Microsoft and Apple patches fix FREAK and more

— 8:52 AM on March 11, 2015

Microsoft's monthly patch ritual has reached its appointed time. This Patch Tuesday brings fixes for many of the critical flaws we've discussed with you over the past month.

First up, Microsoft has fixed the Universal XSS flaw in IE that we discussed back in early February. The FREAK flaw for Windows has also been corrected. Initially the reports and tests said Windows was immune to the exploit, but unfortunately, those results proved untrue.

One more interesting update involves a second patch to fix the .LNK vulnerability that Stuxnet used to spread from machine to machine via USB thumb drive. This hole was originally fixed all the way back in 2010, but Microsoft missed an alternative avenue to acheive the same ends.

Apple has delivered its promised updates to fix FREAK on iOS and OS X, as well. iOS users were graced with update 8.2 to coincide with the release of the Apple Watch. OS X users were greated with Security Update 2015-002 for OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.2.

Don't delay on the updates, folks. Remember that Patch Tuesday is followed by Exploit Wednesday.

Tip: You can use the A/Z keys to walk threads.
View options

This discussion is now closed.