Don't-Miss Stories

Patch times improved in 2013, security analysis reports

Report finds improvement but is is enough?

coding

Pwn2Own security contest offers $645,000 in prizes

This year's contest offers a grand prize of $150,000 that requires researchers to deal with Microsoft's EMET anti-exploit toolkit.

Microsoft patches next week even include Windows XP

Three of the four updates for Windows on Patch Tuesday will affect Windows XP, which is scheduled for retirement in April.

Patch Tuesday: Fairly quiet on the Microsoft front

Security analysts advise applying critical Oracle and Adobe patches before those from Microsoft.

Vendor security patches lag dangerously, study suggests

Subscribers to organizations that sell exploits for flaws not yet known to software developers learn early about vulnerabilities in popular programs, a study says.

Microsoft Patch Tuesday reinforces the value of software upgrades

Microsoft issued five critical security bulletins in December's round of Patch Tuesday.

Microsoft's last Patch Tuesday of 2013 will be huge

Microsoft wraps up the year's Patch Tuesday bulletins next week with 11 more fixes, pushing this year's total to 106, up from 83 in 2012.

Windows Vista, Lync, older Office versions under attack via new vulnerability

Attackers are exploiting security holes found in older versions of Office and Windows, plus current versions of Lync. A fix is available, however.

Microsoft shells out $100,000 for Windows bug-finder bounty

The security researcher who was awarded $100,000 by Microsoft said he spent about two weeks pondering, then demonstrating a new way to circumvent Windows' defensive technologies.

Microsoft Patch Tuesday fixes two separate IE zero-day flaws

Microsoft released eight security bulletins for the October Patch Tuesday, and one fixes two flaws in IE already being exploited in the wild.