Securing Mobile Devices During Holiday Travel

Original release date: November 20, 2018

As the holiday season begins, many people will travel with their mobile devices. Although these devices—such as smart phones, tablets, and laptops—offer a range of conveniences, users should be mindful of…

Original release date: November 20, 2018

As the holiday season begins, many people will travel with their mobile devices. Although these devices—such as smart phones, tablets, and laptops—offer a range of conveniences, users should be mindful of potential threats and vulnerabilities while traveling with them.

NCCIC encourages users to review the NCCIC Tips on Holiday Traveling with Personal Internet-Enabled Devices and Cybersecurity for Electronic Devices. The suggested security practices in these tips will help travelers secure their portable devices during the holiday season and throughout the year.


This product is provided subject to this Notification and this Privacy & Use policy.


VMware Releases Security Updates

Original release date: November 20, 2018

VMware has released security updates to address vulnerabilities in vSphere Data Protection. An attacker could exploit some of these vulnerabilities to take control of an affected system.NCCIC encourages u…

Original release date: November 20, 2018

VMware has released security updates to address vulnerabilities in vSphere Data Protection. An attacker could exploit some of these vulnerabilities to take control of an affected system.

NCCIC encourages users and administrators to review the VMware Security Advisory VMSA-2018-0029 and apply the necessary update.


This product is provided subject to this Notification and this Privacy & Use policy.


Adobe Releases Security Updates

Original release date: November 20, 2018

Adobe has released security updates to address a vulnerability in Adobe Flash Player. An attacker could exploit this vulnerability to take control of an affected system.  NCCIC encourages users and admini…

Original release date: November 20, 2018

Adobe has released security updates to address a vulnerability in Adobe Flash Player. An attacker could exploit this vulnerability to take control of an affected system.  

NCCIC encourages users and administrators to review Adobe Security Bulletin APSB18-44 and apply the necessary updates.


This product is provided subject to this Notification and this Privacy & Use policy.


Now it’s Office’s turn to have a load of patches pulled

Two patches pulled altogether; another is known to cause crashes but should be used anyway.

Now it’s Office’s turn to have a load of patches pulled

Enlarge (credit: Benjamin)

After endless difficulties with the Windows 10 October 2018 update—finally re-released this month with the data-loss bug fixed—it seems that now it's the Office team's turn to release some updates that need to be un-released.

On November's Patch Tuesday two weeks ago, Microsoft released a bunch of updates for Office to update its Japanese calendars. In December 2017, Emperor Akihito announced that he would abdicate and that his son Naruhito would take his role as emperor. Each emperor has a corresponding era name, and calendars must be updated to reflect that new name. The Office patches offer updates to handle this event.

Two of these updates, KB2863821 and KB4461522, both for Office 2010, are apparently very broken, causing application crashes. The company has suspended delivery of the patches, but the problem is so severe that Microsoft is recommending that anyone who has installed the updates already should uninstall them pronto (see instructions for KB2863821 here and for KB4461522 here).

Read 2 remaining paragraphs | Comments