If you’re an IT administrator, you probably know that yesterday was Microsoft Patch Day.
Last week, the OpenSSL team fixed a vulnerability that could allow attackers to get the key used to encrypt your HTTPS or SSL connections. Watch today’s video to learn a bit more about this vulnerability, the update, and how WatchGuard products are affected. (Episode Runtime: 3:17 ) Direct YouTube Link: https://www.youtube.com/watch?v=I8yBGcTGtqM EPISODE REFERENCES: OpenSSL fixes a serious vulnerability related to DSA – Ars Technica Details on OpenSSL key recovery attack – Blogspot OpenSSL security advisory for update – OpenSSL WatchGuard’s knowledge base article on our exposure [ Requires login ] – WatchGuard — Corey Nachreiner, CISSP ( @SecAdept )
Malware has been known to use new and innovative ways to evade detection by Antivirus software, a phenomenon AV analysts have often seen with PC malware.
Summary On the patch Tuesday of this month, Microsoft patched 3 Office vulnerabilities in MS16-004.
The recent issue that was disclosed publicly was resolved and a patch was made available in July 2014 as part of Fortinet’s commitment to ensuring the quality and integrity of our codebase.