Connecticut State Colleges & Universities
IT Support Center

Alerts

NOTE: The indicates the entry has been posted within the last 30 days.

10/16/2017: Microsoft has released new security patch for a wireless WPA-2 vulnerability. This vulnerability can allow an attacker to view encrypted information over a wireless connection. Sans info is available here. The official Microsoft notification is available here.

10/16/2017: Adobe has released new security updates for Flash Player. This supplies a fix for a vulnerability that is active in the wild and should be patched ASAP. The new Flash version is 27.0.0.170. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11.

10/10/2017: Microsoft has released this month's security bulletin. There are many updates that affect server and client components. Sans info is available here. The official Microsoft notification is available here.

9/28/2017: Mozilla has announced a new release for Firefox ESR version 52.4. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 56.0.

9/21/2017: Google has released a new stable release version of the Chrome browser 61.0.3163.100. There are a number of security fixes in this release. Chrome release info is available here.

9/19/2017: Apple has released many security patches for multiple products. iOS (11.0), Safari (version 11). Apple Security Updates will be available here. These updates can be applied through Apple updates or Apple downloads.

9/13/2017: Microsoft has released this month's security bulletin. There are many updates that affect server and client components. Sans info is available here. The official Microsoft notification is available here.

9/13/2017: Adobe has released new security updates for Flash Player. The new Flash version is 27.0.0.130. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11.

9/5/2017: Google has released a new stable release version of the Chrome browser 61.0.3163.79. There are a number of security fixes in this release. Chrome release info is available here.

8/24/2017: Google has released a new stable release version of the Chrome browser 60.0.3112.113. There are a number of security fixes in this release. Chrome release info is available here.

8/14/2017: Google has released a new stable release version of the Chrome browser 60.0.3112.101. There are a number of security fixes in this release. Chrome release info is available here.

8/8/2017: Mozilla has announced a new release for Firefox ESR version 52.3. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 55.0.

8/8/2017: Adobe has released new security updates for Reader/Acrobat. The new version is 2017.011.30059. Security notices for all Adobe products is available here.

8/8/2017: Adobe has released new security updates for Flash Player. The new Flash version is 26.0.0.151. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11.

8/8/2017: Microsoft has released this month's security bulletin. There are many updates that affect server and client components. Sans info is available here. The official Microsoft notification is available here.

8/4/2017: Google has released a new stable release version of the Chrome browser 60.0.3112.90. There are a number of security fixes in this release. Chrome release info is available here.

7/25/2017: Google has released a new stable release version of the Chrome browser 60.0.3112.78. There are a number of security fixes in this release. Chrome release info is available here.

7/19/2017: Apple has released many security patches for multiple products. OSX ( Yosemite(10.10.6), El Capitan(10.11.7) and Sierra(10.12.6)), iOS (10.3.3), Safari (version 10.1.2). Apple Security Updates will be available here. These updates can be applied through Apple updates or Apple downloads.

7/18/2017: Oracle has announced a new quarterly Critical Patch Update. This includes updates for many Oracle products. A new release for Java 8u144 will be tested for Banner & Blackboard compatibility. There are also updates for many products such as Databases, Sun Solaris, PeopleSoft, Middleware products and MySql.

7/11/2017: Microsoft has released this month's security bulletin. There are many updates that affect server and client components. Sans info is available here. The official Microsoft notification is available here.

7/11/2017: Adobe has released new security updates for Flash Player. The new Flash version is 26.0.0.137. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11.

6/15/2017: Google has released a new stable release version of the Chrome browser 59.0.3071.104. There are a number of security fixes in this release. Chrome release info is available here.

6/14/2017: Mozilla has announced a new release for Firefox ESR version 52.2. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 54.0.

6/13/2017: Microsoft has released this month's security bulletin. There are many updates that affect server and client components. Sans info is available here. The official Microsoft notification is available here.

6/13/2017: Adobe has released new security updates for Flash Player. The new Flash version is 26.0.0.126. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11.

6/13/2017: Adobe has released new security updates for Shockwave Player. The new Shockwave Player version is 12.2.9.199.

6/6/2017: Google has released a new stable release version of the Chrome browser 59.0.3071.86. There are a number of security fixes in this release. Chrome release info is available here.

5/16/2017: Apple has released many security patches for multiple products. OSX ( 10.10.6, 10.11.7 and 10.12.5), iOS (10.3.2), Safari (version 10.1.1). Apple Security Updates will be available here. These updates can be applied through Apple updates or Apple downloads.

5/10/2017: Google has released a new stable release version of the Chrome browser 58.0.3029.110. There are a number of security fixes in this release. Chrome release info is available here.

5/9/2017: Microsoft has released this month's security bulletin. There are many updates that affect server and client components. Sans info is available here. The official Microsoft notification is available here.

5/9/2017: Adobe has released new security updates for Flash Player. The new Flash version is 25.0.0.171. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11.

4/24/2017: Oracle has announced a new quarterly Critical Patch Update. This includes updates for many Oracle products. A new release for Java 8u131 will be tested for Banner & Blackboard compatibility. There are also updates for many products such as Databases, Sun Solaris, PeopleSoft, Middleware products and MySql.

4/20/2017: Google has released a new stable release version of the Chrome browser 58.0.3029.81. There are a number of security fixes in this release. Chrome release info is available here.

4/20/2017: Mozilla has announced a new release for Firefox ESR version 45.9. There is an update of the next version 52.1. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 53.0.

4/12/2017: Microsoft has released this month's security bulletin. There are many updates that affect server and client components. Sans info is available here. The official Microsoft notification is available here.

4/11/2017: Adobe has released new security updates for Reader/Acrobat. The new version is 15.023.20053. Security notices for all Adobe products is available here.

4/11/2017: Adobe has released new security updates for Flash Player. The new Flash version is 2015.006.30306. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11.

3/30/2017: Google has released a new stable release version of the Chrome browser 57.0.2987.133. There are a number of security fixes in this release. Chrome release info is available here.

3/28/2017: Apple has released many security patches for multiple products. OSX ( 10.10, 10.11 and 10.12), iOS (10.3), Safari (version 10.1). Apple Security Updates will be available here. These updates can be applied through Apple updates or Apple downloads.

3/15/2017: Adobe has released new security updates for Shockwave Player. The new Shockwave Player version is 12.8.198.

3/15/2017: Adobe has released new security updates for Flash Player. The new Flash version is 25.0.0.127. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11.

3/15/2017: Microsoft has released this month's security bulletin. There are eighteen updates that affect server and client components. Seven of these are rated as critical. Sans info is available here. The official Microsoft notification is available here.

3/9/2017: Google has released a new stable release version of the Chrome browser 57.0.2987.98. There are a number of security fixes in this release. Chrome release info is available here.

3/7/2017: Mozilla has announced a new release for Firefox ESR version 45.8. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 52.0.

2/21/2017: Microsoft has released the patch update for Adobe Flash Player. This patch is included in the IE 10/11 and Edge browsers. This is considered critical patch for remote code execution. The official Microsoft notification is available here.

2/14/2017: Microsoft has delayed this months security patch release. The official Microsoft notification is available here.

2/14/2017: Adobe has released new security updates for Flash Player. The new Flash version is 24.0.0.221. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11.

1/26/2017: Mozilla has announced a new release for Firefox ESR version 45.7. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 53.0.

1/26/2017: Google has released a new stable release version of the Chrome browser 56.0.2924.76 There are a number of security fixes in this release. Chrome release info is available here.

1/23/2017: Apple has released many security patches for multiple products. OSX ( 10.10, 10.11 and 10.12), iOS (10.2.1), Safari (version 10.0.3). Apple Security Updates will be available here. These updates can be applied through Apple updates or Apple downloads.

1/18/2017: Oracle has announced a new quarterly Critical Patch Update. This includes updates for many Oracle products. A new release for Java 8u121 will be tested for Banner & Blackboard compatibility. There are also updates for many products such as Databases, Sun Solaris, PeopleSoft, Middleware products and MySql.

1/10/2017: Adobe has released new security updates for Reader/Acrobat. The new version is 15.023.20053. Security notices for all Adobe products is available here.

1/10/2017: Adobe has released new security updates for Flash Player. The new Flash version is 24.0.0.194. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11.

1/10/2017: Microsoft has released this month's security bulletin. There are four updates that affect server and client components. Two of these are rated as critical. Sans info is available here. The official Microsoft notification is available here.

12/14/2016: Mozilla has announced a new release for Firefox ESR version 45.6. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 51.0.

12/13/2016: Microsoft has released this month's security bulletin. There are twelve updates that affect server and client components. Six of these are rated as critical. Three of these have active exploits and should be patched as soon as possible. Sans info is available here. The official Microsoft notification is available here.

12/13/2016: Adobe has released new security update for Flash Player. The new Flash version is 24.0.0.186. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11.

12/13/2016: Apple has released many security patches for multiple products. OSX ( 10.10, 10.11 and 10.12), iOS (10.2), Safari (version 10.0.2). Apple Security Updates will be available here. These updates can be applied through Apple updates or Apple downloads.

12/2/2016: Google has released a new stable release version of the Chrome browser 55.0.2883.75 There are a number of security fixes in this release. Chrome release info is available here.

11/30/2016: Mozilla has announced a new release for Firefox ESR version 45.5.1. This is a special release to fix a vulnerability that can allow a remote attacker to take control of a system. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 50.0.2.

11/16/2016: Mozilla has announced a new release for Firefox ESR version 45.5. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 50.0.

11/10/2016: Google has released a new stable release version of the Chrome browser 54.0.2840.100 There are a number of security fixes in this release. Chrome release info is available here.

11/8/2016: Microsoft has released this month's security bulletin. There are fourteen updates that affect server and client components. Six of these are rated as critical. Sans info is available here. The official Microsoft notification is available here.

11/8/2016: Adobe has released new security update for Flash Player. The new Flash version is 23.0.0.207. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11.

10/26/2016: Adobe has released new critical security update for Flash Player. The new Flash version is 23.0.0.205. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11.

10/25/2016: Apple has released many security patches for multiple products. OSX ( 10.10, 10.11 and 10.12), iOS (10.1), Safari (version 10.0.1). Apple Security Updates will be available here. These updates can be applied through Apple updates or Apple downloads.

10/18/2016: Oracle has announced a new quarterly Critical Patch Update. This includes updates for many Oracle products. A new release for Java 8u111 will be tested for Banner & Blackboard compatibility. There are also updates for many products such as Databases, Sun Solaris, PeopleSoft, Middleware products and MySql.

10/12/2016: Adobe has released new security updates for Reader/Acrobat. The new version is 15.020.20039. Security notices for all Adobe products is available here.

10/12/2016: Adobe has released new security updates for Flash Player. The new Flash version is 23.0.0.185. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11.

10/12/2016: Microsoft has released this month's security bulletin. There are ten updates that affect server and client components. Five of these are rated as critical. Sans info is available here. The official Microsoft notification is available here.

10/6/2016: Google has released a new stable release version of the Chrome browser 55.0.2882.4. There are a number of security fixes in this release. Chrome release info is available here.

9/29/2016: Google has released a new stable release version of the Chrome browser 53.0.2785.143. There are a number of security fixes in this release. Chrome release info is available here.

9/20/2016: Apple has released many security patches for supporting the new OS Sierra. OSX ( 10.12), iOS (10.0.2), Safari (version 10). Apple Security Updates will be available here. These updates can be applied through Apple updates or Apple downloads.

9/13/2016: Adobe has released new security updates for Flash Player. The new Flash version is 23.0.0.162. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11.

9/13/2016: Microsoft has released this month's security bulletin. There are fourteen updates that affect server and client components. Seven of these are rated as critical. Sans info is available here. The official Microsoft notification is available here.

9/1/2016: Apple has released many security patches for multiple products. OSX ( 10.10 and 10.11), iOS (9.3.5), Safari (version 9.1.3). Apple Security Updates will be available here. These updates can be applied through Apple updates or Apple downloads.

8/31/2016: Google has released a new stable release version of the Chrome browser 53.0.2785.89. There are a number of security fixes in this release. Chrome release info is available here.

8/9/2016: Microsoft has released this month's security bulletin. There are nine updates that affect server and client components. Five of these are rated as critical. Sans info is available here. The official Microsoft notification is available here.

8/4/2016: Mozilla has announced a new release for Firefox ESR version 45.3. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 48.0.

7/22/2016: Google has released a new stable release version of the Chrome browser 53.0.2785.23. There are a number of security fixes in this release. Chrome release info is available here.

7/20/2016: Oracle has announced a new quarterly Critical Patch Update. This includes updates for many Oracle products. A new release for Java 8u101 will be tested for Banner & Blackboard compatibility. There are also updates for many products such as Databases, Sun Solaris, PeopleSoft, Middleware products and MySql.

7/19/2016: Apple has released many security patches for multiple products. OSX ( 10.9, 10.10 and 10.11), iOS (9.3.3), Safari (version 9.1.2). Apple Security Updates will be available here. These updates can be applied through Apple updates or Apple downloads.

7/12/2016: Oracle is scheduled to release a new quarterly Critical Patch Update on July 19, 2016.

7/12/2016: Adobe has released new security updates for Reader/Acrobat. The new version is 15.017.20050. Security notices for all Adobe products is available here.

7/12/2016: Adobe has released new security updates for Flash Player. The new Flash version is 22.0.0.209. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11.

7/12/2016: Microsoft has released this month's security bulletin. There are eleven updates that affect server and client components. Six of these are rated as critical. Sans info is available here. The official Microsoft notification is available here.

6/17/2016: Adobe has released new security updates for Flash Player. The new Flash version is 22.0.0.192. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11.

6/14/2016: Microsoft has released this month's security bulletin. There are sixteen updates that affect server and client components. Five of these are rated as critical. Sans info is available here. The official Microsoft notification is available here.

6/7/2016: Mozilla has announced a new release for Firefox ESR version 45.2. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. This is part of a major release of the ESR version (45.x) and may need extra testing. There is also a new personal version of Firefox 47.0.

