Recherche : [PatchTuesday]

Microsoft Patch Tuesday, February 2025 Edition https://krebsonsecurity.com/2025/02/microsoft-patch-tuesday-february-2025-edition/

12/02/2025 08:56:33

Microsoft today issued security updates to fix at least 56 vulnerabilities in its Windows operating systems and supported software, including two zero-day flaws that are being actively exploited.

Zero Day Initiative — The October 2024 Security Update Review https://www.zerodayinitiative.com/blog/2024/10/8/the-october-2024-security-update-review

09/10/2024 14:23:32

It’s the spooky season, and there’s nothing spookier than security patches – at least in my world. Microsoft and Adobe have released their latest patches, and no bones about it, there are some skeletons in those closets. Take a break from your regular activities and join us as we review the details

Patch Tuesday - February 2024 https://www.rapid7.com/blog/post/2024/02/13/patch-tuesday-february-2024/

15/02/2024 14:09:53

Microsoft is addressing 73 vulnerabilities this February 2024 Patch Tuesday, including two (actually, three!) zero-day/exploited-in-the-wild vulnerabilities, both of which are already included on the CISA KEV list. Today also brings patches for two critical remote code execution (RCE) vulnerabilities, and a critical elevation of privilege vulnerability in Exchange. Six browser vulnerabilities were published separately this month, and are not included in the total.

Apple & Microsoft Patch Tuesday, July 2023 Edition https://krebsonsecurity.com/2023/07/apple-microsoft-patch-tuesday-july-2023-edition/

12/07/2023 09:30:55

Microsoft Corp. today released software updates to quash 130 security bugs in its Windows operating systems and related software, including at least five flaws that are already seeing active exploitation. Meanwhile, Apple customers have their own zero-day woes again this…

Microsoft May 2023 Patch Tuesday https://isc.sans.edu/diary/Microsoft%20May%202023%20Patch%20Tuesday/29826

10/05/2023 09:42:53

This month we got patches for 49 vulnerabilities. Of these, 6 are critical, and 2 are already being exploited, according to Microsoft.

One of the exploited vulnerabilities is a Win32k Elevation of Privilege Vulnerability (CVE-2023-29336). This vulnerability has low attack complexity, low privilege, and none user interaction. The attack vector is local, the CVSS is 7.8, and the severity is Important.

Microsoft Patch Tuesday, May 2023 Edition https://krebsonsecurity.com/2023/05/microsoft-patch-tuesday-may-2023-edition/

10/05/2023 09:40:56

Microsoft today released software updates to fix at least four dozen security holes in its Windows operating systems and other software, including patches for two zero-day vulnerabilities that are already being exploited in active attacks.

Microsoft’s April 2023 Patch Tuesday Addresses 97 CVEs (CVE-2023-28252) https://www.tenable.com/blog/microsofts-april-2023-patch-tuesday-addresses-97-cves-cve-2023-28252

12/04/2023 09:58:46

Microsoft addresses 97 CVEs, including one that was exploited in the wild as a zero day

Queuejumper: Critical Unauthorized RCE Vulnerability In MSMQ Service https://research.checkpoint.com/2023/queuejumper-critical-unauthorized-rce-vulnerability-in-msmq-service/

12/04/2023 01:01:43

Check Point Research recently discovered three vulnerabilities in the “Microsoft Message Queuing” service, commonly known as MSMQ. These vulnerabilities were disclosed to Microsoft and patched in the April Patch Tuesday update. The most severe of these, dubbed QueueJumper by CPR (CVE-2023-21554), is a critical vulnerability that could allow unauthorized attackers to remotely execute arbitrary code in the context of the Windows service process mqsvc.exe.

Patch Tuesday -> Exploit Wednesday: Pwning Windows Ancillary Function Driver for WinSock (afd.sys) in 24 Hours https://securityintelligence.com/posts/patch-tuesday-exploit-wednesday-pwning-windows-ancillary-function-driver-winsock/

22/03/2023 21:39:20

Dive into the analysis and exploitation of a vulnerability in the Windows Ancillary Function Driver for Winsock for Local Privilege Escalation on Windows 11. More from X-Force Red experts.

Microsoft patches zero-days used by state-sponsored and ransomware threat actors (CVE-2023-23397, CVE-2023-24880) https://www.helpnetsecurity.com/2023/03/14/cve-2023-23397-cve-2023-24880/

14/03/2023 23:22:37

For March 2023 Patch Tuesday Microsoft has fixed 2 vulnerabilities actively exploited in the wild (CVE-2023-23397, CVE-2023-24880).

Microsoft’s March 2023 Patch Tuesday Addresses 76 CVEs (CVE-2023-23397) https://www.tenable.com/blog/microsofts-march-2023-patch-tuesday-addresses-76-cves-cve-2023-23397

14/03/2023 22:50:06

Microsoft’s March 2023 Patch Tuesday Addresses 76 CVEs (CVE-2023-23397)Microsoft addresses 76 CVEs including two zero-days exploited in the wild, one of which was publicly disclosed.

CVE-2023-23415 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23415

14/03/2023 22:48:05

Microsoft February 2023 Patch Tuesday https://isc.sans.edu/diary/rss/29548

17/02/2023 13:58:27

Microsoft today patched 80 different vulnerabilities. This includes the Chromium vulnerabilities affecting Microsoft Edge. Nine vulnerabilities are rated as "Critical" by Microsoft.

Three of the vulnerabilities, all rated "important", are already being exploited

Liens par page

Filtres