Patch Tuesday September 2019: the last days of summer bring lots of security updates for your business.
Patch Tuesday September 2019
This month brought extra harvests of patches from Apple, Adobe and Microsoft. If you feel like you’re getting extra update notices recently, you’re not dreaming. Apple had the most interesting updates this month.
Besides releasing their new devices, Apple also released updates for iPhones, iPads, Apple TV, iTunes and mac OS.
Apple released iOS 13 for iPhones on September 19th (see my review of this major upgrade here). Then Apple released iOS 13.1 on September 24th to fix a FaceID security problem plus some other tweaks.
If you update your iPhone to iOS 13 and you connect it to your Windows computer, you will find that you need the latest version of iTunes for the devices to communicate.
Apple TV has been upgraded to finally allow multiple user accounts (I think Netflix has had this feature for 10 years!) and a new home screen. Details here.
Apple also released an update for Safari on Mac OS.
Adobe Hot Flash
Someday soon Adobe will put Flash out of it’s misery. Until then, there is yet another patch for Flash. If you use Chrome, Google updates Flash for you. If you use Firefox, you need to install the update manually by going to get.adobe.com/flashplayer . Microsoft also releases the Flash update for Edge users via Windows Updates.
Microsoft patched 80 bugs on September 10. The most important patches were for Windows 7. Also patches for Office (all flavours) and all other versions of Windows still supported by Microsoft. More details here.
Microsoft then released two emergency patches on the 23rd for Windows Defender and Internet Explorer. Microsoft only releases patches like that when hackers are actively exploiting the flaws.
Be sure to update your Windows devices again this week.
And a reminder that Windows 7 supports ends in 2020. You should have a plan to replace Windows 7 in your office before the end of the year.
A recent study showed 12 out of 13 network devices in small offices are vulnerable right out of the box. These devices include brand names like Synology, QNAP, Asus, Seagate, etc. You can read more here.
An ounce of patching is cheaper than a pound of hacking.