15 Dec 2021

Actively Exploited Microsoft Zero-Day Allows App Spoofing, Malware Delivery

Microsoft has addressed a recently discovered vulnerability that was exploited in the wild to deliver Emotet, Trickbot, and other botnets via fake applications. The vulnerability was included in the company’s December Patch Tuesday, along with five other publicly known bugs and seven critical security vulnerabilities. In total, this month’s security

Read More
10 Nov 2021

Microsoft Nov. Patch Tuesday Fixes Six Zero-Days, 55 Bugs

Experts have urged users to implement the patches included in this month’s Microsoft Patch Tuesday. The monthly update has provided fixes for six different zero-days and 55 other bugs. According to researchers, users should prioritize patches on Microsoft Exchange and Excel, as these platforms are frequently targeted by threat actors.

Read More
15 Sep 2021

Microsoft Patches Actively Exploited Windows Zero-Day Bug

In the most recent Patch Tuesday, Microsoft released fixes 66 CVEs, including an RCE bug under active attack. Three of the bugs that were patched in the update were rated critical. One of which has been under active attack for nearly two weeks. One of the other bugs included in

Read More
17 Feb 2021

Microsoft Pulls Bad Windows Update After Patch Tuesday Headaches

Microsoft is releasing a new servicing stack update after last week’s Patch Tuesday created a slew of problems for Windows users. Microsoft has removed the latest set of updates and released a new Patch Tuesday install that fixes the initial issue and installs Windows updates. The defective update released last

Read More
13 Jan 2021

Microsoft Defender Zero-Day Fixed in First Patch Tuesday of 2021

83 vulnerabilities have been patched on Microsoft’s first Patch Tuesday of 2021. The patches addressed 10 major flaws, including a zero-day remote code execution bug in Microsoft Defender. 73 of the fixes are classified important and one is publicly known. The fixes addressed Microsoft Windows, the Edge search browser, ChakraCore,

Read More
09 Sep 2020

Microsoft Fixes 129 Vulnerabilities for September’s Patch Tuesday

Microsoft’s September Patch Tuesday saw fixes released for 129 common vulnerabilities and exposures, including 23 critical vulnerabilities. September now marks seven consecutive months in which Microsoft patched over 110 bugs in its monthly rollout, and raises its yearly total to just under 1,000. This month, vulnerabilities in Microsoft Windows, Edge

Read More
12 Aug 2020

Microsoft Patches 120 Vulnerabilities, Two Zero-Days

Microsoft’s August Patch Tuesday saw fixes for 120 vulnerabilities, including two zero-days actively being exploited in the wild. The patches cover 13 different Microsft products and services, marking the third-largest Patch Tuesday update in the company’s history. Trend Micro researcher Dustin Childs stated that if Microsoft keeps up the Patch

Read More
15 Jul 2020

Microsoft Patches Wormable RCE Flaw in Windows DNS Servers

Microsoft’s July Patch Tuesday updates include a critical vulnerability in Windows DNS servers, which is likely to be exploited by threat actors if left unpatched on systems. The Patch Tuesday updates include over 100 fixes for various bugs ranging in severity. The most critical, CVE-2020-1350, is a wormable remote code

Read More
10 Jun 2020

Microsoft June Patch Tuesday Fixes 129 Flaws in Largest-Ever Update

In the biggest Patch Tuesday release yet, Microsoft’s June Patch Tuesday published fixes for 129 different flaws, including CVEs for 11 critical remote code-execution vulnerabilities. The critical remote code execution flaws were patched in Windows, SharePoint servers, Windows Shell, and VBScript. June’s updates, however, did not include any zero-day vulnerabilities

Read More
15 Apr 2020

April Patch Tuesday: Microsoft Battles 4 Bugs Under Active Exploit

April’s Patch Tuesday consisted of 113 patches, which was most likely difficult for IT staff under WFH security concerns. This patch Tuesday includes 19 critical vulnerabilities and 94 that are classified as important. Four of the critical vulnerabilities are being exploited in the wild, however, two have previously been publicly

Read More