Patch [FIXED] Tuesday – The Vulnerabilities That Defined 2024

Autonomous IT

#Tech #News #Tech News #Automox

50:30

Episode Notes [00:00] The Importance of Questioning [01:21] Introduction to Curated Questions [02:20] Meet Kevin Kelly [03:56] Kevin Kelly's Mentor: Stewart Brand [05:33] The Role of Questions in Intellectual Traditions [06:47] Disequilibrium and Growth [10:21] Embodied Questions and Exploration [11:11] Balancing Exploration and Exploitation [11:50] The Inefficiency of Questioning [15:53] The Abundance Mindset [18:39] The Inevitable and Quality Questions [19:26] Hill Climbing vs. Hill Making [22:28] The Challenge of Innovation [24:13] The Beauty of Engineering and Innovation [24:34] Navigating the Frontier of New Technologies [25:33] The Role of AI in Question Formulation [26:43] Challenges in Advancing AI Capabilities [29:11] The Long Now Foundation and the 10,000 Year Clock [29:56] Transmitting Values Over Time [31:03] Ethics in AI and Self-Driving Cars [33:26] The Art of Questioning [34:04] Photography: Capturing vs. Creating [36:12] The Inefficiency of Exploration [38:36] Daily Practice and Long-Term Success [40:17] The Importance of Quantity for Quality [43:22] Final Thoughts and Encouragement on Questioning [46:24] Summary Takeaways Resources Mentioned Wired Magazine Whole Earth Review WELL Hackers Conference What Technology Wants by Kevin Kelly The Inevitable by Kevin Kelly Cool Tools Project Long Now Foundation Stewart Brand Socratic Method Koan René Descartes Conde Nast Vouge Olivetti Typewriter Trolley Problem Terry Gross Lex Friedman Tim Ferriss KK.org Kevin2Kelly on Instagram Recomendo Newsletter Excellent Advice for Living Beauty Pill Producer Ben Ford Questions Asked When did you first understand the power of questions? Can I do that? Can that be something that you can learn? How did questions function differently between Eastern versus Western intellectual traditions? What role do you think embodied questions those we explore through doing rather than thinking play in developing wisdom? What's on the other side of the hill? What happens if you go to the end? What's the origin of this? How should one think about the exploratory in one's life? Is there anything that you would add to your list of 15 statements that define what makes a quality question? Is there a qualitative difference between the questions humans are asking and the questions our AI systems are beginning to formulate? What do you think would help them get there? Any idea on a forcing function on how we get them [LLMs] to ask the better questions so that they might improve in that direction? What were some novel questions that broke your brain at the time in thinking about this 10,000-year clock or beyond? What's it good for? What would you use it for? What else could you do over the long term for 10,000 years? How do you transmit values over time? How do you evolve values that need to change, and how do you make a difference? How do even know what you don't want to change? What do you want to continue? What's the most essential aspects of our civilization that we don't want to go away? What are the rules? What is the system? How do you pass things along in time and not change the ones you don't wanna change, and make sure you change the ones that are more adaptable so they can adapt? What do you think about questioning itself as an art form? How has being a photographer influenced the way you question reality, visually compared to verbally? Are you a photographer that takes photos or makes photos? What will happen? What will happen next? What are your right now questions that you are wrestling with or working with in your life? Can someone else do what I'm trying to do here? Am I more me in doing my art or more me in doing the writing? Do you have any other thoughts or encouragement about questions that we haven't explored? What makes a good question? How do you ask a good question? What questions do you dwell on to be in purposeful imbalance? What is your practice in embracing the inefficient nature of questions to achieve breakthroughs? What are the new hills you can build and frontiers you can explore? How can you use your curiosity and humanity to pursue questions that trend toward the fringes?…

about a year ago 1:13:19

MP3•Episode home

Join us for a special bonus episode of Patch [FIX] Tuesday, an hour-long compilation of the vulnerabilities that help shaped the cybersecurity landscape in 2024.

This episode recaps some the most critical and interesting exploits, from supply chain compromises to elevation of privilege threats targeting widely used platforms. Whether you're an IT administrator, security professional, or tech enthusiast, this episode provides valuable insights to stay ahead of evolving threats.

