Monthly Archives: February 2016
- February 8th, 2016
Last week saw the launch of the latest Microsoft Vulnerabilities Report, Avecto’s leading research project into the security bulletins issued by the software giant over the past 12 months. Now in its third year, the report has consistently provided intriguing insight into today’s threat landscape, the common attack vectors and the products within the Microsoft portfolio that cause IT departments the most sleepless nights.
- February 4th, 2016
Sometimes when you’re involved in developing software, a developer offers you a feature or an option “for free”. Most typically, this is part of a framework, plugin, or library that offers this functionality anyway: they view it as easier to leave in than to take out.
- February 3rd, 2016
“We’ve done it!” – The majority of your users have admin rights removed, meaning your environment is far more secure than it was before and you’ve successfully mitigated 85% of critical vulnerabilities in Windows. But are you as secure as you think? A surprisingly common pitfall that we come across in the support team are those who, either intentionally or unwittingly, elevate everything. Everything.
- February 2nd, 2016
Now in its third year, the 2015 Microsoft Vulnerabilities Report analyses the data from Security Bulletins issued by Microsoft throughout 2015. Typically issued on the second Tuesday of each month, these “Patch Tuesday” bulletins contain fixes for vulnerabilities affecting Microsoft products. With the launch of Windows 10, this approach changed slightly, with patches being released as soon as they are available.
- February 1st, 2016
In a previous blog I discussed why it is important to focus on the endpoint first when it comes to security. This generated some really interesting discussions with people arguing the case for product X and Y or asking “what about detection on the endpoint?”