SSCC 94 - internet meltdown, Microsoft's XML exploit patch, malware in the App Store,

[JMH]

SSCC 94 - internet meltdown, Microsoft's XML exploit patch, malware in the App Store, "a virus ate my homework" and password thefts galore

Paul Ducklin was back on this week for our special Friday the thirteenth edition of the Chet Chat.

We started our discussion by talking about the hype cycle surrounding the DNS Changer malware and the predicted internet blackout for affected users. Paul suggested the media misportrayed the impact on users and a more measured approach would have been more appropriate.

As usual Microsoft released a bevy of patches this Tuesday. Most importantly they released MS12-043 to fix the zero-day vulnerability in MSXML (CVE-2012-1889). Paul shared some advice for organizations struggling with patching and change control processes.

http://nakedsecurity.sophos.com/201...Feed:+nakedsecurity+(Naked+Security+-+Sophos)