Patch Tuesday: Here’s what’s new for Windows 7 and Windows 8.1 (Neowin)

Neowin: Patch Tuesday: Here’s what’s new for Windows 7 and Windows 8.1. “Today is the second Tuesday of the month, meaning that all supported versions of Windows get updates. While that means that most versions of Windows 10 for their cumulative updates, there are also updates for older versions like Windows 7 and Windows 8.1.”

Ars Technica: Open source bug poses threat to sites running multiple CMSes

Ars Technica: Open source bug poses threat to sites running multiple CMSes. “Websites running the Drupal, Joomla, or Typo3 content-management systems are vulnerable to attacks that could possibly execute malicious code until administrators install just-released patches, developers and security researchers warned.”

Mashable: A weird Twitter bug is messing with retweets, notifications and likes

Mashable: A weird Twitter bug is messing with retweets, notifications and likes. “Something is up with Twitter. It’s not only that it’s hard to follow a conversation between two people on the platform, but rather there’s a weird bug that’s messing up likes, retweets and notifications, something which Twitter is working on resolving.” Seen plenty of complaining about this on my timeline and also certainty that it Means Something. (I think it means the code is messed up somewhere.)

Julia Reda: In January, the EU starts running Bug Bounties on Free and Open Source Software

Julia Reda: In January, the EU starts running Bug Bounties on Free and Open Source Software. “In January the European Commission is launching 14 out of a total of 15 bug bounties on Free Software projects that the EU institutions rely on. A bug bounty is a prize for people who actively search for security issues. The amount of the bounty depends on the severity of the issue uncovered and the relative importance of the software.”

Ars Technica: Now it’s Office’s turn to have a load of patches pulled

I am shocked at how quickly Microsoft updates have turned into a tire fire. From Ars Technica: Now it’s Office’s turn to have a load of patches pulled. “On November’s Patch Tuesday two weeks ago, Microsoft released a bunch of updates for Office to update its Japanese calendars. In December 2017, Emperor Akihito announced that he would abdicate and that his son Naruhito would take his role as emperor. Each emperor has a corresponding era name, and calendars must be updated to reflect that new name. The Office patches offer updates to handle this event. Two of these updates, KB2863821 and KB4461522, both for Office 2010, are apparently very broken, causing application crashes.”

ZDNet: Microsoft pulls Windows 10 October Update (version 1809)

ZDNet: Microsoft pulls Windows 10 October Update (version 1809). “Microsoft has paused the rollout of Windows 10 October 2018 Update (version 1809), the latest version of the Windows 10 operating system, which Microsoft released this week, on Tuesday, October 2. In a support document updated today, October 6, the Redmond-based OS maker said it took this decision after users complained that v1809 had deleted files after the update.”

Fifth Domain: Why the market for zero-day vulnerabilities on the dark web is vanishing

Fifth Domain: Why the market for zero-day vulnerabilities on the dark web is vanishing. “For years the secretive market for zero-day exploits — unpatched bugs in software or hardware — thrived in the dark corners of the internet. But vulnerability sales have been all but driven off the dark web, according to experts, and now operate in the open.”