security advisories

September 23, 2015

SECURITY

It’s That Time Again—Announcing the Cisco IOS & XE Software Security Advisory Bundled Publication

Today, we released the last Cisco IOS & XE Software Security Advisory Bundled Publication of 2015. As a reminder, Cisco discloses IOS vulnerabilities on a predictable schedule (the fourth Wednesday of March and September each calendar year).  Last cycle, we began including Cisco Security Advisories addressing vulnerabilities in Cisco IOS XE Software in this publication.  This change […]

March 25, 2015

SECURITY

Announcing the First Cisco IOS Software and IOS XE Software Security Advisory Bundled Publication

Today, we released the first ever Cisco IOS Software and IOS XE Software Security Advisory Bundled Publication. As a reminder, Cisco discloses IOS vulnerabilities on a predictable schedule (on the fourth Wednesday of March and September each calendar year). In direct response to your feedback, we have also included a Cisco Security Advisory addressing vulnerabilities […]

September 24, 2014

SECURITY

Announcing the Cisco IOS Software Security Advisory Bundled Publication

Today, we released the final Cisco IOS Software Security Advisory Bundled Publication of 2014. Six years ago, Cisco committed to disclosing IOS vulnerabilities on a predictable schedule (on the fourth Wednesday of March and September each calendar year) in direct response to your feedback. We know this timeline allows your organization to plan and help […]

September 17, 2014

SECURITY

T-7 Days to Improved Cisco IOS Security

The Cisco IOS Software Security Advisory Bundled Publication will go live in seven days and this time we will have an important update to the Cisco IOS Software Checker to go along with it. As a reminder, the Cisco Product Security Incident Response Team (PSIRT) releases bundles of Cisco IOS Software Security Advisories on the […]

March 26, 2014

SECURITY

A Bundle is Born

Today, we released the first Cisco IOS Software Security Advisory Bundled Publication of 2014. Six years ago, Cisco committed to disclosing IOS vulnerabilities on a predictable schedule (on the fourth Wednesday of March and September each calendar year) in direct response to your feedback. We know this timeline allows your organization to plan ahead and […]

September 25, 2013

SECURITY

It’s Back – It’s Cisco IOS Software Security Advisory Bundle Time Again

This blog post summarizes the September 2013 edition of the Cisco IOS Software Security Advisory Bundled Publication.

April 2, 2013

SECURITY

I Can’t Keep Up with All These Cisco Security Advisories: Do I Have to Upgrade?

"A security advisory was just published! Should I hurry and upgrade all my Cisco devices now?" This is a question that I am being asked by customers on a regular basis. In fact, I am also asked why there are so many security vulnerability advisories. To start with the second question: Cisco is committed to protecting customers by sharing critical security-related information in a very transparent way. Even if security vulnerabilities are found internally, the Cisco Product Security Incident Response Team (PSIRT) – which is my team – investigates, drives to resolution, and discloses such vulnerabilities. To quickly answer the first question, don't panic, as you may not have to immediately upgrade your device. However, in this article I will discuss some of the guidelines and best practices for responding to Cisco security vulnerability reports.

March 11, 2013

SECURITY

Why the Cisco SIO Portal Doesn’t Give Out Candy

This blog post highlights the most recent changes, several of which based on direct Cisco customer feedback, made to the Cisco Security Intelligence Operations (SIO) Portal. Thanks to this customer feedback, Cisco SIO is armed with the data necessary to evolve the Portal to ensure that relevant security content is where you need it, when you need it.