterprises may push the latest critical Windows patches once a month, but here's a dirty little secret: Most organizations don't bother patching their third-party applications. The diversity of client-side software -- including everything from Acrobat Reader to iTunes -- complicates matters, but security professionals shouldn't lose hope. Effective patch management for third-party products is possible, and contributor Ed Skoudis has the tools to do it. Continue Reading
By
- Ed Skoudis, SANS Technology Institute