6/3/2016: Google has released a new stable release version of the Chrome browser 51.0.2704.79. There are a number of security fixes in this release. Chrome release info is available here.

5/16/2016: Apple has released many security patches for multiple products. OSX ( 10.9, 10.10 and 10.11), iOS (9.3.2), Safari (version 9.1.1). Apple Security Updates will be available here. These updates can be applied through Apple updates or Apple downloads.

5/12/2016: Adobe has released new security updates for Flash Player. The new Flash version is 21.0.0.242. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11.

5/12/2016: Google has released a new stable release version of the Chrome browser 50.0.2661.102. There are a number of security fixes in this release. Chrome release info is available here.

5/10/2016: Microsoft has released this month's security bulletin. There are sixteen updates that affect server and client components. Eight of these are rated as critical. One of these has known exploits and should be patched as soon as possible. Sans info is available here. The official Microsoft notification is available here.

5/10/2016: Adobe has released new security updates for Reader/Acrobat. The new version is 15.016.20039. Security notices for all Adobe products is available here. There will also be a new release for the Flash Player released this week.

4/28/2016: Google has released a new stable release version of the Chrome browser 50.0.2661.94. There are a number of security fixes in this release. Chrome release info is available here.

4/26/2016: Mozilla has announced a new release for Firefox ESR version 38.8. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. The next major release of the ESR version (45.1) is also available for testing.  There is also a new personal version of Firefox 46.0.

4/20/2016: Oracle has announced a new quarterly Critical Patch Update. This includes updates for many Oracle products. A new release for Java 8u91/92 will be tested for Banner & Blackboard compatibility. There are also updates for many products such as Databases, Sun Solaris, PeopleSoft, Middleware products and MySql.

4/15/2016: Apple has announced that they are no longer providing Quicktime security updates for the windows platform. There are also new vulnerabilities announced that can be used to exploit the system. Quicktime should be removed from all systems to avoid any exploitation. US-Cert. TrendMicro.

4/14/2016: Google has released a new stable release version of the Chrome browser 50.0.2661.75. There are a number of security fixes in this release. Chrome release info is available here.

4/12/2016: Microsoft has released this month's security bulletin. There are thirteen updates that affect server and client components. Six of these are rated as critical. One of these has known exploits and should be patched as soon as possible. Sans info is available here. The official Microsoft notification is available here.

4/8/2016: Adobe has released new out of band security update for Flash Player for exploits that are currently active. The new Flash version is 21.0.0.213. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11.

3/28/2016: Google has released a new stable release version of the Chrome browser 49.0.2623.110. There are a number of security fixes in this release. Chrome release info is available here.

3/22/2016: Apple has released many security patches for multiple products. OSX ( 10.9, 10.10 and 10.11), iOS (9.3), Safari (version 9.1). Apple Security Updates will be available here. These updates can be applied through Apple updates or Apple downloads.

3/11/2016: Adobe has released new security updates for Flash Player. The new Flash version is 21.0.0.182. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11.

3/9/2016: Microsoft has released this month's security bulletin. There are thirteen updates that affect server and client components. Five of these are rated as critical. Sans info is available here. The official Microsoft notification is available here.

3/9/2016: Google has released a new stable release version of the Chrome browser 49.0.2623.87. There are a number of security fixes in this release. Chrome release info is available here.

3/9/2016: Adobe has released new security updates for Reader/Acrobat. The new version is 15.010.20060. Security notices for all Adobe products is available here.

3/9/2016: Mozilla has announced a new release for Firefox ESR version 38.7. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 45.0.

3/2/2016: Google has released a new stable release version of the Chrome browser 49.0.2623.75. There are a number of security fixes in this release. Chrome release info is available here.

2/10/2016: Oracle has announced a new security alert for Java. All machines should be updated to this new 8u74 version.

2/9/2016: Google has released a new stable release version of the Chrome browser 48.0.2564.109. There are a number of security fixes including a new flash version in this release. Chrome release info is available here.

2/9/2016: Adobe has released new security updates for Flash Player. The new Flash version is 20.0.0.306. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11.

2/9/2016: Microsoft has released this month's security bulletin. There are twelve updates that affect server and client components. Six of these are rated as critical. Sans info is available here. The official Microsoft notification is available here.

2/3/2016: Google has released a new stable release version of the Chrome browser 48.0.2564.103. There are a number of security fixes including a new flash version in this release. Chrome release info is available here.

1/27/2016: Mozilla has announced a new release for Firefox ESR version 38.6. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 44.0.

1/20/2016: Oracle has announced a new quarterly Critical Patch Update. This includes updates for many Oracle products. A new release for Java 8u71 will be tested for Banner & Blackboard compatibility. There are also updates for many products such as Databases, Sun Solaris, PeopleSoft, Middleware products and MySql.

1/20/2016: Google has released a new stable release version of the Chrome browser 48.0.2564.82. There are a number of security fixes including a new flash version in this release. Chrome release info is available here.

1/19/2016: Apple has released many security patches for multiple products. OSX ( 10.9, 10.10 and 10.11), iOS (9.2.1), Safari (version 9.0.3). Apple Security Updates will be available here. These updates can be applied through Apple updates or Apple downloads.

1/14/2016: Google has released a new stable release version of the Chrome browser 47.0.2526.111. There are a number of security fixes including a new flash version in this release. Chrome release info is available here.

1/12/2016: Microsoft has released this month's security bulletin. There are ten updates that affect server and client components. Seven of these are rated critical. Sans info is available here. The official Microsoft notification is available here.

1/12/2016: Adobe has released new security updates for Reader/Acrobat. The new version is 15.010.20056. Security notices for all Adobe products is available here.

12/28/2015: Adobe has released new security updates for Flash Player. The new Flash version is 20.0.0.267. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11.

12/8/2015: Microsoft has released this month's security bulletin. There are twelve updates that affect server and client components. Eight of these are rated critical. Sans info is available here. The official Microsoft notification is available here.

12/8/2015: Adobe has released new security updates for Flash Player. The new Flash version is 20.0.0.228. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11.

12/8/2015: Google has released a new stable release version of the Chrome browser 47.0.2526.80. There are a number of security fixes including a new flash version in this release. Chrome release info is available here.

12/8/2015: Apple has released many security patches for multiple products. OSX ( 10.9, 10.10 and 10.11), iOS (9.2), Safari (version 9.0.2). Apple Security Updates will be available here. These updates can be applied through Apple updates or Apple downloads.

12/1/2015: Google has released a new stable release version of the Chrome browser 47.0.2526.73. There are a number of security fixes in this release. Chrome release info is available here.

11/10/2015: Google has released a new stable release version of the Chrome browser 46.0.2490.86. There are a number of security fixes in this release. Chrome release info is available here.

11/10/2015: Microsoft has released this month's security bulletin. There are twelve updates that affect server and client components. Four of these are rated critical. Sans info is available here. The official Microsoft notification is available here.

11/10/2015: Adobe has released new security updates for Flash Player. The new Flash version is 19.0.0.245. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11.

10/27/2015: Adobe has released new security updates for Shockwave Player. The new version is 12.2.1.171. Security notices for all Adobe products is available here.

10/22/2015: Google has released a new stable release version of the Chrome browser 46.0.2490.80. There are a number of security fixes in this release. Chrome release info is available here.

10/21/2015: Apple has released many security patches for multiple products. OSX ( 10.9, 10.10 and 10.11), iOS (9.1), Safari (version 9.0.1). Apple Security Updates will be available here. These updates can be applied through Apple updates or Apple downloads.

10/20/2015: Oracle has announced a new quarterly Critical Patch Update. This includes updates for many Oracle products. A new release for Java 8u65 will be tested for Banner & Blackboard compatibility. There are also updates for many products such as Databases, Sun Solaris, PeopleSoft, Middleware products and MySql.

10/16/2015: Adobe has released new security updates for Flash Player. The new Flash version is 19.0.0.226. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11.

10/13/2015: Google has released a new stable release version of the Chrome browser 46.0.2490.71. There are a number of security fixes in this release. Chrome release info is available here.

10/13/2015: Microsoft has released this month's security bulletin. There are six updates that affect server and client components. Three of these are rated critical. Sans info is available here. The official Microsoft notification is available here.

10/13/2015: Adobe has released new security updates for Flash Player, and Reader/Acrobat. The new Flash version is 19.0.0.207. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. The new Reader/Acrobat version is 11.0.13. The link to the Adobe security blogs bulletin is available here.

9/22/2015: Mozilla has announced a new release for Firefox ESR version 38.3. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 41.0.

9/21/2015: Google has released a new stable release version of the Chrome browser 45.0.2454.99. There are a number of security fixes in this release. Chrome release info is available here.

9/21/2015: Adobe has released new security updates for Flash Player. The new Flash version is 19.0.0.185. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11.

9/8/2015: Adobe has released new security updates for Shockwave Player. The new Shockwave Player version is 12.2.0.162.

9/8/2015: Microsoft has released this month's security bulletin. There are twelve updates that affect server and client components. Five of these are rated critical. Sans info is available here. The official Microsoft notification is available here.

9/1/2015: Google has released a new stable release version of the Chrome browser 45.0.2454.85. There are a number of security fixes in this release. Chrome release info is available here.

8/19/2015: Microsoft has released an out of band patch for Internet Explorer. This fixes a vulnerability that can allow an attacker to take over a machine by visiting a specially crafted web page. All versions of Internet Explorer 7 - 11 are vulnerable and should be patched as soon as possible. Sans info is available here. The official Microsoft notification is available here.

8/13/2015: Apple has released many security patches for multiple products. OSX (10.8, 10.9 and 10.10), iOS (8.4.1), Safari (version 8.0.8, 7.1.8 and 6.2.8) and OS X Server (version 4.1.5). Apple Security Updates will be available here. These updates can be applied through Apple updates or Apple downloads.

8/12/2015: Java version 8u51 has been tested and approved for use with Banner & Blackboard. This can now be deployed to all machines. More info is available on the Client Software page.

8/11/2015: Mozilla has announced a new release for Firefox ESR version 38.2. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 40.0.

8/11/2015: Google has released a new stable release version of the Chrome browser 44.0.2403.155. There are a number of security fixes in this release. Chrome release info is available here.

8/11/2015: Adobe has released new security updates for Flash Player. The new Flash version is 18.0.0.232. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11.

8/11/2015: Microsoft has released this month's security bulletin. There are fourteen updates that affect server and client components. Four of these are rated critical. Sans info is available here. The official Microsoft notification is available here.

8/10/2015: Mozilla has announced a new release for Firefox ESR version 38.1.1. This release includes a critical update that is actively being exploited. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 39.0.3.

7/24/2015: Google has released a new stable release version of the Chrome browser 44.0.2403.107. There are a number of security fixes in this release. Chrome release info is available here.

7/21/2015: Google has released a new stable release version of the Chrome browser 44.0.2403.89. There are a number of security fixes in this release. Chrome release info is available here.

7/20/2015: Microsoft has released an out of band security bulletin for MS15-078. This is for a critical vulnerability in the Font Driver that can allow remote code execution. Sans info is available here. The official Microsoft notification is available here.

7/14/2015: Microsoft has released this month's security bulletin. There are fourteen updates that affect server and client components. Four of these are rated critical. Sans info is available here. The official Microsoft notification is available here. Note that with this release Windows 2003 servers are at end of support and will no longer receive updates. These servers should be upgraded or replaced.

7/14/2015: Oracle has announced the new quarterly Critical Patch Update. This includes for many Oracle products. A new release for Java 8u51 will be tested for Banner & Blackboard compatibility. There are also updates for many products such as Database Servers, Sun Solaris, PeopleSoft, Middleware products and MySql.

7/14/2015: Google has released a new stable release version of the Chrome browser 43.0.2357.134. There are a number of security fixes in this release. Chrome release info is available here.

7/14/2015: Adobe has released new security updates for Flash Player, Shockwave Player and Reader/Acrobat. The new Flash version is 18.0.0.209. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. The new Reader/Acrobat version is 11.0.12.The new Shockwave Player version is 121.9.159. The link to the Adobe security blogs bulletin is available here.

7/8/2015: Adobe has released new Out Of Band security update for Flash Player. There are exploits in the wild that use this vulnerability. The new Flash version is 18.0.0.203. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. The link to the Adobe security blogs bulletin is available here.

6/30/2015: Apple has released many security patches for multiple products. OSX (10.8, 10.9 and 10.10),iOS (8.4), Safari (version 8.0.7, 7.1.7 and 6.2.7), iTunes (version 12.2) and QuickTime (version 7.7.7). Apple Security Updates will be available here. These updates can be applied through Apple updates or Apple downloads.

6/23/2015: Google has released a new stable release version of the Chrome browser 43.0.2357.130. There are a number of security fixes in this release. Chrome release info is available here.

6/23/2015: Adobe has released new Out Of Band security update for Flash Player. There are exploits in the wild that use this vulnerability. The new Flash version is 18.0.0.194. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. The link to the Adobe security blogs bulletin is available here.

6/9/2015: Microsoft has released this month's security bulletin. There are eight updates that affect server and client components. Three of these are rated critical. Sans info is available here. The official Microsoft notification is available here.

6/9/2015: Adobe has released new security updates for Flash Player. The new Flash version is 18.0.0.160. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. The link to the Adobe security blogs bulletin is available here.

6/9/2015: Google has released a new stable release version of the Chrome browser 43.0.2357.124. There are a number of security fixes in this release. Chrome release info is available here.

5/20/2015: Google has released a new stable release version of the Chrome browser 43.0.2357.65. There are a number of security fixes in this release. Chrome release info is available here.

5/18/2015: Java version 8u45 has been tested and approved for use with Banner & Blackboard. This can now be deployed to all machines. More info is available on the Client Software page.

5/12/2015: Mozilla has announced a new release for Firefox ESR version 31.7. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 38.0.

5/12/2015: Microsoft has released this month's security bulletin. There are thirteen updates that affect server and client components. Five of these are rated critical. Sans info is available here. The official Microsoft notification is available here.