Here’s a list of vulnerabilities discussed in this episode, and be sure to tune into the Patch [FIX] Tuesday podcast on the second Tuesday of every month.

Operation Triangulation (00:13)
CVE-2024-21401: Microsoft Entra Jira Single-Sign-On Plugin Elevation of Privilege Vulnerability (5:00)
CVE-2024-21400: Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability (11:00)
CVE-2024-3094: XZ/Liblzma Supply Chain Backdoor (17:08)
CVE-2024-4671: Google Chrome Use-After-Free Vulnerability (30:00)
CVE-2024-30078: Windows WiFi Driver Remote Code Execution Vulnerability(35:03)
CVE-2024-38053: Windows Layer Two Bridge Network RCE (47:14)
CVE-2024-38180: SmartScreen Prompt Remote Code Execution Vulnerability (53:12)
CVE-2024-43491: Microsoft Windows Update Remote Code Execution Vulnerability (1:00:00)
CVE-2024-43533: Remote Desktop Client Remote Code Execution Vulnerability (1:04:24)
CVE-2024-5535: Microsoft Defender for Endpoint Remote Code Execution Vulnerability (1:07:35)
CVE-2024-49093: Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability (1:09:36)

137 episodes

Patch [FIXED] Tuesday – The Vulnerabilities That Defined 2024

Autonomous IT

published about a year ago

MP3•Episode home

Join us for a special bonus episode of Patch [FIX] Tuesday, an hour-long compilation of the vulnerabilities that help shaped the cybersecurity landscape in 2024.

Here’s a list of vulnerabilities discussed in this episode, and be sure to tune into the Patch [FIX] Tuesday podcast on the second Tuesday of every month.

Operation Triangulation (00:13)
CVE-2024-21401: Microsoft Entra Jira Single-Sign-On Plugin Elevation of Privilege Vulnerability (5:00)
CVE-2024-21400: Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability (11:00)
CVE-2024-3094: XZ/Liblzma Supply Chain Backdoor (17:08)
CVE-2024-4671: Google Chrome Use-After-Free Vulnerability (30:00)
CVE-2024-30078: Windows WiFi Driver Remote Code Execution Vulnerability(35:03)
CVE-2024-38053: Windows Layer Two Bridge Network RCE (47:14)
CVE-2024-38180: SmartScreen Prompt Remote Code Execution Vulnerability (53:12)
CVE-2024-43491: Microsoft Windows Update Remote Code Execution Vulnerability (1:00:00)
CVE-2024-43533: Remote Desktop Client Remote Code Execution Vulnerability (1:04:24)
CVE-2024-5535: Microsoft Defender for Endpoint Remote Code Execution Vulnerability (1:07:35)
CVE-2024-49093: Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability (1:09:36)

137 episodes

#Tech #News #Tech News #Automox

All episodes

1
Executive IT – The Gatekeeper Myth: Why Procurement Is Your Biggest Ally, E04 14:01

1 day ago14:01

14:01

Procurement is no longer just a gatekeeper — it’s a strategic driver in IT and security decisions. In this episode of Executive IT , host Evan Kiely sits down with Courtney Adams, a veteran procurement leader, to explore how smart procurement empowers better, faster, and more secure tech investments. From understanding true cost drivers to leveraging proof-of-value trials, Courtney shares actionable advice on navigating vendor pressure, aligning tools with business maturity, and avoiding risk. Whether you're evaluating new security tools or just looking to streamline your tech stack, this episode is packed with data-driven insights to help you make better buying decisions.…

1
Patch [FIX] Tuesday – May 2025: [Please Don’t Click That. Experts Review New Threats], E19 11:55

4 days ago11:55

11:55

Mayday. Mayday. May Patch Tuesday? This month’s episode dives into four key Windows vulnerabilities you need to address — from scripting engine memory corruption in legacy Internet Explorer components to remote code execution risks in Remote Desktop and Visual Studio. Ryan Braunstein and Mat Lee unpack what each CVE means for your environment, how attackers might exploit them, and what you can do to stay secure. If your org still leans on that one app tied to Internet Explorer, relies heavily on RDP, or builds with Visual Studio, this one’s for you.…

