Displaying items by tag: Patch Tuesday

Microsoft has issued patches for 73 CVEs, including two zero-day flaws one of which has been exploited in the wild, as part of its monthly Patch Tuesday release.

Microsoft has issued patches for 117 CVEs in its April Patch Tuesday release, with nine rated critical and 108 as important, the most it has ever released for a single month since September 2020. Included among these were two zero-day vulnerabilities, one of which was exploited in the wild and reported to Microsoft by the NSA.

Microsoft has released patches for 71 vulnerabilities in a number of its products as part of its monthly Patch Tuesday exercise, with three of the flaws having already been released.

Microsoft has released 97 CVEs on its first patch Tuesday of 2022, including four zero-days that have been publicly disclosed but not yet exploited in the wild; one of these is wormable.

Microsoft has rolled out patches for 67 vulnerabilities in its products in its monthly Patch Tuesday, including a fix for a zero-day that is being exploited in the wild.

Two actively exploited zero-day vulnerabilities are among 55 flaws fixed by Microsoft in its monthly Patch Tuesday, with four other zero-days also being remedied.

Seventy-one flaws have been patched in Microsoft's products, the company announced on Tuesday, the monthly Patch Tuesday.

Microsoft has released patches for two zero-day vulnerabilities, along with patches for 84 other flaws in its products, including Microsoft Edge.

Microsoft has issued fixes for 55 vulnerabilities in its products as part of its monthly patch Tuesday. Four of the issues are rated critical, the most severe rating available.

Microsoft has issued patches for four remotely-exploitable vulnerabilities in its Exchange Server product, a little more than a month after the company warned of four zero-day exploits being used to attack the application.

A seasoned security professional has slammed Microsoft for the company's decision to remove CVE description information from the monthly listing of patches on the second Tuesday of each month, saying that the new method will give malicious attackers the advantage to reverse engineer patches.

Microsoft has admitted that it directs Windows 10 updates to users other than Insiders before they are fully ready for deployment, in the event that users click on the "update" button manually.

A day after it said it would not be issuing any security fixes until 14 March, Microsoft has issued a patch to fix bugs deemed to be critical in versions of Adobe's Flash Player that run on several versions of Windows.

Microsoft's switch to a new system of releasing security updates has failed to take off as scheduled on 14 February.

Microsoft has issued a patch for all supported versions of Internet Explorer to stop remote code execution.

Domain-joined Windows clients (Vista, 7, 8, 8.1 and RT) and servers (2003 to 2012) had a root-level, remotely exploitable vulnerability discovered in January 2014 but is now patched. 

Microsoft may be ending support for Windows XP in a few months, but for now it's still plugging critical security flaws. And even the latest versions of Windows are getting critical patches this month.

The second Tuesday of the month is approaching fast, so get ready for the latest round of security updates from Microsoft and Adobe.

As expected, Microsoft has released seven security bulletins covering issues with Windows and other software, notably Internet Explorer. There's also a policy change regarding vulnerabilities in software sold through the company's various online stores.

Microsoft intends to release seven security bulletins this week. Affected products include Windows, Office, and Windows Defender.