5/12/2015: Adobe has released new security updates for Flash Player and Reader/Acrobat. The new Flash version is 17.0.0.188. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. The new Reader/Acrobat version is 11.0.11. The link to the Adobe security blogs bulletin is available here.

5/7/2015: Apple has released security patches for the Safari browser. New versions of Safari are 6.2.6, 7.1.6 and 8.0.6 include many security fixes. Apple Security Updates are available here. These updates can be applied through Apple updates or Apple downloads.

4/28/2015: Google has released a new stable release version of the Chrome browser 42.0.2311.135. There are a number of security fixes in this release. Chrome release info is available here.

4/14/2015: Oracle has announced the new quarterly Critical Patch Update. This includes for many Oracle products. A new release for Java 8u45 will be tested for Banner & Blackboard compatibility. There are also updates for many products such as Database Servers, Sun Solaris, PeopleSoft, Middleware products and MySql.

4/14/2015: Google has released a new stable release version of the Chrome browser 42.0.2311.90. There are a number of security fixes in this release. Chrome release info is available here.

4/14/2015: Adobe has released new security updates for Flash Player. The new Flash version is 17.0.0.169. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. The link to the Adobe security blogs bulletin is available here.

4/14/2015: Microsoft has released this month's security bulletin. There are eleven updates that affect server and client components. Four of these are rated critical. Sans info is available here. The official Microsoft notification is available here.

4/8/2015: Apple has released security patches for OSX (10.8, 10.9 and 10.10),iOS (8.3) and a new release for Safari (version 8.0.5, 7.1.5 and 6.2.5). Apple Security Updates will be available here. These updates can be applied through Apple updates or Apple downloads.

4/1/2015: Google has released a new stable release version of the Chrome browser 41.0.2272.118. There are a number of security fixes in this release. Chrome release info is available here.

4/1/2015: Mozilla has announced a new release for Firefox ESR version 31.6. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 37.0.

3/20/2015: Mozilla has announced a new release for Firefox ESR version 31.5.3. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 36.0.4.

3/20/2015: Apple has released a security patch for OSX (10.10). Apple Security Updates will be available here. These updates can be applied through Apple updates or Apple downloads.

3/19/2015: Google has released a new stable release version of the Chrome browser 41.0.2272.101. There are a number of security fixes in this release. Chrome release info is available here.

3/18/2015: Apple has released security patches for the Safari browser. New versions of Safari are 6.2.4, 7.1.4 and 8.0.4 include many security fixes. Apple Security Updates are available here. These updates can be applied through Apple updates or Apple downloads.

3/12/2015: Adobe has released new security updates for Flash Player. The new Flash version is 17.0.0.134. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. The link to the Adobe security blogs bulletin is available here.

3/10/2015: Microsoft has released this month's security bulletin. There are thirteen updates that affect server and client components. Five of these are rated critical. Sans info is available here. The official Microsoft notification is available here.

3/10/2015: Apple has released security patches for OSX (10.8, 10.9 and 10.10) and iOS (8.2). Apple Security Updates will be available here. These updates can be applied through Apple updates or Apple downloads.

3/3/2015: Google has released a new stable release version of the Chrome browser 41.0.2272.76 . There are a number of security fixes in this release. Chrome release info is available here.

2/25/2015: Mozilla has announced a new release for Firefox ESR version 31.5. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 36. These versions are compatible with the latest testing version of SiteAdvisor 3.5p3.

2/20/2015: Google has released a new stable release version of the Chrome browser 40.0.2214.115. There are a number of security fixes in this release. Chrome release info is available here.

2/10/2015: Microsoft has released this month's security bulletin. There are nine updates that affect server and client components. Three of these are rated critical. Sans info is available here. The official Microsoft notification is available here.

2/5/2015: Google has released a new stable release version of the Chrome browser 40.0.2214.111. There are a number of security fixes and a new flash version in this release. Chrome release info is available here.

2/4/2015: Adobe has released an Out-Of-Band security update for Flash Player that is actively being exploited. The new Flash version is 16.0.0.305. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. The link to the Adobe security blogs bulletin is available here. Downloads are available here.

1/28/2015: Apple has released security patches for OSX (10.8, 10.9 and 10.10),iOS (8.1.3) and a new release for Safari (version 8.0.3, 7.1.3 and 6.2.3). Apple Security Updates will be available here. These updates can be applied through Apple updates or Apple downloads.

1/26/2015: Adobe has released an Out-Of-Band security update for Flash Player that is actively being exploited. The new Flash version is 16.0.0.296. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. The link to the Adobe security blogs bulletin is available here. Downloads are available here.

1/23/2015: Adobe has released an Out-Of-Band security update for Flash Player that is actively being exploited. The new Flash version is 16.0.0.287. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. The link to the Adobe security blogs bulletin is available here.

1/22/2015: Oracle has announced the new quarterly Critical Patch Update. This includes for many Oracle products. A new release for Java 7u76 and 8u31 will be tested for Banner & Blackboard compatibility. There are also updates for many products such as Database Servers, Sun Solaris, PeopleSoft, Middleware products and MySql.

1/21/2015: Google has released a new stable release version of the Chrome browser 40.0.2214.91. There are a number of security fixes and a new flash version in this release. Chrome release info is available here.

1/14/2015: Mozilla has announced a new release for Firefox ESR version 31.4. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 35. These versions are not compatible with SiteAdvisor and we are awaiting a new release to fix that situation.

1/14/2015: Google has released a new stable release version of the Chrome browser 39.0.2171.99. There are a number of security fixes and a new flash version in this release. Chrome release info is available here.

1/13/2015: Microsoft has released this month's security bulletin. There are eight updates that affect server and client components. One of these is rated critical. Sans info is available here. The official Microsoft notification is available here.

1/13/2015: Adobe has released new security updates for Flash Player. The new Flash version is 16.0.0.257. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. The link to the Adobe security blogs bulletin is available here.

1/13/2015: Oracle is scheduled to release a new version of Java in their quarterly Critical Patch Update on January 20, 2015. For any machines running Java version 7 that are configured for auto-update will be upgraded to Java 8 automatically. Java 8 has not completed testing with internal programs like Banner and Blackboard. Auto-update should be disabled to avoid any problems. More info is available here.

12/23/2014: A new vulnerability in the NTP process has been discovered that is affecting multiple operating systems. This vulnerability can be used for remote code execution. NTP versions prior to 4.2.8 are vulnerable. SANS has more info 19093 and 19095. Apple has info listed here for 10.8.5, 10.9.5 and 10.10.1. Cisco is listing info here for many products. Other operating systems could also be affected and will require updating.

12/9/2014: Microsoft has released this month's security bulletin. There are seven updates that affect server and client components. Three of these are rated critical. Sans info is available here. The official Microsoft notification is available here.

12/9/2014: Google has released a new stable release version of the Chrome browser 39.0.2171.95 . There are a number of security fixes in this release. Chrome release info is available here.

12/9/2014: Adobe has released new security updates for Flash Player and Acrobat/Reader. The new Flash version is 16.0.0.235. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. The new Reader/Acrobat version is 11.0.10 or 10.1.13. The link to the security blogs bulletin is available here.

12/4/2014: Microsoft has announced this month's advanced security notice bulletin. The release on December 9th will include seven updates that affect server, client and office components. Three of these are rated critical. The official Microsoft notification is available here.

12/3/2014: Apple has released security patches for the Safari browser. New versions of Safari are 6.2.1, 7.1.1 and 8.0.1 include many security fixes. Apple Security Updates are available here. These updates can be applied through Apple updates or Apple downloads.

12/2/2014: Mozilla has announced a new release for Firefox ESR version 31.3. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 34. These versions are not compatible with SiteAdvisor and we are awaiting a new release to fix that situation.

11/25/2014: Adobe has released new security updates for Flash Player. The new Flash version is 15.0.0.239. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. The link to the security blogs bulletin is available here.

11/18/2014: Google has released a new stable release version of the Chrome browser 39.0.2171.65 . There are a number of security fixes in this release. Chrome release info is available here.

11/18/2014: Microsoft has announced a new advanced security bulletin for an out-of-band patch that will be released today. The official Microsoft notification is available here. This is listed as a critical patch for server operating systems.

11/18/2014: Apple has released security patches for OSX 10.10.1, Apple TV and iOS version 8.1. Sans has more info here. Apple Security Updates will be available here. These updates can be applied through Apple updates or Apple downloads.

11/14/2014: The Java version 7u72 has completed testing with Banner & Blackboard. This is now the recommended version that should be deployed to all machines. Downloads are available on the support center web site here: Software Versions.

11/12/2014: Google has released a new stable release version of the Chrome browser 38.0.2125.122. There are a number of security fixes in this release. Chrome release info is available here.

11/11/2014: Adobe has released new security updates for Flash Player. The new Flash version is 15.0.0.223. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. The link to the security blogs bulletin is available here.

11/11/2014: Microsoft has released this month's security bulletin. There are 14 updates that affect server and client components. Four of these are rated critical. Sans info is available here. The official Microsoft notification is available here.

11/6/2014: Microsoft has announced this month's advanced notice security bulletin. There are 16 updates that affect server, client and office components. Five of these are rated critical. The official Microsoft notification is available here.

10/17/2014: Apple has released security patches for OSX (10.8.6 and 10.9.6),iTunes 12.0.1 (12.0.1) and a new release for OS X Yosemite (version 10.10). Apple Security Updates will be available here. These updates can be applied through Apple updates or Apple downloads.

10/14/2014: Adobe has released new security updates for Flash Player. The new Flash version is 15.0.0.189. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. The link to the security blogs bulletin is available here.

10/14/2014: Mozilla has announced a new release for Firefox ESR version 31.2. FireFox ESR 31 may not be compatible with all plug-ins & web sites and should be tested before deploying. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 33.0. The next version of FireFox ESR 31 has been released:https://www.mozilla.org/en-US/firefox/33.0/releasenotes/.

10/14/2014: Oracle has announced the pre-release announcement for the quarterly security patch. This is scheduled to be released on 10/14/2014. This will include patches for many products including Java, Databases and Solaris. Release notice: 2014-Q4.

10/14/2014: Microsoft has released this month's security bulletin. There are eight updates that affect server and client components. Three of these are rated critical. Sans info is available here. The official Microsoft notification is available here.

10/10/2014: Microsoft has announced this month's advanced notice security bulletin. There are nine updates that affect server, client and office components. Three of these are rated critical. The official Microsoft notification is available here.

10/8/2014: Google has released a new stable release version of Chrome 38.0.2125.101 . There are many(159) security fixes in this release. Chrome release info is available here.

9/24/2014: Google has released a new stable release version of Chrome 37.0.2062.124. There is a new security fix for RSA signature malleability in this release. Chrome release info is available here.

9/24/2014: Mozilla has announced a new release for Firefox ESR version 24.8.1 and 31.1.1 The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 32.0.3.

9/17/2014: Apple has released security patches for OSX (10.9.5),Safari Browser (6.2 and 7.1) and iOS (version 8). Apple Security Updates will be available here. These updates can be applied through Apple updates or Apple downloads.

9/16/2014: Adobe has released new security updates for Reader/Acrobat. The new Reader/Acrobat version is 11.0.09. The link to the security blogs bulletin is available here.

9/9/2014: Microsoft has released this month's security bulletin. There are four updates that affect server and client components. One of these is rated critical. Sans info is available here. The official Microsoft notification is available here.

9/9/2014: Google has released a new stable release version of Chrome 37.0.2062.120. There are a number of security fixes in this release. Chrome release info is available here.

9/9/2014: Adobe has released new security updates for Flash Player. The new Flash version is 15.0.0.152. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. The link to the security blogs bulletin is available here.

9/4/2014: Microsoft has announced this month's advanced notice security bulletin. There are four updates that affect server, client and office components. One of these is rated critical. The official Microsoft notification is available here.

9/2/2014: Mozilla has announced a new release for Firefox ESR version 24.8 and 31.1 The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 32.0.3. The next version of FireFox ESR 31 has been released:https://www.mozilla.org/en-US/firefox/32.0/releasenotes/. This will require more extensive testing as it rolls all the new features introduced since version 24.

8/28/2014: Google has released a new stable release version of Chrome 37.0.2062.102. There are a number of security fixes in this release. Chrome release info is available here.

8/14/2014: Apple has released security patches for the Safari browser. New versions of Safari are 6.1.6 and 7.0.6 include many security fixes. Apple Security Updates are available here. These updates can be applied through Apple updates or Apple downloads.

8/12/2014: Google has released a new stable release version of Chrome 36.0.1958.143. There are a number of security fixes in this release. Chrome release info is available here.

8/12/2014: Microsoft has released this month's security bulletin. There are nine updates that affect server and client components. Two of these are rated critical. Sans info is available here. The official Microsoft notification is available here.

8/12/2014: Adobe has released new security updates for Flash Player and Reader/Acrobat. The new Flash version is 14.0.0.145. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. The new Reader/Acrobat version is 11.0.08. The link to the security blogs bulletin is available here.

8/8/2014: Microsoft has announced this month's advanced notice security bulletin. There are nine updates that affect server, client and office components. Two of these are rated critical. The official Microsoft notification is available here.

7/30/2014: Google has released a new stable release version of Chrome 36.0.1958.138. There are a number of security fixes in this release. Chrome release info is available here.

7/22/2014: Mozilla has announced a new release for Firefox ESR version 24.7. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 31. The next version of FireFox ESR 31 has been released:https://www.mozilla.org/en-US/firefox/31.0/releasenotes/. This will require more extensive testing as it rolls all the new features introduced since version 24.

7/14/2014: Oracle has announced the pre-release announcement for the quarterly security patch. This is scheduled to be released on 7/14/2014. This will include patches for many products including Java, Databases and Solaris. Release notice: 2014-Q3.

7/8/2014: Microsoft has released this month's security bulletin. There are six updates that affect server and client components. Two of these are rated critical. Sans info is available here. The official Microsoft notification is available here.

7/8/2014: Adobe has released a new security updates for Flash Player. The new Flash version is 14.0.0.176. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. The link to the security blogs bulletin is available here.