1
Autonomous IT, Live! – Spring Into Automation: Clean Up Tech Debt & Refresh Your IT Operations, E03 34:18

9 days ago34:18

34:18

In this episode of Autonomous IT, Live! , Landon Miles hosts leads a three-part discussion focused on spring cleaning your IT systems, workflows, and personal well-being. You’ll hear candid, practical insights from IT professionals tackling burnout, technical debt, and infrastructure hygiene head-on. This live show originally aired April 16, 2025 💼 Segment 1: Work-life balance in IT Eric Fonseca (Union School District) and Ashlyn Davis (Automox) talk about setting healthy boundaries, offloading low-value tasks through automation, and building sustainable practices that support both productivity and peace of mind. 🧱 Segment 2: Taming technical debt Colby Hall and Henry Smith from Automox unpack what technical debt looks like in practice, where it hides, and how it can turn into operational and security risk. They share real-world strategies for identifying, triaging, and resolving issues for long-term efficiency. 🔧 Segment 3: SRE spring cleaning tasks Jeremy Maldonado, Ted Harapat, and Spencer Pothier deliver a checklist of spring cleaning tasks for site reliability engineering teams — from reducing alert fatigue and removing unused infrastructure to tightening up service level objectives and minimizing toil. Ideal for teams managing cloud environments and uptime-critical systems.…

1
Teach IT – MFA Essentials: A Quick Guide for Everyone, E03 2:30

11 days ago2:30

2:30

Think your password is enough? Think again. In this episode of Teach IT , we break down what multi-factor authentication (MFA) really is — and why it’s one of the smartest ways to secure your accounts. You’ll learn how MFA works, the difference between SMS codes, authenticator apps, biometrics, and physical security keys, and why phishing-resistant MFA matters more than ever. Whether you're an IT pro looking to share smart security tips with employees, friends, or family — or just trying to stay safe online yourself — this quick guide to MFA will help you make smarter security choices.…

1
Automate IT – Beyond the Spreadsheets: Asset Intelligence & Risk Scoring, E16 9:02

16 days ago9:02

9:02

In this episode of Automate IT, Jeremy Maldonado dives into the world of data-driven endpoint management—breaking down what it means to go “beyond the spreadsheets.” He explores how visibility, intelligent reporting, asset intelligence, and risk scoring can transform how IT teams manage and secure their environments. Drawing from his own journey into the IT space, Jeremy unpacks practical strategies for improving compliance, prioritizing threats, and empowering IT teams to play offense — not just defense. Whether you're an IT pro or just endpoint-curious, this episode will give you fresh perspective on managing smarter, not harder.…

1
Hands-On IT – 9 Essential Spring Cleaning Tips for IT Pros, E17 9:12

18 days ago9:12

9:12

Spring is in the air, and it’s time to give your IT environment the deep clean it deserves! In this episode of Hands-On IT , host Landon Miles shares nine essential spring cleaning tips to help IT pros declutter, optimize, and future-proof their systems. From cleaning workspaces and dusting off hardware to reviewing patch policies, auditing backups, and addressing tech debt, Landon walks you through practical steps that will boost efficiency, enhance security, and set you up for a smoother year ahead. Tune in and learn how a little proactive maintenance today can save you countless hours of reactive troubleshooting tomorrow! Clean Your Desk and Workspace Dust Off Your Hardware and Check for Wear Untangle and Manage Cables Review Patch Policies Purge Old Accounts and Review Software Contracts Declutter Local Systems and Storage Audit and Test Your Backups Review Digital and Hardware Tech Debt Update Your Documentation and Refresh Policies…

1
Automox Insiders – Tidy Endpoints, Tidy Mind: Spring Cleaning with Adam Whitman, E17 13:22

23 days ago13:22

13:22

In this episode of Automox Insiders , host Maddie Regis chats with Adam Whitman, Manager of Solutions Engineering at Automox, about all things IT spring cleaning. From patch management and software audits to business continuity planning and endpoint hygiene, Adam shares practical, real-world tips for tidying up your tech stack and staying ahead of IT clutter. Along the way, he reflects on his career journey from marketing to IT leadership and reveals some personal spring cleaning confessions. Tune in for expert advice and a fresh perspective to help you refresh your IT environment this season.…

