Software Patches

Patches And Updates Protects Computer Systems

by

Image of Lady Technician pointing at update progress bar on computer screen.

System patching is critical to the security of the software and hardware that make up computer systems. When vendors become aware of vulnerabilities in their products, like the recent discovery of multiple flaws in Apache’s Log4j logging library, they often issue patches to fix those vulnerabilities. Making sure that relevant patches are applied to the computer systems that are critical to your organization as soon as possible can keep your systems protected.

What are patches?

Patches are software and operating system (OS) updates that address security vulnerabilities within a program or product. Software vendors may choose to release updates to fix performance bugs, as well as to provide enhanced security features.

How do you find out what software updates you need to install?

When software updates become available, vendors usually put them on their websites for users to download. Some vendors like Microsoft, Apple, Google and Adobe, provide these updates or patches through an automated system. Install updates as soon as possible to protect your computer, phone, or other digital device against attackers who would take advantage of system vulnerabilities. Attackers may target vulnerabilities for months or even years after updates are available.

Read more

Share

Why Small Organizations Need Vulnerability Management

by

Computer with hard to read code, stressing the need for vulnerability management.

The US Cyber Security Agency (CISA) recently released an Emergency Directive and Activity Alert addressing critical vulnerabilities affecting Microsoft Windows and Windows Remote Desktop Protocol (RDP). Vulnerability management can help organizations get a handle on such vulnerabilities.

Consequently, Microsoft released fixes for 50 security vulnerabilities in the Windows operating system, creating yet another scramble by IT professionals to patch their computer systems.

Part of what Microsoft fixed in the updates released was what is regarded as a major crypto-spoofing bug that affected Windows 10 users.

A key point is to realize that this particular vulnerability could allow a cyber criminal or hacker to spoof a code-signing certificate, vital to validating executable programs in Windows, and make it appear as if an application was from a trusted source.

Keep in mind that in technology terms, spoofing is defined as a fraudulent or malicious practice in which communication is sent from an unknown source disguised as a source known to the receiver.

To put it another way, when this vulnerability is exploited and code-signing certificates are spoofed, the operating system will find it difficult to tell the difference between malware and Microsoft software.

Read more

Share

Prevent Downtime, Keep Cyber Thieves At Bay, and Prepare For Disaster

by

How Organizations Can Prevent Downtime And Ensure That Even If Cyber Thieves Keep A-Knockin’, They Can’t Come In

Image of icons of security shield, bug prevention, and secure laptop

Small businesses and organizations in Round Rock, Texas and surrounding cities can prevent downtime, keep cyber thieves at bay, and prepare for disaster by implementing simple backup and disaster recovery strategies.

A study presented at the International Conference on Dependable Systems and Networks showed that small-business networks are attacked every 39 seconds by some type of hacker or malicious software. Thankfully, having the proper firewall and office network security tools can prevent even the most determined cyber hacker from getting his hands on your network. Are your systems covered?

Does your organization have someone looking after the network who knows what they’re doing? Or is the IT position assigned to the so-called “Accidental IT Person” – an ad hoc position taken on by whoever knows the most about computers? The danger  of not being able to prevent downtime here is that if this person has a full-time job, perhaps as the office manager, or graphic designer, they won’t necessarily be keeping everything locked down and updated.

A good way to prevent downtime is to have a dedicated IT person on staff, or outsource the task to a local computer service company. By leveraging an IT services provider, you will have access to a team of qualified experts.

Read more

Share

The DigiNotar Breach: Another Exposure of Negligence

by

In case you have not heard, another SSL Certificate provider, Dutch certificate authority DigiNotar, a subsidiary of Vasco Data Security, was breached recently and from the preliminary report coming from the company that did an audit, it looks pretty bad.

Some of the names in the list of bogus certificates generated by the attackers include Comodo, Google, Thawte, Microsoft, Mozilla, WindoswUpdate, WordPress’ MI6, the CIA, Facebook and Twitter.

Read more

Share

How To Fix Windows Update Error 0x80070424

by

When you run the Windows Update service, you may sometimes discover that you are not able to install any windows updates or even use the windows update website. Instead, you get a message like:

The website has encountered a problem and cannot display the page you are trying to view. The options provided below might help you solve the problem

Then there is an error code 0x80070424. It could also show up as error 80070424.

This could be a symptom of one or more of the following problems:

Read more

Share

How to Fix Windows 7 update error code 8007000D

by

Recently, I have been having all kinds of problems with Windows update, especially after the release of Windows 7 SP1. One of the frustrating things about Windows errors is the silly “Get help with this error” message that tells you absolutely nothing about how to fix the errors. Rants aside, here’s how to fix one of those cryptic errors, specifically error code 8007000D also represented by its hex variant 0x8007000D.

Read more

Share
Share
Share