7/7/2014: Microsoft has announced this month's advanced notice security bulletin. There are six updates that affect server, client and office components. Two of these are rated critical. The official Microsoft notification is available here.

7/1/2014: Apple has released security patches for the Safari browser and OSX operating systems. New versions of Safari 6.1.5 and 7.0.5 include many security fixes. OSX can be upgraded to version 10.9.4. Apple Security Updates are available here. These updates can be applied through Apple updates or Apple downloads.

6/10/2014: Google has released a new stable release version of Chrome 35.0.1916.155. There are a number of security fixes in this release. This includes the new flash update(14.0.0.125). Chrome release info is available here.

6/10/2014: Adobe has released a new security updates for Flash Player. The new Flash version is 14.0.0.125. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. The link to the security blogs bulletin is available here.

6/10/2014: Microsoft has released this month's security bulletin. There are seven updates that affect server and client components. Two of these are rated critical. Sans info is available here. The official Microsoft notification is available here.

6/10/2014: Mozilla has announced a new release for Firefox ESR version 24.6. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 30.

6/5/2014: Microsoft has announced this month's advanced notice security bulletin. There are seven updates that affect server, client and office components. Two of these are rated critical. The official Microsoft notification is available here.

5/21/2014: Apple has released security patches for the Safari browser. New versions of Safari 6.1.4 and 7.0.4 include many security fixes. Apple Security Updates are available here. These updates can be applied through Apple updates or Apple downloads.

5/16/2014: Google has released a new stable release version of Chrome 34.0.1847.137. There are a number of security fixes in this release. Chrome release info is available here.

5/16/2014: Apple has released security patches for OSX (10.9.3) and iTunes (11.2). Apple Security Updates will be available here. These updates can be applied through Apple updates or Apple downloads.

5/13/2014: Adobe has released a new security updates for Flash Player and Reader/Acrobat. The new Flash version is 13.0.0.214. The new Reader/Acrobat version is 11.0.07. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. Link to the security blogs bulletin is available here.

5/13/2014: Microsoft has released this month's security bulletin. There are nine updates that affect server and client components. Three of these are rated critical. Sans info is available here. The official Microsoft notification is available here.

5/9/2014: Microsoft has announced this month's advanced notice security bulletin. There are eight updates that affect server, client and office components. Two of these are rated critical. The official Microsoft notification is available here.

5/1/2014: Microsoft has released an out of band special patch for Internet Explorer. This is patching a vulnerability in all versions of IE that is currently being exploited. All systems should be patched as soon as possible. Sans info is available here. The official Microsoft notification is available here.

4/29/2014: Mozilla has announced a new release for Firefox ESR version 24.5. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 29.

4/29/2014: Google has released a new stable release version of Chrome 34.0.1847.131. There are a number of security fixes in this release. Chrome release info is available here.

4/29/2014: Adobe has released a new security update for Flash Player. The new version is 13.0.0.206. Link to the security blogs bulletin is available here. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11.

4/23/2014: Apple has released security patches for OSX (10.7.5, 10.8.5, 10.9.2), Apple TV and iOS for mobile devices. Apple Security Updates will be available here. These updates can be applied through Apple updates or Apple downloads.

4/8/2014: Google has released a new stable release version of Chrome 34.0.1847.116. There are a number of security fixes in this release. Chrome release info is available here.

4/8/2014: Adobe has released a new security update for Flash Player. The new version is 13.0.0.182. Link to the security blogs bulletin is available here. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11.

4/8/2014: An announcement has been made for the OpenSSL version that is present in many Unix/Linux based operating systems. This includes RedHat, Ubuntu, Mac OS X and others. Patches are available for many of these Operating Systems. More info is available in these links: 17917 17921 US-CERT.

4/8/2014: Microsoft has released this month's security bulletin. There are four updates that affect server and client components. Two of these are rated critical. Sans info is available here. The official Microsoft notification is available here.

4/2/2014: Apple has released security patches for the Safari browser. New versions of Safari 6.1.3 and 7.0.3 include many security fixes. Apple Security Updates are available here. These updates can be applied through Apple updates or Apple downloads.

3/18/2014: Mozilla has announced a new release for Firefox ESR version 24.4. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 28.

3/13/2014: Adobe has released a security update for the Shockwave Player. Shockwave player has a new version of 12.0.9.150. Link to the security blogs bulletin is available here.

3/11/2014: Google has released a new stable release version of Chrome 33.0.1750.149. There are a number of security fixes in this release. Chrome release info is available here.

3/11/2014: Microsoft has released this month's security bulletin. There are five updates that affect server and client components. Two of these are rated critical. Sans info is available here. The official Microsoft notification is available here.

3/11/2014: Adobe has released a new security update for Flash Player. The new version is 12.0.0.77. Link to the security blogs bulletin is available here. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11.

3/6/2014: Microsoft has announced this month's advanced notice security bulletin. There are five updates that affect server and client components. Two of these are rated critical. The official Microsoft notification is available here.

3/3/2014: Google has released a new stable release version of Chrome 33.0.1750.146. There are a number of security fixes in this release. Chrome release info is available here.

2/26/2014: Apple has released security patches for multiple products. New patches are available for OSX (10.7, 10.8, 10.9), Safari browser, Quicktime and iOS for mobile devices. Apple Security Updates are available here. These updates can be applied through Apple updates or Apple downloads.

2/20/2014: Adobe has released a new security update for Flash Player. The new version is 12.0.0.70. Link to the security blogs bulletin is available here.

2/20/2014: Google has released a new stable release version of Chrome 33.0.1750.117. There are a number of security fixes in this release. Chrome release info is available here.

2/11/2014: Adobe has released a security update for the Shockwave Player. Shockwave player has a new version of 12.0.9.149. Link to the security blogs bulletin is available here.

2/11/2014: Microsoft has released this month's security bulletin. There are seven updates that affect server and client components. Four of these are rated critical. Sans info is available here. The official Microsoft notification is available here.

2/6/2014: Adobe has released a new security update for Flash Player. The new version is 12.0.0.44. Link to the security blogs bulletin is available here.

1/28/2014: Google has released a new stable release version of Chrome 32.0.1700.102. There are a number of security fixes in this release. Chrome release info is available here.

1/15/2014: Google has released a new version of Chrome 32.0.1700.76 to the stable release version. There are a number of security fixes in this release. This also includes an update for the flash player inside the Chrome browser. Chrome release info is available here.

1/14/2014: Oracle quarterly security patch is also scheduled to be released today. This will include patches for many products including Java, Databases and Solaris. Release notice: 2014-Q1.

1/14/2014: Adobe has released security updates for multiple products. Adobe Reader/Acrobat has a new version of 11.0.06. Adobe Flash Player Flash has a new version of 12.0.0.38. Link to the security blogs bulletin is available here.

1/14/2014: Microsoft has announced this month's security bulletin. There are four updates that affect server and client components. One of these is rated critical. Sans info is available here. The official Microsoft notification is available here.

1/10/2014: There are a number of pre-notifications for product updates to be released next week. Microsoft, Oracle and Adobe all are scheduling products updates next week. More info will follow when it is available.

12/17/2013: Apple has released a new version of the OsX 10.9.1 with many security fixes. More info is available here. Apple Security Updates are available here. These updates can be applied through Apple updates or Apple downloads. There is also a new release for the Safari Browser.

12/10/2013: Adobe has released security updates for Adobe Flash Player and Shockwave Player. Flash Player has a new version of 11.9.900.170. Shockwave player has a new version of 12.0.7.148. Link to the security blogs bulletin is available here.

12/10/2013: Microsoft has announced this month's security bulletin. There are eleven updates that affect server and client components. Five of these are rated critical. Two of these are rated Patch Now by SANS and should be patched as soon as possible. The official Microsoft notification is available here.

12/5/2013: Google has released a new version of Chrome 31.0.1650.63 to the stable release version. There are a number of security fixes in this release. Chrome release info is available here.

11/12/2013: Adobe has released security updates for Adobe Flash Player. Flash Player has a new version of 11.9.900.152. Link to the security blogs bulletin is available here.

11/12/2013: Google has released a new version of Chrome 31.0.1650.48 to the stable release version. There are a number of security fixes in this release. Chrome release info is available here.

11/12/2013: Microsoft has announced this month's security bulletin. There are eight updates that affect server and desktop components. Three of these are rated critical. The official Microsoft notification is available here. One patch is fixing a severe vulnerability and is being actively exploited and should be patched as soon as possible. The notice from SANS is listed here.

10/30/2013: Mozilla has announced a new release for Firefox version 25. The security info is available here: Security Advisories. Downloads are available here: Firefox.

10/17/2013: Apple has released new security patches for Java for the Mac OSX 10.6, 10.7 and 10.8. More info is available here. Apple Security Updates are available here. These updates can be applied through Apple updates or Apple downloads.

10/17/2013: Google has released a new version of Chrome 30.0.1599.101 to the stable release version. There are a number of security fixes in this release. Chrome release info is available here.

10/15/2013: Oracle has issued a new release for Java 7u45. This will be tested for compatibility with our other software like Banner and Blackboard. The Java release notes are available here and Java 7 download here.

10/9/2013: Microsoft has announced this month's security bulletin. There are eight updates that affect server and desktop components. Four of these are rated critical. The official Microsoft notification is available here. One patch is fixing a severe vulnerability in Internet Explorer that is being actively exploited and should be patched as soon as possible. The notice from SANS is listed here.

10/9/2013: Adobe has released security updates for Adobe Reader/Acrobat. Reader/Acrobat has a new version of 11.0.05. Link to the security blogs bulletin is available here.

9/18/2013: Mozilla has announced a new release for Firefox version 24. The security info is available here: Security Advisories. Downloads are available here: Firefox.

9/16/2013: Apple has released a new version of the OsX 10.8.5 with many security fixes. More info is available here. Apple Security Updates are available here. These updates can be applied through Apple updates or Apple downloads. There is also a new release for the Safari Browser

9/11/2013: Oracle has issued a new release for Java 7u40. This will be tested for compatibility with our other software like Banner and Blackboard. The Java release notes are available here and Java 7 download here.

9/10/2013: Adobe has released security updates for multiple products. Adobe Reader/Acrobat has a new version of 11.0.04. Adobe Flash Player Flash has a new version of 11.8.800.168. There is also a security update for the Shockwave Player 12.0.4.144. Link to the security blogs bulletin is available here.

9/10/2013: Microsoft has announced this month's security bulletin. There are fourteen updates that affect server and desktop components. Four of these are rated critical. The official Microsoft notification is available here. The notice from SANS is listed here.

8/23/2013: Google has released a new version of Chrome 29.0.1547.57 to the stable release version. There are a number of security fixes in this release. Chrome release info is available here.

8/13/2013: Microsoft has released this month's security bulletin. There are eight updates that affect server and desktop components. Six of these are rated critical. One of these is actively being exploited and should be patched as soon as possible. The official Microsoft notification is available here. The notice from SANS is listed here.

8/7/2013: Mozilla has announced a new release for Firefox version 23. The security info is available here: Security Advisories. Downloads are available here: Firefox.

7/26/2013: The new version of Java 6.51 has passed testing for Banner & Blackboard. More info is available here. The software download is available here.

7/11/2013: Google has released a new version of Chrome 28.0.1500.71 to the stable release version. There are a number of security fixes in this release. Chrome release info is available here.

7/9/2013: Adobe has released a security updates for Adobe Flash Player Flash has a new version of 11.8.800.94. There is also a security update for the Shockwave Player 12.0.3.133. Link to the security blogs bulletin is available here.

7/9/2013: Microsoft has released this month's security bulletin. There are seven updates that affect server and desktop components. Six of these are rated critical. One of these is actively being exploited and should be patched as soon as possible. The official Microsoft notification is available here. The notice from SANS is listed here.

6/26/2013: Mozilla has announced a new release for Firefox version 22. The security info is available here: Security Advisories. Downloads are available here: Firefox.

6/11/2013: Adobe has released a security updates for Adobe Flash Player Flash has a new version of 11.7.700.224. Link to the security blogs bulletin is available here.

6/11/2013: Microsoft has released this month's security bulletin. There are five updates that affect server and desktop components. Two of these are rated critical. The official Microsoft notification is available here. The notice from SANS is listed here.

6/5/2013: Apple has released a new version of the OS 10.8.4 with many security fixes. Sans has more info here. Apple Security Updates will be available here. These updates can be applied through apple updates or Apple downloads.

5/31/2013: Apple has released a new version of Quicktime 7.7.4 with many security fixes. This version is available for Windows & Mac computers. There are a number of security fixes in this release. The update information is available here. These updates can be applied through apple updates or Apple downloads.

5/22/2013: Google has promoted the Chrome 27 version to the stable release version. There are a number of security fixes in this release. Chrome release info is available here.

5/14/2013: Adobe has released a security updates for multiple products. Adobe Flash Player has a new version of 11.7.700.202. Adobe Reader and Acrobat has a new version of 11.0.03. Adobe Cold Fusion has new updates for many releases here. Link to the security blogs bulletin is available here.

5/14/2013: Mozilla has announced a new release for Firefox version 21. The security info is available here: Security Advisories. Downloads are available here:Firefox.

5/14/2013: Microsoft has released this month's security bulletin. There are ten updates that affect server and desktop components. Two of these are rated critical. One of these fixes a vulnerability in IE8 that is being actively exploited. The official Microsoft notification is available here. The notice from SANS is listed here.

4/9/2013: Microsoft has released this month's security bulletin. There are nine updates that affect server and desktop components. Two of these are rated critical. The official Microsoft notification is available here. The notice from SANS is listed here.

4/8/2013: Mozilla has announced a new release for Firefox version 20. The security info is available here:Security Advisories. Downloads are available here:Firefox.

3/28/2013: Google has promoted the Chrome 26 version to the stable release version. There are a number of security fixes in this release. Chrome release info is available here.

3/15/2013: Apple has announced a new security release for Java(6u43) and Mac OS X 10.6 update 14. The update information is available here. These updates can be applied through apple updates or Apple downloads.

