This month, there are seven bulletins, of which five are critical and two are important. Fortunately, none are currently under active attack, so that should set IT’s mind at ease as they begin to apply this set of patches.
Since 2012 is coming to an end, Paul Henry, security and forensic analyst, Lumension pulled together a quick look at the numbers year-over-year. In 2011, Microsoft had 100 bulletins for the calendar year, of which 34 were critical, 63 important and three moderate. In 2012, they reduced the number of bulletins by close to 20 percent, coming in at 83 bulletins for the year, of which 35 were critical, 46 important and two moderate. According to Henry, it’s great to see that Microsoft’s Secure Coding Initiative is paying off, reducing the number of vulnerabilities in their software, resulting in an easier time for IT at Patch Tuesday time.
Another trend that’s interesting to note is Microsoft’s consistency. When you look at the numbers in-depth, you can see that in 2011, there was a bit of yo-yo’ing going on with Patch Tuesday. For example, in January, there were two bulletins, while February had 12. March then went back down to three, but April went up to 17, while May went down to two and June back up to 16. IT might have felt like they had whiplash by the end of the year! In contrast, January of this year had seven, slight increase to nine in February, then six in both March and April, and seven in both May and June. In fact, only one month – September, at three – was lower than six or higher than nine. The degree of consistency makes it easier for IT to plan out the time and effort they’ll need to spend on Patch Tuesday each month.
With the holiday shopping season upon us, the FBI is warning consumers to be on the lookout for cyber scams and phishing attacks. ... More >>
So what is on the horizon for 2016? Most experts expect to see continued growth in mobile malware and even more security breaches, especially in the health care and financial industries. ... More >>
The new age of security technology will focus on solutions that speed up, automate and ideally combine phases of the typical security process. ... More >>