Home > Blogs > VMware Go Blog > Tag Archives: patch management

Tag Archives: patch management

Weekly Links – December 17, 2012

Happy “Most-of-Us-Won’t-Be-Working-Next-Monday” day, everybody! Seriously, though, it’s hard to believe that we’re just over a week from Christmas (and Channakuh is already upon us!).

Have you finished your holiday shopping yet? Started it, even? Yeah, us neither. Here’s to battling the riotous, crazed last-minute crowds at Macy’s this week. It will all be over soon enough.

FYI, we will be on hiatus next week – see everybody back here in 2013. In the meantime, happy holidays!

Your weekly links:

Six Ways IT Still Fails Business (InformationWeek)

The 2012 InfoWorld geek IQ test (InfoWorld)

Developer warns of critical vulnerability in many Samsung smart phones (Ars Technica)

Research: Agile developers rule the roost, experience trumps toolsets (GigaOM)

Google Maps for iOS Was Downloaded Over 10 Million Times in Its First 48 Hours After Launch (TechCrunch)

This week’s apropos of nothing image is dedicated to all of you who, at some point in life or another, have had to endure the dreaded “awkward family holiday photo.” Hang in there, at least you’re not these people (and if you are in fact this people: Godspeed).

You can read our previous links round-ups here. And be sure to visit us here for more information on how we can help you better manage your IT infrastructure.

 

 

This Week in Patching – 12/14/2012

By: Jason Miller, Manager of Research and Development at VMware

This week in patching was highlighted by Microsoft’s December 2012 Patch Tuesday.  Microsoft released seven security bulletins addressing 12 vulnerabilities.  You can read my full write up on Patch Tuesday here.

On the non-Microsoft front, Adobe released an update for their Adobe Flash Player and Air products.  Adobe Security Bulletin APSB12-27 addresses three vulnerabilities as is rated as Critical.  Adobe has started the trend of releasing security updates for Flash Player on Microsoft’s Patch Tuesday.  This trend will probably continue as Microsoft and Google both bundle Adobe Flash Player in their latest browsers.

On that note, Microsoft released an update for their security advisory (KB2755801) to include the latest version of Adobe Flash for Internet Explorer 10.  Google released an update on Patch Tuesday for their Chrome browser.  Google Chrome 23.0.1271.97 contains the latest version of Adobe Flash Player as well as addressing six Google Chrome vulnerabilities.

To wrap up Patch Tuesday, Apache released a new version of Tomcat for Windows with version 7.0.34.  This latest version of Tomcat is a non-security update.

On Thursday, Oracle provided updates for Java version 6 and 7.  Java 6 update 38 and Java 7 update 10 are non-security releases.  The next scheduled security update for Oracle Java is planned for February 19, 2013.  It is important to note that the next scheduled security update will be the last time Java version 6 will receive a security update.  At that time, Oracle will continue to provide security updates for Java version 7.  In the next few months, administrators should look at testing the upgrade for Java version 6 to version 7.  Java can be quite tricky to upgrade.  There are occasions where older software programs that rely on Java simply will not work with the latest version.  By June 18, 2013, administrators should be upgraded to Java 7.  That date will be the next scheduled security update after Java 6 has reached end of life for support.

On Friday, Apple provided updates for their iTunes product with version 11.01.  This update addresses non-security issues with their recent major upgrade in version 11.

Typically, the last two weeks of the year are very quiet for vendors releasing patches for their software.  If any vendor does release updates, I will be back next Friday with an update on the happenings in patch management.  If not, I will be getting a head start on ringing in the New Year.

Happy Patching and Happy Holidays!

– Jason Miller

Click here to learn more about how VMware Go Pro can help you better manage your IT infrastructure.

 

 

Simplify Your IT Management with VMware Go Pro (Webinar)

Attention IT admins! Have you been looking for a cost-effective way to implement virtualization? Look no further; VMware Go Pro is here to help!

Join us for a webinar that will demonstrate how easy it is to deploy VMware vSphere and manage both your virtual and physical infrastructures with VMware Go Pro.

WHEN: Thursday, December 13 at 8:00 AM PT / 11:00 AM ET

WHERE: Register here

WHO: Chris Barron and Fabio Ramos of VMware

Any questions? Leave a comment and we’ll get back to you ASAP.

Hope to see you Thursday!

Click here to learn more about how VMware Go Pro can help you better manage your IT infrastructure.

Weekly Links – December 10, 2012

Another day, another dollar… Here’s to another week of the daily grind. Looking for a silver lining? We’re only 11 days from the apocalypse, if you trust the “end of days” crowd, that is (no folks, the Mayans did NOT predict the end of the world on December 21, 2012).