3/12/2013: Adobe has released a new update for Adobe Flash Player. Adobe Flash Player has a new version of 11.6.602.180.  Link to the security blogs bulletin is available here.

3/12/2013: Microsoft has released this month's security bulletin. There are seven updates in this release that affect server and desktop components. Four of these are rated critical.  The official Microsoft notification is available here.  The notice from SANS is listed here.

3/5/2013: Oracle has released a new security patch for Java 6u43 & 7u17.  The Oracle release notes are available here and Java 7 here.

3/5/2013: Google has released a new version of the Chrome browser. The Chrome stable release version is 25.0.1364.152. Chrome release info is available here.

2/27/2013: Adobe has released a new update for Adobe Flash Player.   Adobe Flash Player has a new version of 11.6.602.171. Link to the security blogs bulletin is available here.

2/21/2013: Apple has announced a new security release for Java and Mac OS X 10.6 update 13. The update information is available here. These updates can be applied through apple updates or Apple downloads.

2/21/2013: Mozilla and Google have released new versions of common browsers.  Mozilla has announced version 19.0 of the Firefox browser. Link to the security advisories are available here. The Firefox download is available here. Google has released the 25.0.1364.87 version of Chrome. Chrome release info is available here.

2/20/2013: Adobe has released security updates for both Reader and Acrobat versions XI(11.0.02), X(10.1.6) and 9(9.5.4).  The Adobe announcement is available here.  Adobe Product Security Incident Response Team Blog is available here.  See this page for more info on ConnSCU standards for Adobe/Java Updates.

2/20/2013: Oracle has released a new security patch for Java 6u41 & 7u15.  This is a follow-up to the patches released and February 1st.  There are also Java patches available for the Apple OS as there were recent malware compromises to Apple systems. The Oracle announcement is available here.

2/12/2013: Adobe has released a new update for Adobe Flash Player and Shockwave Player.   Adobe Flash Player has a new version of 11.6.602.168.  Adobe Flash Shockwave Player has a new version of 12.0.0.112. Link to the security blogs bulletin is available here.

2/12/2013: Microsoft has released this month's security bulletin. There are twelve updates in this release that affect server and desktop components. Five of these are rated critical.  The official Microsoft notification is available here.  The notice from SANS is listed here.

2/7/2013: Adobe has released a new critical update for Adobe Flash Player.   Adobe Flash Player has a new version of 11.5.502.149. Link to the security bulletin is available here.

2/1/2013: Oracle has released a new security patch for Java 6 & 7.  This was released prior to the scheduled date because of active exploitation on the Internet. This release includes new security fixes and should be patched as soon as possible.  The Oracle announcement is available here.

1/15/2013: Microsoft has released an out of band patch for Internet Explorer.  This patch affects IE versions 6, 7 and 8. This should be applied as soon as possible as there are known exploits using this vulnerability. The official Microsoft notification is available here.  The notice from SANS is listed here.

1/14/2013: Oracle has released a new security patch for Java 7 (7 update 11).   This release includes new security fixes and should be patched as soon as possible.  The Oracle announcement is available here.

1/9/2013: Adobe has released a new critical update for Adobe Flash Player.   Adobe Flash Player has a new version of 11.5.502.146. Link to the security bulletin is available here.

1/9/2013: Adobe has released security updates for both Reader and Acrobat.  The Adobe announcement is available here.  See this page for more info on ConnSCU standards for Adobe/Java Updates.

1/8/2013: Microsoft has released this month's security bulletin. There are seven updates in this release that affect server and desktop components. Two of these are rated critical.  The official Microsoft notification is available here.  The notice from SANS is listed here.

12/6/2012: Microsoft has released this month's advance notice security bulletin. There are seven updates in this release that affect server and desktop components. Five of these are rated critical.  The official Microsoft notification is available here.  The notice from SANS is listed here. These are scheduled to be released on 12/11/2012.

11/21/2012: Mozilla has released a new 17.0 version of the Firefox browser with many security and bug fixes. Link to the security advisories are available here. The Firefox download is available here.

11/13/2012: Microsoft has released this month's security bulletin. There are six updates in this release that affect server and desktop components. Four of these are rated critical.  The official Microsoft notification is available here.  The notice from SANS is listed here.

11/9/2012: Adobe has released a new critical update for Adobe Flash Player.   Adobe Flash Player has a new version of 11.5.502.110. Link to the security bulletin is available here.

10/9/2012: Adobe has released a new critical update for Adobe Flash Player.   Adobe Flash Player has a new version of 11.4.402.287. Link to the security bulletin is available here.

10/9/2012: Microsoft has released this month's security bulletin. There are seven updates in this release that affect server and desktop components. One of these is rated critical.  The official Microsoft notification is available here.  The notice from SANS is listed here. These updates will be released on 10/16/2012.

09/11/2012: Microsoft has released this month's security bulletin. There are two updates in this release that affect servers. These are rated important. There also is an update to the Windows Malicious Software Removal Tool which can affect desktop operating systems.   The official Microsoft notification is available here.  The notice from SANS is listed here.

08/22/2012: Adobe has released a new update for Adobe Flash Player.   Adobe Flash Player has a new version of 11.4.402.265. Link to the security bulletins is available here.

08/14/2012: Adobe has released new updates for multiple products. Adobe Reader and Acrobat have a new 10.1.4 version.  Adobe Shockwave Player has a new version of  11.6.5.636. Adobe Flash Player has a new version of 11.3.300.271. Links to these security bulletins are available from this blog post.

08/14/2012: Microsoft has released this month's security bulletin. There are nine updates in this release - with six rated critical.  Please test and install these updates as soon as possible.  The official Microsoft notification is available here.  The notice from SANS is listed here.

07/10/2012: Microsoft has released this month's security bulletin. There are nine updates in this release - with three rated critical.  SANS is recommending to "Patch Now" for two of the vulnerabilities that are actively being exploited.  Please test and install these right away.   The official Microsoft notification is available here.  The notice from SANS is listed here.

06/12/2012: Microsoft has released this month's security bulletin. There are seven updates in this release - with three rated critical.  SANs is recommending Patch Now for one of them.  Please test and install these updates right away.   The official Microsoft notification is available here.  The notice from SANS is listed here.

05/08/2012: Microsoft has released this month's security bulletin. There are seven updates in this release - with three rated critical.  SANs is reporting that there are known exploits for a few of the vulnerabilities.  Please test and install these updates as soon as possible.   The official Microsoft notification is available here.  The notice from SANS is listed here.

05/04/2012: Adobe has released security updates for both Shockwave and Flashplayer.  The Adobe announcements are available here.  More info can be found on the SANS site. See this page for more info on ConnSCU standards for Adobe/Java Updates.

04/30/2012: Oracle has released a workaround for the TNS listener vulnerability -  alert-cve-2012-1675-1608180.html.  The SANS write-up about the issue is listed here.

04/10/2012: Microsoft has released this month's security bulletin. There are six updates in this release - with four rated as critical. Please test and install these updates right away.  The official Microsoft notification is available here.  The notice from SANS is listed here.

04/10/2012: Adobe has released security updates for both Reader and Acrobat.  The Adobe announcement is available here.  More info can be found on the SANS site. See this page for more info on ConnSCU standards for Adobe/Java Updates.

03/13/2012: Microsoft has released this month's security bulletin. There are six updates in this release - with one rated as critical for a vulnerability in RDP. Please test and install these updates right away.  The official Microsoft notification is available here.  The notice from SANS is listed here.

03/6/2012: Adobe has released a version for the Flash Player (11.1.102.63).  Updates are available for Windows, Macintosh, Linux, Solaris and Android operating systems. The Adobe announcement is available here.  More info can be found on the SANS site. See this page for more info on Commnet standards for Adobe/Java Updates.

02/14/2012: Adobe has released a patch for vulnerabilities in Shockwave Player and RoboHelp for Word. All machines should be updated to this new 11.6.4.634 version of Shockwave for Windows and Macintosh operating systems. The official Adobe notification is here.  The notice from SANS is listed here. See this page for more info on Commnet standards for Adobe/Java Updates.

02/14/2012: Microsoft has released this month's security bulletin. There are nine updates in this release - with four rated as critical. Please test and install these updates as soon as possible.  The official Microsoft notification is available here.  The notice from SANS is listed here.

2/6/2012: Apple has released new security updates for the operating systems OS X 10.6.8 and 10.7.3.  Specific info on the security content of the patch is available here. Info on all Apple security updates are available here.

01/10/2012: Adobe has released a patch for multiple vulnerabilities in the Acrobat and Reader products. All machines should be updated to this new 10.1.2 version for Windows and Macintosh operating systems. The official Adobe notification is here.  The notice from SANS is listed here. See this page for more info on Commnet standards for Adobe/Java Updates.

01/10/2012: Microsoft has released this month's security bulletin. There are 7 updates in this release - one rated as critical. SANS is saying to patch now for two of them. Please install these updates right away.  The official Microsoft notification is available here.  The notice from SANS is listed here.

12/13/2011: Microsoft has released this month's security bulletin. There are 14 updates in this release with three rated as critical. One vulnerability is currently being exploited and should be patched as soon as possible. The official Microsoft notification is available here.  The notice from SANS is listed here.

12/7/2011: Adobe has announced a new vulnerability in the Acrobat and Reader products. There are active exploits using this vulnerability. Patches will be made available on 12/16/2011. The ReaderX and AcrobatX products are not vulnerable to this exploit if they are running in protected mode. Colleges should be running the latest versions in protected mode. The Adobe announcement is available here.  More info can be found on the SANS site.

11/22/2011: RealNetworks has released a new version of RealPlayer(15.0) and Mac RealPlayer(12.0.0.1703) that fixes multiple vulnerabilities.  The release announcement is available here.

11/8/2011: Adobe has released a version for the Shockwave Player (11.6.3.633).  The Adobe announcement is available here.  More info can be found on the SANS site.

11/8/2011: Microsoft has released this month's security bulletin. There are 4 updates in this release with one rated as critical.  Please test and install these patches as soon as possible.  The official Microsoft notification is available here, and more information can be found on the SANS site.

10/12/2011: Apple has released new security updates for the operating systems OS X 10.6.8 and 10.7.2.  Specific info on the security content of the patch is available here. Info on all Apple security updates are available here.

10/11/2011: Microsoft has released this month's security bulletin. There are 8 updates in this release with two rated as critical.  Please test and install these patches as soon as possible.  The official Microsoft notification is available here, and more information can be found on the SANS site.

9/13/2011: Adobe has released a patch for the Reader & Acrobat products.  The Adobe announcement is available here.  More info can be found on the SANS site.

9/13/2011: Microsoft has released this month's security bulletin. There are 5 updates in this release - All are rated important.  Please test and install these patches timely.  The official Microsoft notification is available here, and more information can be found on the SANS site.

8/17/2011: Mozilla has announced a new release(3.6.20) for the Firefox browser.  This release has a number of fixes for critical vulnerabilities that can allow remote code execution. Firefox security information is available here.  Security info for the Firefox browsers is available here: 3.6.  There is also a new Firefox 6.0 version.

8/9/2011: Adobe has released their quarterly patch update for multiple products including Photoshop, Flash Media Server, Flash Player and Shockwave Player.  The Adobe announcement is available here.  More info can be found on the SANS site.

8/9/2011: Microsoft has released this month's security bulletin. There are 13 updates in this release - 2 are rated critical.  Please test and install these patches timely.  The official Microsoft notification is available here, and more information can be found on the SANS site.

8/04/2011: Apple has announced a new security patch (7.7) for the Quicktime Player.  This is a critical patch will fix multiple vulnerabilities that can allow remote code execution.  Apple information is available here.  Security info for all Apple products are available here.

7/12/2011: Microsoft has released this month's security bulletin. There are 4 updates in this release - 1 is rated critical.  Please test and install these patches timely.  The official Microsoft notification is available here, and more information can be found on the SANS site.

6/24/2011: Apple has released new security updates for the operating systems OS X 10.6.8.  Specific info on the security content of the patch is available here. Info on all Apple security updates are available here.

6/14/2011: Adobe has released a new security advisory for Adobe Reader and Acrobat. This affects both Windows & Macintosh platforms.  The Adobe announcement is available here.

6/14/2011: Microsoft has released this month's security bulletin. There are 16 updates in this release - 9 are rated as critical.  Please test and install these as soon as possible.  The official Microsoft notification is available here, and more information can be found on the SANS site.

6/6/2011: Adobe has released a new security patch for Adobe Flash Player version 10.3.185.22. This affects both Windows & Macintosh platforms. This release fixes a critical vulnerability that is currently allowing remote code execution and should be patched as soon as possible.  The Adobe announcement is available here.

5/13/2011: Adobe has released a new security patch for Adobe Flash Player version 10.3.185.21. This affects both Windows & Macintosh platforms. This release fixes a critical vulnerability that is currently allowing remote code execution and should be patched as soon as possible.  The Adobe announcement is available here.

5/10/2011: Microsoft has released this month's security bulletin. There are 2 updates in this release with 1 rated as critical.  Please test and install these as soon as possible.  The official Microsoft bulletin is available here, and more information can be found on the SANS site.

4/28/2011: Mozilla has announced a new releases(4.0.1 & 3.6.17) for the Firefox browser.  This release has a number of fixes for critical vulnerabilities that can allow remote code execution. Firefox security information is available here.  Security info for the Firefox browsers is available here  4.0, 3.6

4/12/2011: Microsoft has released this month's security bulletin. There are 17 updates in this release with 9 rated as critical.  Please test and install these as soon as possible, as there are exploits available according to SANS.  The official Microsoft bulletin is available here.

3/24/2011: Microsoft has release an out-of-band security advisory concerning fraudulent digital certificates. Comodo issued a few certificates for common web sites to invalid owners.  These certificates have been revoked but as part of the process, Microsoft has released a released a security update.  This update should be applied to all machines to avoid man-in-the-middle or phishing attacks.

3/22/2011: Apple has released new security updates for the operating systems OS X 10.6.7.  Specific info on the security content of the patch is available here. Info on all Apple security updates are available here.

