vulnerabilities

March 23, 2016

SECURITY

Cisco IOS & IOS XE Bundled Publication and IOS Software Checker Updates

Today, we released the first of two semiannual Cisco IOS & XE Software Security Advisory Bundled Publications of 2016. (As a reminder, Cisco discloses IOS & XE vulnerabilities on a predictable schedule—the fourth Wednesday of March and September in each calendar year).   Today’s edition of t…

March 8, 2016

THREAT RESEARCH

Microsoft Patch Tuesday – March 2016

Patch Tuesday for March 2016 has arrived. Today, Microsoft has released their monthly set of security bulletins designed to address security vulnerabilities within their products. This month’s release contains 13 bulletins addressing 44 vulnerabilities. Five bulletins are rated critical and address…

January 21, 2016

SECURITY

Why Aging Infrastructure Is a Growing Problem

Defending a network against threats of growing complexity requires a mix of technology and policies that are as sophisticated as the campaigns created by attackers. A necessary component to an efffective defense includes tackling the low-hanging fruit—that is, basic tasks such as patching vulnerabil…

January 12, 2016

THREAT RESEARCH

Microsoft Patch Tuesday – January 2016

The first Patch Tuesday of 2016 has arrived. Today, Microsoft has released their monthly set of security bulletins designed to address security vulnerabilities within their products. This month’s release is relatively light with nine bulletins addressing 25 vulnerabilities. Six bulletins are rated c…

December 14, 2015

SECURITY

Introducing the Cisco PSIRT openVuln API

In October, we announced details about Cisco PSIRT’s new and improved security vulnerability disclosure format. Our Chief Security and Trust Officer, John Stewart, also revealed that Cisco will launch an application programming interface (API) that empowers customers to customize Cisco vulnerability…

October 5, 2015

SECURITY

Improvements to Cisco’s Security Vulnerability Disclosures

Cisco is committed to protecting customers by sharing critical security-related information in different formats. Guided by customer feedback, Cisco’s Product Security Incident Response Team (PSIRT) is seeking ways to improve how we communicate information about Cisco product vulnerabilities to our…

September 23, 2015

SECURITY

It’s That Time Again—Announcing the Cisco IOS & XE Software Security Advisory Bundled Publication

Today, we released the last Cisco IOS & XE Software Security Advisory Bundled Publication of 2015. As a reminder, Cisco discloses IOS vulnerabilities on a predictable schedule (the fourth Wednesday of March and September each calendar year).  Last cycle, we began including Cisco Security Advisor…

June 18, 2015

SECURITY

Responding to Third Party Vulnerabilities

We are now more than one year on from the release of HeartBleed, the first major vulnerability disclosed in widely used third-party code. This is an excellent point in time to look back at what Cisco and our customers have achieved since, including how the Cisco Product Security Incident Response Te…

March 25, 2015

SECURITY

Announcing the First Cisco IOS Software and IOS XE Software Security Advisory Bundled Publication

Today, we released the first ever Cisco IOS Software and IOS XE Software Security Advisory Bundled Publication. As a reminder, Cisco discloses IOS vulnerabilities on a predictable schedule (on the fourth Wednesday of March and September each calendar year). In direct response to your feedback, we ha…