New Windows 0-Day delivered via Powerpoint

A new 0-day vulnerability has been found in Windows OLE (object linking and embedding) interpreter.  The attack is being delivered as an OLE object embedded in a PowerPoint file.

Apple releases Security Patch 2014-005

Fixes the POODLE flaw in SSL.

Microsoft recalls KB 2949927 patch

Patch from last Tuesday is causing problems.

Microsoft Loves Linux?

Take a look at the slides at this Microsoft Cloud Briefing.

OS X 10.10 Review

Yosemite is out and a free upgrade.

Firefox 33

Mozilla has updated its browser, fixing some critical bugs.  Upgrade if you use it.


Google Security Engineers have detailed an attack on the outdated SSLv3 protocol.  Most browsers will re-negotiate to the older protocol if asked.  Quickest solution is to disable SSLv3.

Veracrypt, Truecrypt’s successor

Fixes problems, more secure.  Windows Only.

Oct 2014 Patch Tuesday

Microsoft is releasing patches today, make sure to update your PCs.  Oracle is also releasing patching Java.  Check your Adobe products too.

Hundreds of Dropbox user passwords posted on Reddit

Company says it wasn’t hacked and that passwords were stolen from “third party services.”  Says most passwords are “expired.”   You should change your Dropbox password.