3/22/2011: Adobe has released a new security patch for Adobe Flash Player version 10.2.153.1. This affects both Windows & Macintosh platforms. This release fixes a critical vulnerability that is currently allowing remote code execution and should be patched as soon as possible.  The Adobe announcement is available here.

3/10/2011: Apple has released new security updates for the operating systems OS X 10.6 update 4 and 10.5 update 9.  These updates include fixes for updates in Java. Info on all Apple security updates are available here.

3/08/2011: Microsoft has released this month's security bulletin. There are 3 updates in this release with 1 rated as critical.  Please test and install these timely, as there are proof of concept exploits available according to SANS.  The official Microsoft bulletin is available here.

3/6/2011: Mozilla has announced a new release(3.6.15) for the Firefox browser.  This release has a number of fixes for critical vulnerabilities that can allow remote code execution. Firefox information is available here.  Security info for all the 3.6 Firefox browser is available here.

2/16/2011: Oracle has released a new security patch for Java 6 update 24.  This affects both Windows, Solaris and Linux platforms. This release includes 21 new security fixes and should be patched as soon as possible.  The Oracle announcement is available here.

2/09/2011: Adobe has released a new security patch for Adobe Shockwave Player version 11.5.9.620. This affects both Windows & Macintosh platforms. This release fixes multiple critical vulnerabilities that can be used for remote code execution and should be patched as soon as possible.  The Adobe announcement is available here.

2/09/2011: Adobe has released a new security patch for Adobe Flash Player version 10.1.102.64. This affects both Windows & Macintosh platforms. This release fixes a critical vulnerability that is currently allowing remote code execution and should be patched as soon as possible.  The Adobe announcement is available here.

2/08/2011: Microsoft has released this month's security bulletin. There are 12 updates in this release with 3 rated as critical.  Some of these are actively being exploited.  Please test and install these updates right away, as there are exploits available according to SANS.  The official Microsoft bulletin is available here.

2/08/2011: Adobe has released a new security patch(10.0) for Adobe ReaderX & Acrobat. The release fixes a critical vulnerability that is being actively exploited.  The Adobe announcement is available here.  Sans has more info here.

1/11/2011: Microsoft has released this month's security bulletin. There are 2 updates in this release with 1 rated as critical.  Please test and install these updates right away, as there are exploits available according to SANS.  The official Microsoft bulletin is available here.

12/14/2010: Microsoft has released this month's security bulletin. There are 17 updates in this release with 2 rated as critical.  Please test and install these updates right away.  SANS has more information, and the official Microsoft bulletin is available here.

12/10/2010: Mozilla has announced a new release(3.6.13) for the Firefox browser.  This release has a number of fixes for critical vulnerabilities that can allow remote code execution. Firefox information is available here.  Security info for all the 3.6 Firefox browser is available here.

12/09/2010: Apple has announced a new security patch (7.6.9) for the Quicktime Player.  This is a critical patch will fix multiple vulnerabilities that can allow remote code execution.  Apple information is available here.  Security info for all Apple products are available here.

11/17/2010: Adobe has released a new security patch(9.4.1) for Adobe Reader & Acrobat. The release fixes a critical vulnerability that is being actively exploited.  The Adobe announcement is available here.  Sans has more info here.

11/16/2010: Apple has released new security updates for the operating systems OS X 10.6.5.  Specific info on the security content of the patch is available here. Info on all Apple security updates are available here.

11/9/2010: Microsoft has released this month's security bulletin. There are 3 updates in this release with 1 rated as critical for MS Office.  There is an exploit available in the wild for that vulnerability - Please test and install these updates right away.  SANS has more information, and the official Microsoft bulletin is available here.

11/1/2010: Adobe has released a new security patch for Adobe Shockwave Player version 11.5.9.615. This affects both Windows & Macintosh platforms. This release fixes multiple critical vulnerabilities that can be used for remote code execution and should be patched as soon as possible.  The Adobe announcement is available here.

10/12/2010: Microsoft has released this month's security bulletin. There are 16 updates in this release with 4 rated as critical.  Please test and install these updates as soon as possible.  SANS has more information, and the official Microsoft bulletin is available here.

9/20/2010: Adobe has released a new security patch for Adobe Flash Player version 10.1.85.3. This affects both Windows & Macintosh platforms. This release fixes a critical vulnerability that is currently allowing remote code execution and should be patched as soon as possible.  The Adobe announcement is available here.

9/16/2010: Apple has announced a new security patch (7.6.8) for the Quicktime Player.  This is a critical patch will fix multiple vulnerabilities that can allow remote code execution.  Apple information is available here.  Security info for all Apple products are available here.

9/14/2010: Microsoft has released this month's security bulletin. There are 9 updates in this release with 4 rated as critical.  Please test and install these updates as soon as possible.  SANS has more information, and the official Microsoft bulletin is available here.

8/10/2010: Microsoft has released this month's security bulletin. There are 14 updates in this release with 9 rated as critical.  Please test and install these updates as soon as possible.  SANS has more information, and the official Microsoft bulletin is available here.

8/02/2010: Microsoft has released an out-of-band patch for a vulnerability that allows remote code execution. This vulnerability is currently being exploited on the Internet. All vulnerable systems should be patched immediately.  Please test and install the updates right away.  SANS has more information, and the official Microsoft bulletin is available here.

7/13/2010: Microsoft has released this month's security bulletin. There are 4 updates in this release with 3 rated as critical. SANS is reporting that one of the vulnerabilitites is actively being exploited and recommends that all vulnerable systems be patched immediately.  Please test and install the updates right away.  SANS has more information, and the official Microsoft bulletin is available here.

Important: with today's patches, support for XP SP2 officially comes to an end.  There will be no more patches for XP SP2 after today.  Please be sure to update any clients that are running XP SP2 or earlier to a supported version.

6/08/2010: Microsoft has released this month's security bulletin. There are 10 updates in this release with 7 rated as critical by SANS. The official Microsoft bulletin is available here. Please test and install the updates as soon as possible.  SANS also has more information.

6/05/2010: Adobe has issued a Security Advisory for Flash Player, Adobe Reader and Acrobat.  Adobe has posted mitigation suggestions in their advisory until the vulnerabilities are fixed.

5/11/2010: Microsoft has released this month's security bulletin. There are two updates in this release that are rated critical. There also are updates for the Malicious Software Removal Tool. The official Microsoft bulletin is available here. Please test and install the updates as soon as possible.  SANS also has more information.

4/13/2010: Microsoft has released this month's security bulletin. There are eleven updates in this release - five are rated critical.  The official Microsoft bulletin is available here. Please test and install the updates as soon as possible.  SANS also has more information.

4/3/2010: Apple has announced a new security patch for the Quicktime Player.  This is a critical patch will fix multiple vulnerabilities that can allow remote code execution. Sans has information here.   Apple information is available here.

3/30/2010: Microsoft announced an out of band patch for Internet Explorer 6 & 7.  This is a critical patch that should be applied as soon as possible. Sans has information here.   Microsoft information is available here.

3/30/2010: Apple has released new security updates for the operating systems OS X 10.5 and 10.6. Sans provides a summary of the security patch here. Specific info on the security content of the patch is available here.

3/9/2010: Microsoft has released this month's security bulletin. There are two updates in this release - both with a rating of Important.  The official Microsoft bulletin is available here. Please test and install the updates timely.  SANS also has more information.

2/18/2010: Mozzilla has released security releases for the Firefox browsers version 3.00 & 3.5.  These releases include fixes for vulnerabilities that can be used for remote code exploits.

2/17/2010: Adobe has released new security updates for the Adobe Reader/Acrobat and Adobe Flash/AIR products.  The Acrobat Reader patch affects the Windows, Macintosh and Unix platforms.  Info is available here. The Adobe Flash player patch info is available here.

2/9/2010: Microsoft has released this month's security bulletin. There are thirteen updates in this release - five are categorized as critical.  The official Microsoft bulletin is available here. Please update all vulnerable systems as soon as possible.  SANS also has more information.

1/21/2010: RealNetworks has announced a patch for the RealPlayer for all platforms.  Full details are available from RealNetworks.

1/21/2010: Mozilla has announced a new upgrade for the firefox browser.  Sans has information here.  Full details are available from Mozilla.  Version 3.6 is available here.

1/21/2010: Microsoft announced an out of band patch for Internet Explorer.  This is a critical patch that should be applied as soon as possible. Sans has information here.   Microsoft information is available here.

1/21/2010: Adobe has released a new security patch for Adobe Shockware Player versions 11.5.2.602 and earlier. This affects both Windows & Macintosh platforms. This release fixes a critical vulnerability that can allow remote code execution.  The Adobe announcement is available here.

1/19/2010: Apple has released new security updates for the operating systems OS X 10.5 and 10.6. Sans provides a summary of the security patch here. Specific info on the security content of the patch is available here.

1/13/2010: Adobe has released a new security patch for Adobe Reader & Acrobat. The release fixes a critical vulnerability that is being actively exploited.  The Adobe announcement is available here.

1/12/2010: Microsoft has released this month's security bulletin. There is only one critical update in this release for Windows 2000.  It is rated 'low' for all other versions of Windows.  The official Microsoft bulletin is available here. Please update all vulnerable systems timely.  SANS also has more information.

12/15/2009: The Mozilla Foundation has released multiple patches for the Firefox 3.0 and 3.5 browsers. Some of these patches have fixes for critical vulnerabilities that can allow remote exploitation of a computer. See this link for the Mozilla Security Advisories.

12/8/2009: Adobe has released a security bulletin to address multiple vulnerabilities in the flash player. The official Adobe bulletin is available here. Please update all vulnerable systems as soon as possible.  SANS also has more information.

12/8/2009: Microsoft has released this month's security bulletin. There are three critical updates in this release.  One of these vulnerabilities can infect a machine by visiting an infected web site.  The official Microsoft bulletin is available here. Please update all vulnerable systems as soon as possible.  SANS also has more information.

11/10/2009: Microsoft has released this month's security bulletin. There are three critical updates in this release.  The official Microsoft bulletin is available here. Please update all vulnerable systems timely.  SANS also has more information.

11/10/2009: Apple has released new security updates for the operating systems OS X 10.5 and 10.6. Sans provides a summary of the security patch here. Info on this patch from Apple can be seen here. Specific info on the security content of the patch is available here.

10/28/2009: The Mozilla Foundation has released multiple patches for the Firefox 3.0 and 3.5 browsers. Some of these patches have fixes for critical vulnerabilities that can allow remote exploitation of a computer. SANS lists information on the updates here. See this link for the Mozilla Security Advisories.

10/13/2009: Adobe has released a new security patch for Adobe Reader & Acrobat(9.2). The release fixes a critical vulnerability that is being actively exploited.  The Adobe announcement is available here.

10/13/2009: Microsoft has released this month's security bulletin. There are eight critical updates in this release.  The official Microsoft bulletin is available here. Please update all vulnerable systems timely.  SANS also has more information.

9/10/2009: Apple has released new security updates for the operating systems OS X 10.4, 10.5 and 10.6. Sans provides a summary of the security patch here. Info on this patch from Apple can be seen here. Specific info on the security content of the patch is available here. There is also a new security update for the Quicktime player version 7.6.4.  Info on all Apple security patches can be found at this site.

9/10/2009: The Mozilla Foundation has released multiple patches for the Firefox 3.0 and 3.5 browsers. Some of these patches have fixes for critical vulnerabilities that can allow remote exploitation of a computer. SANS lists information on the updates here. See this link for the Mozilla Security Advisories.

9/8/2009: Microsoft has released this month's security bulletin. There are five critical updates in this release.  The official Microsoft bulletin is available here. Please update all vulnerable systems timely.  SANS also has more information.

9/8/2009: Cisco Security Advisory can be found here: TCP State Manipulation Denial of Service Vulnerabilities in Multiple Cisco Products.  Please verify your products and update right away.

9/1/2009: Detailed exploit code has been published on the Internet that targets vulnerabilities in the FTP Service in several Internet Information Services (IIS) versions.  Here is the Microsoft Security Advisory, and SANS has some additional information.  One work-around is to disable the FTP service on all IIS servers.

8/11/2009: Microsoft has released this month's security bulletin. There are nine updates in this release, with five having a critical rating.  Please update all vulnerable systems immediatelySANS listed four with exploits being reported or observed.  The patch for MS09-039 is for WINS, and has the potential to be exploited by a worm.   Microsoft Security Research and Defense blog has a statement on the issue.  The official Microsoft bulletin is available here.

8/6/2009: Apple has released new operating system patch(10.5.8) with multiple security fixes within the Mac OS X operating system. Sans provides a summary of the security patch here. Info on this patch from Apple can be seen here. Specific info on the security content of the patch is available here.  Info on all Apple security patches can be found at this site.

8/3/2009: The Mozilla Foundation has released multiple patches for the Firefox and similar browsers. Some of these patches have fixes for critical vulnerabilities that can allow remote exploitation of a computer. SANS lists information on the updates here. See this link for the Mozilla Security Advisories.

7/30/2009: Adobe has released security patches for the Flash and Shockware players.  These patches fix a critical vulnerability in these products that can lead to a remote exploit of code. All colleges are advised to apply these patches to any system that runs this software. Security bulletins from Adobe can be seen here.

7/28/2009: Microsoft has released two out-of-band security bulletins that help mitigate vulnerabilities in the Microsoft Active Template Library (ATL), which is used in Internet Explorer and Visual Studio.  Please update all vulnerable systems immediately.  The previous ActiveX killbit workaround looks like it can be bypassed by malicious users.  SANS.org has more information on the subject.  The official Microsoft update summary for July 2009 has been modified to include these additional updates (MS09-034 and MS09-035), which is available here.

7/14/2009: Microsoft has released July's security bulletin. There are six updates in this release, with three having a critical rating.  Please update all vulnerable systems immediately, as one of the updates (MS09-032) resolves the Microsoft Video ActiveX Control vulnerability, and another update (MS09-028) resolves the other recently reported vulnerability in DirectShow.  Sans.org has more info on their site.  The official Microsoft bulletin is available here.