Which sounds better to you: another 20-30 years of managing trouble tickets for clueless colleagues, or floating in purgatory for the rest of eternity (it’s a trick question… they’re one in the same!).

Your weekly links:

Your key technology decisions for 2013 (InfoWorld)

Google Apps No Longer Free For Businesses (InformationWeek)

Worst security snafus of 2012 (ITWorld)

Online job boards don’t work – how big data can fix the problem (GigaOM)

Everyone gets new Twitter pages December 12 (The Next Web)

Now, on to this week’s apropos of nothing images… It’s a bird! It’s a plane! It’s—oh wait, it is a plane! Cool shot all the same.

Who can tell us what city they’re flying over here?

You can read our previous links round-ups here. And be sure to visit us here for more information on how we can help you better manage your IT infrastructure.

 

This Week in Patching – 12/7/2012

By: Jason Miller, Manager, Research and Development at VMware

This week in patching was a very light week with very few releases.  This is not unusual for this time of the year.  In the past few years, I typically see a lighter number of releases from software vendors during the month of December.  Here is a quick recap on the happenings in patching this week:

On Monday, Foxit released a new version of Foxit Reader with version 5.4.4.11281.  This update is a non-security update.

On Wednesday, The Document Foundation released an update for their 3.6.x LibreOffice program with LibreOffice 3.6.4.  This release is also a non-security update.

Next Tuesday marks the December 2012 edition of Patch Tuesday.  I will be going into detail on all of the happenings here next Tuesday.

Happy Patching!

– Jason Miller

Want to learn more about VMware Go Pro? Click here.

Better yet, you can try it for yourself here – for free!

Weekly Links – December 3, 2012

Happy December, folks! Random tip for you before we jump into this week’s links: HBO’s Boardwalk Empire. Watch it. Season three wrapped up last night, and just, wow.

That’s about it for the mindless banter on our end – here are this week’s links:

Should LulzSec Suspect Face Life in Prison? (InformationWeek)

How IT will be blown to bits (InfoWorld)

Guess what Mr. CIO? One in five of your employees uses Dropbox at work (GigaOM)

Ten lies programmers tell themselves (ITWorld)

Dating sites help you find love by browsing Reddit, watching lolcats (Ars Technica)

This week’s apropos of nothing image doubles as your official reminder that we are now only 160 days, 12 hours, 17 minutes from a new Star Trek movie. ZOMG!!!!

You can read our previous links round-ups here. And be sure to visit go.vmware.com for more information on how we can help you better manage your IT infrastructure.

Want to learn more about VMware Go Pro? Click here.

Better yet, you can try it for yourself here – for free!

 

 

This Week in Patching – 11/30/2012

By: Jason Miller, Manager, Research and Development

This week was highlighted yet again by browser updates addressing security vulnerabilities.  Google released updates for their Chrome and Chrome Frame browsers addressing multiple vulnerabilities.  On Monday, Google Chrome 23.0.1271.91 was released and it addresses seven vulnerabilities.  On Thursday, a second update was provided with Google Chrome version 23.0.1271.95.  The latest version addresses two security vulnerabilities.

A little background and history on Google’s responsible vulnerability initiative:

In November 2010 Google implemented a vulnerability reward program to enable security researchers the ability to gain financial rewards for responsibly disclosing vulnerability information to Google.  A responsible vulnerability disclosure is when a vulnerability is submitted to the vendor and the source code is not made publicly available until a fix has been made in the affected software.

One of the vulnerabilities fixed in the latest version of Google Chrome is credited to the hacker known as “Pinkie Pie.”  This vulnerability netted Pinkie Pie a cool $7,331.  This is not the first time Pinkie Pie has received a reward in the vulnerability reward program.  Back in March, Pinkie Pie received $60,000 for a vulnerability in Google Chrome during the Pwnium contest.  In October, the Pwnium 2 contest was held and Pinkie Pie received another $60,000 for winning the contest.  I would say netting $127,331 on vulnerabilities found and responsibly disclosed makes 2012 a great year for both Google and Pinkie Pie!

Back to this week’s patches:

On Wednesday, the Wireshark Foundation released a security update for their Wireshark product.  Wireshark 1.8.4 addresses 11 vulnerabilities and Wireshark 1.6.12 addresses six vulnerabilities.

On Thursday, Apple released a new version of their iTunes software with version 11.  This new version includes many new features and possibly addresses vulnerabilities.  The product release notes contains a link to their security updates section but no vulnerabilities have been announced.  Apple can be a bit slow on releasing vulnerability information, so I will be watching out during the next week for any announcements.