1
Heroes of IT – Casey Merritt’s Patch Playbook at Right! Systems, E17 14:52

25 days ago14:52

14:52

In this episode, Ashley chats with Casey Merritt from Right Systems about how he manages patching and automation across both internal systems and MSP clients using Automox. Casey shares how he transitioned into IT, took ownership of Automox at his company, and now uses Worklets to streamline software removal, automate reporting, and reduce onboarding bottlenecks. Ashley also explores Casey’s go-to strategies for spring cleaning in IT, his preference for Automox over traditional tools like Intune for app deployment, and how he balances standardization with flexibility in complex environments.…

1
Executive IT – Legal’s View on Tool Consolidation: Spring Cleaning Your Tech Stack, E03 15:15

4 weeks ago15:15

15:15

Is your tech stack getting out of hand? In this episode, Automox General Counsel Paul Shoning joins Evan Kiely to unpack the legal and strategic risks of IT tool consolidation. From budgeting overlap to vendor lock-in, learn how to clean up your stack without making a mess.

1
CISO IT – Reviewing, Patching, and Hardening: Decluttering Digital Infrastructure, E17 12:20

5 weeks ago12:20

12:20

In this episode of CISO IT , host Jason Kikta explores the strategic value of digital spring cleaning—beyond just deleting old files. From uncovering forgotten network segments to tightening data retention policies, Jason walks through practical steps for reviewing your infrastructure, patching overlooked vulnerabilities, and hardening your environment against emerging risks. Learn how to align cleanup efforts with compliance timelines, optimize your asset inventory, and reduce digital sprawl across cloud and legacy systems. Whether you're prepping for an audit or just regaining control, this episode delivers a roadmap to a cleaner, more resilient IT environment.…

1
Product Talk – MTTR, CVEs, and What’s New in the Automox Console, E16 22:37

5 weeks ago22:37

22:37

In this episode of Product Talk , Peter and Steph are joined by special guest Josh Kriese, Senior UX Developer at Automox, to dive into the latest product updates and design innovations. They cover the release of Automox Analytics, a powerful new reporting engine that introduces MTTR benchmarking and visibility into known exploited vulnerabilities (KEVs). The team also unveils the new end user notification system, built to improve reboot compliance and user trust. Plus, Josh gives a behind-the-scenes look at the evolving Automox design system—what it means for usability, accessibility, and why consistent UI matters more than you may think.…

1
Patch [FIX] Tuesday – April 2025: [Remote Desktop Roulette, CLFS Exploits, and macOS Vulns], E18 11:22

6 weeks ago11:22

11:22

In April 2025's edition of Patch [FIX] Tuesday , the crew dives into April 2025’s patch highlights. Ryan kicks things off with a critical RDP Gateway vulnerability that requires no user interaction—just network access and bad intentions. Seth breaks down a kernel-level CLFS exploit that’s already been seen in the wild, while Henry shifts gears to Apple’s massive 130+ CVE patch dump for macOS Sequoia. From use-after-free bugs to sneaky audio file attacks, this episode covers the month’s biggest risks. TL;DR: Patch your systems, secure your gateways, and maybe don’t trust that sketchy MP3.…

1
Automate IT – Spring Cleaning with Automox: Clearing the Clutter, E15 16:24

6 weeks ago16:24

16:24

In this episode of the Automate IT podcast, Jeremy Maldonado discusses the importance of cleaning and organizing your Automox environment. He emphasizes the need to optimize device management, remove disconnected devices, and improve policy performance. Jeremy provides practical tips on using Worklets, analyzing activity logs, and understanding policy results to enhance overall IT efficiency.…

1
Heroes of IT – From Oregon Trail to IT Leader: Dustin Mobley’s Journey, E16 17:55

7 weeks ago17:55

17:55

Ashley Smith chats with Dustin Mobley from SM Energy about how he got started in IT, how technology has changed over the years, and how his team uses Automox to keep server management under control. Dustin breaks down what it’s like managing a 24/7 server environment and shares real-world tips on building routines, working with business teams, and using automation to make IT life easier.…

1
Automox Insiders – Automating IT: How Breaking Servers Built a Career with Jeremy Maldonado, E15 22:12

7 weeks ago22:12