6/11/2009: The Mozilla Foundation has released a patch(3.0.11) for the Firefox browser. There are multiple fixes for security vulnerabilities some of which are rated as critical. Sans.org lists information on the updates here. See this link for the Mozilla Security Advisories.

6/9/2009: Microsoft has released this month's security bulletin. There are ten updates in this release, with six having a critical rating.  Please update all vulnerable systems as soon as possible.  Sans.org has more info on their site.  The official Microsoft bulletin is available here.

6/3/2009: Apple has released a new version(7.6.2) of QuickTime that addresses multiple security vulnerabilities. This new version can affect multiple operating systems (Mac OS X, Windows XP and Vista). Apple is listing the information on the update here.  Colleges should review the advisories and patch the affected products to avoid attacks. Sans.org lists information on the updates here.

5/12/2009: Apple has released new operating system patch(10.5.7) with multiple security fixes within the Mac OS X operating system. Sans provides a summary of the security patch here. Info on this patch from Apple can be seen here. Specific info on the security content of the patch is available here.  Info on all Apple patches can be found at this site.

5/12/2009: Adobe has release a new version (9.1.1)of the Acrobat and Reader programs that fix multiple security vulnerabilities.  There are known exploits for these vulnerabilities so the patch would be applied as soon as possible. There are patches available for the Windows, Macintosh and UNIX platforms. These updates should be tested by each college and installed timely.   Sans.org is reporting more info here.  The Adobe announcement is available here.

5/12/2009: Microsoft has released this month's security bulletin. There is only one patch being released, but it is a critical patch.  The vulnerability is currently being exploited. Please patch all vulnerable systems as soon as possible.  Sans.org has more info on their site.  The official Microsoft bulletin is available hereNote that there is no patch available for this application on the Mac platform at this time.

4/27/2009: The Mozilla Foundation has released a new patch to correct a problem in the previous patch.  This patch does have a critical rating as it can allow remote code execution. Sans.org lists information on the update here. See this link for the Mozilla Security Advisories.

4/22/2009: The Mozilla Foundation has released multiple patches for the Firefox and similar browsers. Some of these patches have fixes for critical vulnerabilities that can allow remote exploitation of a computer. Sans.org lists information on the updates here. See this link for the Mozilla Security Advisories.

4/16/2009: Oracle has announced their quarterly security update for various products. This announcement contains 43 security fixes across all products. The announcement from Oracle can be seen here.

4/9/2009: Microsoft has released this month's security bulletin. This update includes eight updates, with five of them rated as critical.  Some of these updates are currently being exploited. These updates should be tested and installed by each college as soon as possible.  Sans.org is reporting more info.  The Microsoft bulletin is available here.

4/8/2009: Cisco has announced a security update for the PIX and ASA security appliances which fix multiple vulnerabilities that can lead to Denial of Service or authentication bypass. The announcement from Cisco can be seen here.

3/27/2009: The Mozilla Foundation has released multiple patches for the Firefox and similar browsers. Some of these patches have fixes for critical vulnerabilities that can allow remote exploitation of a computer. Sans.org lists information on the updates here. See this link for the Mozilla Security Advisories.

3/11/2009: Adobe has release a new version (9.1)of the Acrobat reader that fixes a security vulnerability.  There are known exploits for this vulnerability so the patch would be applied as soon as possible. There are patches available for version 9 on the Windows and Macintosh only.  Patches for other versions and platforms will soon follow. These updates should be tested by each college and installed timely.   Sans.org is reporting more info here.  The Adobe announcement is available here.

3/10/2009: Microsoft has released this month's Security Bulletin.  It includes three updates, with one rated as critical.  The critical patch is for a vulnerability in the Windows kernel.  These updates should be tested by each college and installed timely.   Sans.org is reporting more info and Microsoft has additional details available here.

3/5/2009: The Mozilla Foundation has released multiple patches for the Firefox and similar browsers. Some of these patches have fixes for critical vulnerabilities that can allow remote exploitation of a computer. Sans.org lists information on the updates here. See this link for the Mozilla Security Advisories.

2/24/2009: Adobe has release a patch for the flash player that has updates to multiple vulnerabilities.  The vulnerabilities are rated with critical or important significance. The patches should be tested by each college and installed in a timely fashion. Sans.org is reporting more info here and the Adobe details are available here.

2/13/2009: Apple has released new security patches (10.4.11 and 10.5.6) to fix multiple vulnerabilities within the Mac OS X operating system.  There are also new Java updates available for these operating systems. Sans provides a summary of the security patch here. Info on this patch from Apple can be seen here.  Info on all Apple patches can be found at this site.

2/10/2009: Microsoft has released the monthly security patch for multiple vulnerabilities.  The vulnerabilities are rated with critical or important significance. The patches should be tested by each college and installed in a timely fashion. Sans.org is reporting more info here and the Microsoft details are available here.

2/6/2009: HP has announced a vulnerability in certain printers that can allow unauthorized access to stored documents. Sans provides more info here. The HP announcement is listed here with info on patching the firmware on the printers.

2/4/2009: Cisco has announced multiple vulnerabilities in the wireless LAN controllers. These vulnerabilities can lead to Denial of Service or privilege escalation.  This Cisco advisory provides further information.

2/4/2009: The Mozilla Foundation has released multiple patches for the Firefox and similar browsers. Some of these patches have fixes for critical vulnerabilities that can allow remote exploitation of a computer. Sans.org lists information on the updates here. See this link for the Mozilla Security Advisories.

1/21/2009: Apple has released a new version(7.6) of QuickTime that addresses multiple security vulnerabilities. This new version can affect multiple operating systems (Mac OS X, Windows XP and Vista). Apple is listing the information on the update here.  Colleges should review the advisories and patch the affected products to avoid attacks. Sans.org lists information on the updates here.

1/13/2009: Microsoft has released only one patch in this month's Security Bulletin.  It is rated Critical for a vulnerability in Microsoft's Server Message Block protocol.  This patch should be tested by each college and installed timely.   Sans.org is reporting more info and Microsoft has additional details available here.

12/23/2008: Microsoft is investigating new public reports of a vulnerability that could allow remote code execution on systems with supported editions of Microsoft SQL Server.  More information can be found here.

12/17/2008: Microsoft has released another out-of-band security patch.  This is rated as critical and could allow remote code execution. The vulnerability can affect multiple versions of Internet Explorer.  Remote exploit code is available in the wild for IE7 so this patch should be tested and deployed immediately.  Info on the patch from Sans.org can be found here. The patch and details about it are available here from Microsoft.

12/15/2008: Apple has released a new security update(10.5.6) to fix vulnerabilities within the Mac OS X operating system.  Sans provides a summary of the security patch here. Info on this patch from Apple can be seen here.  Info on all Apple patches can be found at this site.

12/9/2008: Microsoft has released eight patches in this month's Security Bulletin.  Six are rated Critical.  The ISC rating on one (MS08-070) is "patch now" for client machines.   This month's patches should be tested by each college and deployed as soon as possible.  Sans.org is reporting more info on these patches.  The patches and details about them are available here.

In addition, there is another advisory regarding a reported vulnerability in the WordPad text converter.  Microsoft will be looking into this and will be sending further information at the completion of that investigation.  More information can be found here.

11/13/2008: The Mozilla Foundation has released multiple patches for the Firefox and similar browsers. Some of these patches have fixes for critical vulnerabilities that can allow remote exploitation of a computer. Sans.org lists information on the updates here. See this link for the Mozilla Security Advisories.

11/11/2008: Microsoft has released this month's Security Bulletin.   There are two updates in this release, one rated critical.  These patches should be tested and deployed as soon as possible.  The patches and details about them are available here from Microsoft and here from SANS.org.

11/5/2008: Adobe has released an new security patch for the Adobe reader version 8.1.2 and earlier.  Version 9 is not affected by these vulnerabilities. This new patch has a number of fixes could allow remote code execution.  Info on the patch from Sans.org can be found here. The patch and details about it are available here from Adobe.

10/23/2008: Microsoft has released an out-of-band security patch.  This is rated as critical and could allow remote code execution. This can affect multiple versions of the windows operating systems.  Remote exploit code is available in the wild so this patch should be tested and deployed immediately.  Info on the patch from Sans.org can be found here. The patch and details about it are available here from Microsoft.

10/14/2008: Microsoft has released eleven patches in this month's Security Bulletin.  Four are rated critical, six are rated as important, and one is moderate.  This month's patches should be tested and deployed immediately.  See Microsoft's new Exploitability Index for help prioritizing the updates.  The patches and details about them are available here from Microsoft.

10/10/2008: Apple has released a new security update to fix vulnerabilities within the Mac OS X operating systems(10.4 & 10.5).  Sans provides a summary of the security patch here. Info on this patch from Apple can be seen here.  Info on all Apple patches can be found at this site.

9/15/2008: Apple has released a security update(10.5.5) to fix vulnerabilities within the Mac OS X operating systems(10.4 & 10.5).  Sans provides a summary of the security patch here. Info on this patch from Apple can be seen here.  Info on all Apple patches can be found at this site.

9/10/2008: Apple has released a new version(7.5.5) of QuickTime that addresses multiple security vulnerabilities. This new version can affect multiple operating systems (Mac OS X, Windows XP and Vista). Apple is listing the information on the update here.  Colleges should review the advisories and patch the affected products to avoid attacks. Sans.org lists information on the updates here.

9/9/2008: Microsoft has released four patches in this month's Security Bulletin.  All four are rated critical but are not being actively exploited at this time.  This month's patches should be tested and deployed as soon as possible.  Sans.org is reporting more info on these patches.  The patches and details about them are available here from Microsoft.

8/12/2008: Microsoft has released eleven patches in this month's Security Bulletin.  Six are rated critical and one is being actively exploited.  This month's patches should be deployed right away.  Sans.org is reporting more info on these patches.  The patches and details about them are available here from Microsoft.

7/8/2008: Microsoft has released four patches in this month's Security Bulletin.  These are all rated important.  This month's patches should be tested by each college and deployed timely.  Sans.org is reporting more info on these patches.  The patches and details about them are available here from Microsoft.

7/1/2008: Apple has released a security update(10.5.4) to fix vulnerabilities within the Mac OS X operating system and a update(3.1.2) to the Safari browser.  SANS provides an announcement of the security patches here. Info on these patches from Apple can be seen here:(OS and Safari). Info on all Apple patches can be found at this site.

6/19/2008: Microsoft has re-released MS08-030, which was originally included in the June monthly patch update.  This updated patch should be tested and rolled out to all vulnerable workstations.

6/10/2008: Apple has released a new version(7.5) of QuickTime that addresses multiple vulnerabilities. This new version can affect multiple operating systems (Mac OS X, Windows XP and Vista). Apple is listing the information on the update here.  Colleges should review the advisories and patch the affected products to avoid attacks. Sans.org lists information on the updates here.

6/10/2008: Microsoft has released seven patches in this month's Security Bulletin.  Three are rated Critical.  This month's patches should be tested by each college and deployed timely.  Sans.org is reporting more info on these patches.  The patches and details about them are available here.

6/5/2008: Cisco has announced a security update for the PIX and ASA firewalls which fixes 5 vulnerabilities that can lead to Denial of Service or bypass of specific ACLs.  Sans provides a summary of the security updates here. Info on this advisory from Cisco can be seen here.

5/29/2008: Apple has released a security update(10.5.3) to fix vulnerabilities within the Mac OS X operating system.  Sans provides a summary of the security patch here. Info on this patch from Apple can be seen here.  Info on all Apple patches can be found at this site.

5/21/2008: Cisco has released a security advisory for an IOS Secure Shell Server vulnerability.  If the vulnerable IOS versions are being used, it is recommended that the updates be applied as soon as possible.

5/14/2008: Cisco has released three security advisories to address vulnerabilities in Cisco Unified Communications Manager, Unified Presence, and the Content Switching Module. These vulnerabilities may allow an attacker to cause a denial-of-service condition on the affected system.  The vulnerabilities were apparently discovered internally, so no exploits are circulating yet.  It is recommended that the updates for these products be applied timely.

5/13/2008: Microsoft has released four fixes to close a half dozen security holes in this month's Security Bulletin.  Three of the fixes are rated critical, including a vulnerability in the Microsoft Jet database which is currently being exploited by attackers.  Colleges should test and deploy these patches right away.  Sans.org has more information in addition to the details on these updates available here.

4/10/2008: Real.com has released a patch for it's Real Player that patches a vulnerability that could allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Read about the vulnerability here. You should upgrade to RealPlayer 11.0.2 by clicking Tools - Check for Update from the RealPlayer console. Colleges should review the advisories and patch the affected products to avoid attacks.

4/9/2008: Adobe has released a patch to Adobe Flash Player 9 that addresses a critical vulnerability that could lead to the potential execution of arbitrary code remotely. The update also includes DNS rebinding attack and cross-domain policy countermeasures. You should update to the latest version of Adobe Flash Player, version 9.0.124.0 available here. Colleges should review the advisories and patch the affected products to avoid attacks.

4/8/2008: Microsoft has released five critical patches in this month's Security Bulletin.  This month's patches should be tested and deployed as soon as possible at each college.  Sans.org is reporting that proof-of-concept exploits for MS08-023 have already been posted on the Internet.  The patches and details about them are available here.

4/3/2008: Apple has released a new version(7.4.5) of QuickTime that addresses 11 vulnerabilities. This new version can affect multiple operating systems (Mac OS X, Windows XP and Vista). Apple is listing the information on the update here.  Colleges should review the advisories and patch the affected products to avoid attacks. Sans.org lists information on the updates here.

3/26/2008: Cisco Systems has released the bi-annual patch for IOS. This patch includes fixes for conditions that may cause a denial of service. Colleges should review the advisories and patch the affected products to avoid attacks. Sans.org lists information on the updates here. All Cisco security advisories can be found at this site.

3/26/2008: The Mozilla Foundation has released multiple patches for the Firefox and similar browsers. Some of these patches have fixes for critical vulnerabilities that can allow remote exploitation of a computer. Sans.org lists information on the updates here. See this link for the Mozilla Security Advisories.