Today, FileZilla has released yet another update for the FileZilla Client.  FileZilla Client 3.6.0.2 is a non-security update addressing two issues.

Happy Patching!

– Jason Miller

P.S. Want to learn more about VMware Go Pro? Click here.

Also, check out  a 30-day free trial of VMware Go Pro!

Pssst… Looking for the Perfect Gift for Your IT Person This Year? Look No Further Than VMware Go Pro!

By Andy the Angry IT Guy

It’s clear that, once again, the holiday season is upon us.

Why is that, you’re asking? Am I delirious with the spirit of the season, hanging tinsel and mistletoe around my cubicle, organizing company caroling sessions and baking festive snickerdoodle cookies for the entire office?

Of course not! Bah humbug! (Come on… were you expecting anything less from your favorite angry IT guy).

No, I know that the holiday season is approaching because rabid sales executives keep accosting me to make sure their database stays up and running as they close quarter-end deals (it does, as usual…), the HR person keeps complaining to me about Outlook calendars not synching up for people’s PTO requests (you have to click “accept”) and our psychotic marketing director nearly compromised our entire network after clicking an email with a subject line of “Cute baby triplets sing ‘Jingle Bells’ while kittens wrestle in the background” (it was a malicious virus).

Yep, people get pretty irrational around the holidays.  Luckily for me, I know have VMware Go Pro – which definitely helps me deal with the crazy here to a certain degree. I may even go so far as to say I’m “thankful” for VMware Go Pro—truth be told, it’s the best thing to happen to me this year (after my endless flirtations with Liz from Accounting and the long-awaited release of Diablo 3, that is).

VMware Go Pro has allowed me to get our virtualization project up and running with minimal headaches, and has also allowed me to ensure that the company’s infrastructure is secure and appropriately patched (which really comes in handy when your brainiac colleague inadvertently looses a Trojan onto your network).

With that in mind, I offer this gift to you, dear readers: for the rest of today, VMware is running a serious discount on VMware Go Pro in the eStore. In fact, VMware is running a series of promotions in honor of Cyber Monday in the eStore all week (including 20% savings on an annual license for VMware Go Pro).

Trust me when I say, you do not want to miss out on this. If there’s an IT person in your life, get them this gift and know that they will be forever grateful. Really, the only thing better that I can think of is a Star Trek: Next Generation reunion – which sadly won’t be happening anytime soon.

In the meantime, there’s VMware Go Pro! Check it out here – http://store.vmware.com/promo/91614000

Want to learn more about VMware Go Pro? Click here.

Weekly Links – November 27, 2012

Shhh! Can you hear that? If you listen closely, you can hear the faint whisper of Christmas music floating up from every single retail store from here to Sheboygan. With just under a month until Christmas, you can expect to have Bing Crosby and “Santa Baby” ringing in your ears for the foreseeable future. If you made it out for Black Friday this year (and it sounds like many of you did), you surely know what we mean here.

And, in the spirit of retailer-driven holiday traditions, happy Cyber Monday! VMware is getting in on the fun, too—keep an eye on our eStore for promotions throughout this coming week (including a special on VMware Go Pro on November 29!).

Now on to this week’s links:

Buggy Windows 8 patch: Old problem, new solutions (InfoWorld)

Few Enterprises Move at the Speed of Social (InformationWeek)

How IT will evolve to photonics (The Register)

Say What? Top Five IT Quotes of the Week (InternetNews)

Around the Star Trek world in 150 years (Ars Technica)

Contrary to what you’ll probably guess, this week’s apropos of nothing image is not in fact pulled from The Onion:

You can read our previous links round-ups here. And be sure to visit go.vmware.com for more information on how we can help you better manage your IT infrastructure.

Want to learn more about VMware Go Pro? Click here.

Better yet, you can try it for yourself here – for free!

Celebrate Cyber Monday with VMware Go Pro!

If our title wasn’t clear enough, how’s this? In honor of Cyber Monday, we’re running a special on VMware Go Pro subscriptions – a powerful, cloud-based service that allows you to manage and protect your VMware vSphere infrastructure. For 48 hours, you can purchase a subscription to VMware Go Pro for 20% off!

WHAT: Significantly-discounted subscription to VMware Go Pro

WHEN: 12:00 AM November 29 – 11:59 PM PST November 30

WHERE: VMware eStore – http://www.vmware.com/vmwarestore/

WHY: Because you deserve it.

Want to take VMware Go Pro for a test drive before purchasing? No problem – you can sign up for a free trial here.

You can also learn more about VMware Go Pro here.