-
1 month ago | 
rapid7.com | Windows Mark |Adam Barnett
Microsoft is addressing 57 vulnerabilities this March 2025 Patch Tuesday, which is a similar volume to last month. However, Microsoft has evidence of in-the-wild exploitation for as many as six of the vulnerabilities published today, and CISA KEV already lists all of them. Microsoft is also aware of public disclosure for one other vulnerability.
-
1 month ago | 
bleepingcomputer.com | Lawrence Abrams |Windows Mark
Today is Microsoft's March 2025 Patch Tuesday, which includes security updates for 57 flaws, including six actively exploited zero-day vulnerabilities. This Patch Tuesday also fixes three "Critical" vulnerabilities, all remote code execution vulnerabilities.
-
Sep 21, 2024 | 
crowdstrike.com | Windows Mark
Microsoft has released security updates for 79 vulnerabilities in its September 2024 Patch Tuesday rollout. These include four actively exploited zero-days (CVE-2024-38014, CVE-2024-38217, CVE-2024-38226, CVE-2024-43491). Seven of the vulnerabilities are rated Critical in severity, while the remaining 72 are rated Important or Moderate. September 2024 Risk AnalysisThis month’s leading risk type is elevation of privilege (38%) followed by remote code execution (29%) and information disclosure (14%).
-
Sep 11, 2024 | 
inforisktoday.com | Windows Mark |Mathew Schwartz
Governance & Risk Management , Patch Management A Confused Update Process Reinstalled Old, Exploitable Windows 10 Components Mathew J. Schwartz (euroinfosec) • September 11, 2024 What was old was new again for some users of Windows 10 whose security fixes were accidently rolled back by Microsoft. (Image: Shutterstock) Microsoft patched three zero-day vulnerabilities already exploited through in-the-wild-attacks in its September monthly dump.
-
Sep 11, 2024 | 
databreachtoday.com | Windows Mark |Mathew Schwartz
Governance & Risk Management , Patch Management A Confused Update Process Reinstalled Old, Exploitable Windows 10 Components Mathew J. Schwartz (euroinfosec) • September 11, 2024 What was old was new again for some users of Windows 10 whose security fixes were accidently rolled back by Microsoft. (Image: Shutterstock) Microsoft patched three zero-day vulnerabilities already exploited through in-the-wild-attacks in its September monthly dump.
-
Sep 11, 2024 | 
govinfosecurity.com | Windows Mark |Mathew Schwartz
Governance & Risk Management , Patch Management A Confused Update Process Reinstalled Old, Exploitable Windows 10 Components Mathew J. Schwartz (euroinfosec) • September 11, 2024 What was old was new again for some users of Windows 10 whose security fixes were accidently rolled back by Microsoft. (Image: Shutterstock) Microsoft patched three zero-day vulnerabilities already exploited through in-the-wild-attacks in its September monthly dump.
-
Sep 11, 2024 | 
devicesecurity.io | Windows Mark |Mathew Schwartz
Governance & Risk Management , Patch Management A Confused Update Process Reinstalled Old, Exploitable Windows 10 Components Microsoft patched three zero-day vulnerabilities already exploited through in-the-wild-attacks in its September monthly dump. But the most important fix cleans up a prior update that inadvertently caused some Windows 10 machines to roll back security updates.
-
Sep 11, 2024 | 
paymentsecurity.io | Windows Mark |Mathew Schwartz
Governance & Risk Management , Patch Management A Confused Update Process Reinstalled Old, Exploitable Windows 10 Components Microsoft patched three zero-day vulnerabilities already exploited through in-the-wild-attacks in its September monthly dump. But the most important fix cleans up a prior update that inadvertently caused some Windows 10 machines to roll back security updates.
-
Sep 10, 2024 | 
crowdstrike.com | Windows Mark
Microsoft has released security updates for 79 vulnerabilities in its September 2024 Patch Tuesday rollout. These include four actively exploited zero-days (CVE-2024-38014, CVE-2024-38217, CVE-2024-38226, CVE-2024-43491). Seven of the vulnerabilities are rated Critical in severity, while the remaining 72 are rated Important or Moderate. September 2024 Risk AnalysisThis month’s leading risk type is elevation of privilege (38%) followed by remote code execution (29%) and information disclosure (14%).
-
Sep 10, 2024 | 
rapid7.com | Windows Mark |Adam Barnett
Microsoft is addressing 79 vulnerabilities this September 2024 Patch Tuesday. Microsoft has evidence of in-the-wild exploitation and/or public disclosure for four of the vulnerabilities published today; at time of writing, all four are listed on CISA KEV. Microsoft is also patching four critical remote code execution (RCE) vulnerabilities today. Unusually, Microsoft has not patched any browser vulnerabilities yet this month.