3/19/2008: Apple has released a security update to fix vulnerabilities within the Mac OS X operating system.  The updates are for both the Tiger(10.4) and Leopard(10.5) users. Info on this patch from Apple can be seen here. There is also a separate patch for the Safari browser.  Info on all Apple patches can be found at this site.

3/11/2008: Microsoft has released four patches in this month's Security Bulletin.  All four are rated Critical for specific MS Office versions.  This month's patches should be checked by each college and deployed as soon as possible.  Sans.org is reporting more info on these patches.  The patches and details about them are available here.

2/12/2008: Microsoft has released eleven patches in this month's Security Bulletin.  Six are rated Critical.  This month's patches should be tested by each college and deployed as soon as possible.  Sans.org is reporting more info on these patches.  The patches and details about them are available here.

2/11/2008: Apple has released a security update to fix 10 vulnerabilities within the Mac OS X operating system.  The updates are for both the Tiger and Leopard users. Sans.org is reporting more info on these patches.  Info from Apple can be seen here. Info on all Apple patches can be found at this site.

2/9/2008: Adobe Reader/Acrobat Vulnerability.  The Adobe Reader vulnerability is being exploited in the wild according to Sans.org.  The update for this vulnerability should be installed on all clients as soon as possible.  Additional information can be found at  McAfee.com and at Adobe.

1/8/2008: Microsoft has released two patches in this month's Security Bulletin.  One is rated Critical.  This month's patches should be tested by each college and deployed as soon as possible.  Sans.org is reporting more info on these patches.  The patches and details about them are available here.

12/14/2007: A QuickTime vulnerability is actively being exploited. The patch for the vulnerability should be pushed out all clients as soon as possible.  Information about the vulnerability can be found at Sans.org and the latest QuickTime release can be found on Apple's web site found here.

12/11/2007: Microsoft has released seven patches in this month's Security Bulletin.  Three of these patches are rated Critical.  This month's patches should be tested by each college and it is highly recommended that they be deployed as soon as possible.  Sans.org is reporting more info on these patches.  The patches and details about them are available here.

11/13/2007: Microsoft has released two patches in this month's Security Bulletin.  One of these patches is rated Critical.  This month's patches should be tested by each college and it is highly recommended that they be deployed as soon as possible.  Sans.org is reporting more info on these patches.  The patches and details about them are available here.

10/9/2007: Microsoft has released seven patches in this month's Security Bulletin.  Four of these patches are rated Critical.  This month's patches should be tested by each college and it is highly recommended that they be deployed as soon as possible.  Sans.org is reporting that three of the seven vulnerabilities have been publicly known for some time.  The patches and details about them are available here.

9/11/2007: Microsoft has released four patches in this month's Security Bulletin. One of these patches is rated Critical for Windows 2000 sp4. This month's patches should be tested by each college before being deployed. The patches and details about them are available here.

8/14/2007: Microsoft has released nine patches in this month's Security Bulletin. Six of these patches are rated Critical. This month's patches should be tested by each college and it is highly recommended that they be deployed as soon as possible. The patches and details about them are available here.

7/10/2007: Microsoft has released six patches in this month's Security Bulletin. Three of these patches are rated Critical. This month's patches should be tested by each college and it is highly recommended that they be deployed as soon as possible. The patches and details about them are available here.

6/12/2007: Microsoft has released six patches in this month's Security Bulletin. Four of these patches are rated Critical. This month's patches should be tested by each college and it is highly recommended that they be deployed as soon as possible. The patches and details about them are available here.

5/08/2007: Microsoft has released seven patches in this month's Security Bulletin. All of these patches are rated Critical. Sans.org is reporting that three of the seven vulnerabilities already have exploit code that's been publicly released. This month's patches should be tested by each college and it is highly recommended that they be deployed as soon as possible. The patches and details about them are available here.

5/07/2007: Apple has released a new version of QuickTime that fixes a highly critical vulnerability. The new version is QuickTime 7.1.6. An exploit is expected to be publicly available shortly and it is advised that all systems running this software be upgraded as soon as possible. More information can be found at Apples web site here.

4/10/2007: Microsoft has released six patches in this month's Security Bulletin. Five of these patches are rated Critical. Sans.org is reporting that two of the six vulnerabilities already have exploit code that's been publicly released. This month's patches should be tested by each college and it is highly recommended that they be deployed as soon as possible. The patches and details about them are available here.

4/03/2007: Microsoft has released the Security Bulletin Summary for April 2007 which contains the patch for the ANI vulnerability discussed below. This vulnerability is currently being exploited and it is highly recommended that this patch be applied as soon as possible. Each college should thoroughly test this patch before installing it on their systems.

4/02/2007: Microsoft is planning on releasing an out-of-cycle patch to address the below ANI vulnerability. This patch will be available on Tuesday, 4/03/2007. More information will be posted when the patch has been released.

3/29/2007: Microsoft is investigating reports of a new unpatched attack that is actively being exploited on the internet. The vulnerability is caused by Windows failing to properly handle specially crafted animated cursor (ANI) files. More information can be found here at Microsoft's web site along with suggested workarounds.

2/13/2007: Microsoft has released 12 patches in this month's Security Bulletin. Six of these patches are rated Critical. Sans.org is reporting that six of the twelve vulnerabilities either already have exploit code that's been publicly released or exploit code that is expected to be released soon. This month's patches should be tested by each college and it is highly recommended that they be deployed as soon as possible. The patches and details about them are available here.

1/9/2007: Microsoft has released four patches in this months Security Bulletin. three of these patches are rated Critical. Sans.org is reporting that three of these vulnerabilities already have exploit code that's been publicly released. This month's patches should be tested by each college and it is highly recommended that they be deployed as soon as possible. The patches and details about them are available here.

Two other applications have announced vulnerabilities: Apple QuickTime and Adobe Reader. Read more about each vulnerability here:

Be aware that a buffer overflow has been announced for Apple QuickTime RTSP and currently does not have a patch available. An attacker may be able to execute arbitrary code or cause a denial of service on vulnerable clients by convincing the user to open specially crafted QuickTime content. This affects both Mac and Windows clients and also applies to other software (such as iTunes) that use vulnerable QuickTime components. Read more about the vulnerability can be found here as well as suggested workarounds: http://www.kb.cert.org/vuls/id/442497.

If you have Adobe Reader or Acrobat version 7.0.8 or earlier installed, you must upgrade to version 8.0 to be protected from a recent cross-site scripting vulnerability just announced when accessing.pdf files from a web browser. The vulnerability allows remote attackers to execute arbitrary code depending on the browser used (both Microsoft IE and Firefox were listed, see this link for more info). Upgrading to version 8.0 protects you from these exploits.

12/12/2006: Microsoft has released seven patches in this months Security Bulletin. three of these patches are rated Critical. Sans.org is reporting that two of these vulnerabilities already have exploit code that's been publicly released. This month's patches should be tested by each college and it is highly recommended that they be deployed as soon as possible. The patches and details about them are available here.

Microsoft is also investigating a report of "zero-day" attacks taking advantage of a vulnerability in ALL recent versions of Microsoft Word and Microsoft Works for both Windows & MAC. Read more about it here.

As always and should be common practice, it is critically important that you DO NOT OPEN ANY unsolicited WORD DOCUMENTS from both known and unknown sources, including email and the web.

11/14/2006: Microsoft has released six patches in this months Security Bulletin. Five of these patches are rated Critical. Sans.org is reporting that two of these vulnerabilities already have exploit code that's been publicly released. This month's patches should be tested by each college and it is highly recommended that they be deployed as soon as possible. The patches and details about them are available here.

10/10/2006: Microsoft has released 10 patches in this months Security Bulletin. Six of these patches are rated Critical. Sans.org is reporting that one of these vulnerabilities already has exploit code that's been publicly released (MS06-057). These patches should be tested by each college and it is highly recommended that they be deployed as soon as possible. The patches and details about them are available here.

Check out McAfee's notice about forcing all automatic updates to download the 5.1.00 engine starting on October 30th. This is to prepare for the release of their 8.5 VirusScan engine. They recommend that you voluntarily move to 5.1.00 before the cut off of October 30th. Please see their notice about this update change. If you haven't already pushed out engine 5100, then you should think about doing it before the end of this month.

09/27/2006: Microsoft has released a Critical Security Bulletin (MS06-055) which could allow Remote Code Execution and Complete Control of the affected System. This vulnerability is in the Vector Markup Language and affects Windows 2000, Windows XP and Windows 2003. It is recommended that you test and deploy the patch for this vulnerability as soon as possible. The patch and details about it are available here.

09/13/2006: Microsoft has released three patches in this months Security Bulletin. One of these is rated as Critical and affects Microsoft Publisher. If you are using this software, it is recommended that you test and deploy the patch as soon as possible. The patches and details about them are available here. Microsoft has also re-released two patches for previously disclosed vulnerabilities - MS06-040 and MS06-042. These new patches include fixes to newly discovered issues. Specifically, if you have systems still running Internet Explorer 6 SP1 or Internet Explorer 5 SP4, those systems are still vulnerable to exploit and should be patched for the MS06-042 vulnerability or update to the latest version.

08/10/2006: Microsoft has released 12 patches in this months Security Bulletin. Nine of these patches are rated Critical. Sans is reporting that three of these vulnerabilities already have exploit code that's been released. Of particular note is MS06-040 which has the potential to be turned into a worm and propagate itself across the network. These patches should be tested by each college and it is highly recommended that they be deployed as soon as possible. The patches and details about them are available here.

07/17/2006: McAfee has announced a critical vulnerability in its EPO agent software which could allow remote code execution. Specific details of the vulnerability are available from eEye Digital Security. To find out if your agent software is vulnerable and directions on how to download and deploy the latest agent software, please visit McAfee's web site located here.

06/20/2006: Microsoft has announced a zero day vulnerability in Excel that could allow Remote Code Execution (Advisory 921365). There is currently no patch available. Some Anti-Virus vendors may detect some portions of this exploit, but it is recommended that you follow best practices described here to protect yourself.

6/15/2006: Microsoft has released 12 patches in this months Security Bulletin. Eight of these patches are rated Critical. Sans is reporting that five of these vulnerabilities already have exploit code that's been released. These patches should be tested by each college and it is highly recommended that they be deployed as soon as possible. The patches and details about them are available here.

Mozilla Firefox has release a patch for a vulnerability in its browser. The flaw has to do with an exploitable crash in InstallVersion.CompareTo. A proof of concept exploit has been posted. The patch and details about it are available here.

4/18/2006: Mozilla Products Contain Multiple Vulnerabilities.

3/16/2006: Adobe Macromedia Flash Products Contain Vulnerabilities

1/17/2006: A new exploit has been released utilizing the Stack Overflow vulnerability in Veritas Netbackup Enterprise Server. A specifically crafted packet, sent to the Volume Manager via port 13701, will cause a stack overflow, allowing the attacker to run code of her/his choosing. Authentication by the attacker is not needed to take advantage of this vulnerability. The security packs that address this vulnerability, Symantec Advisory #SYM05-024, can be found here.

Microsoft has released their monthly security patch bulletin which contains information on several critical vulnerabilities. This includes a vulnerability in TNEF decoding in Outlook and Exchange and a vulnerability in Web Fonts. Both of these issues could allow the Remote Execution of Code. The patches and details are available here.

1/12/2006: Do you have QuickTime installed on either Mac OS or Windows XP/2000? Apple has released a security update to fix multiple vulnerabilities found in versions prior to 7.0.4. The impacts of these vulnerabilities include execution of arbitrary code and denial of service.

1/6/2006: Microsoft has released a patch for the WMF vulnerability discussed below. This patch which was originally due out on January 10th has been release 5 days early because of the critical nature of the vulnerability. This patch has been tested and approved by the System Office and it is highly recommended that it be deployed as soon as possible. The patch and details about it are available here.

1/4/2006: Two alerts to note for the new year: Another Sober virus variant is proposed to strike with a wave of e-mail attacks on January 5th or 6th. Also, a vulnerability was announced last month that affects how Microsoft handles WMF images. Please read the details for both alerts below to see how these security alerts affect you.

  1. Another Sober variant attack is expected to strike on January 5th or 6th. The importance of this warning is that you would already have to be infected with this Sober virus in order for the email attack to trigger on January 5th or 6th. All computers on our network should already have up-to-date anti-virus software in place to prevent an initial infection and therefore should not be the source of the e-mail attack portion of the Sober virus.


  2. Microsoft WMF Image Vulnerability. A vulnerability was announced at the end of December that affected how Microsoft handles WMF images. The vulnerability would allow an attacker to take complete control when an infected image was accessed. An infected image could be accessed by visiting a malicious website from a web browser, inside an e-mail or IM.

The Microsoft announcement, specifically the FAQ section, should answer your questions on this vulnerability and how it affects you. 

The official Microsoft patch is due to be released earlier than the scheduled January 10th. The new announcement states it will be released on January 5th. Be aware that an unofficial patch is available on the Internet and that we do not recommend applying any unofficial patches.

Even though this is a serious vulnerability that needs to be patched, the Microsoft announcement notes:

  • anti-virus companies indicate that attacks based on exploiting the WMF vulnerability are being effectively mitigated through up-to-date signatures;
  • customers who follow safe browsing best practices are not likely to be compromised by any exploitation of the WMF vulnerability. Users should take care not to visit unfamiliar or un-trusted Web sites that could potentially host the malicious code.

6/1/2005: Apple has released new security updates.

2/17/2005: New variant of MyDoom spreads again on Internet. At least one machine at CT Community Colleges was affected! Remember to keep your anti-virus definition files up to date!

1/10/2005: IE vulnerability allows malicious websites to take control of your computer without any user interaction

12/15/2004: Username/Password Vulnerability in Cisco Unity Product

12/15/2004: Microsoft releases 5 Important updates that affect Wordpad, Hyperterminal, LSASS, DHCP and WINS (MS04-041 through MS04-045)

12/10/2004: Vulnerability announced that allows hijacking of pop-ups

12/08/2004: Be aware of Google Desktop Search when on public machines