Welcome to this May Patch Monday bulletin. I hope patching went well last month especially with the quarterly Java CPU. This month patches are brought to you by Adobe, Apple, Google, and Mozilla. Start this month with Adobe patches since Flash and Reader are popular targets for drive by downloads and spear fishing attacks. Apple Safari, Google Chrome, and Mozilla Firefox all have potential arbitrary code execution vulnerabilities that have patches available. Apply these patches based on which browsers are the most prevalent in the environment. Finally, apply the patch for Mozilla Thunderbird if this is an actively used email client. This relatively light month is a great one to take a look at what applications are running in the environment. Software inventories are vital to a proper patch management program and for a security program in general. You cannot patch what you do not know about.
One of the most frequent complaints I hear from you folks is “We need a SIEM but can't afford the big enterprise solutions.” And as a tech-heavy small business owner I truly understand the need for software that installs in minutes and doesn't require a ton of planning, learning, design and professional services before you start getting results. So I recently reviewed a fast, easy and affordable SIEM and Log Management solution that I think deserves your attention. Read the blog about it