Posts tagged Patch Tuesday

6 min Patch Tuesday

Patch Tuesday - June 2022

Patches for Follina, more NFS and LDAP vulnerabilities, and the beginning of the end for IE11.

7 min Vulnerability Management

Patch Tuesday - May 2022

This month is par for the course in terms of both number and severity of vulnerabilities being patched by Microsoft. There is one 0-day this month: CVE-2022-26925, a Spoofing vulnerability in the Windows Local Security Authority (LSA) subsystem.

11 min Vulnerability Management

Patch Tuesday - April 2022

From Defender to Windows, Office to Azure, this month’s Patch Tuesday has a large swath of Microsoft’s portfolio getting vulnerabilities fixed. 119 CVEs were addressed today, not including the 26 Chromium vulnerabilities that were fixed in the Edge browser.

8 min Vulnerability Management

Patch Tuesday - March 2022

March 2022's Patch Tuesday sees Microsoft addressing 71 CVEs (excluding Chromium/Edge), 3 of which are considered Critical.

6 min Vulnerability Management

Patch Tuesday - February 2022

February 2022's fixes from Microsoft are relatively light as far as Patch Tuesdays go.

10 min Patch Tuesday

Patch Tuesday - January 2022

The first Patch Tuesday of 2022 sees Microsoft publishing fixes for over 120 CVEs across the bulk of their product line, including 29 previously patched CVEs affecting their Edge browser via Chromium. None of these have yet been seen exploited in the wild, though six were publicly disclosed prior to today. This includes two Remote Code Execution (RCE) vulnerabilities in open source libraries that are bundled with more recent versions of Windows: CVE-2021-22947 [https://msrc.microsoft.com/update-

7 min Vulnerability Management

Patch Tuesday - December 2021

This month’s Patch Tuesday comes in the middle of a global effort to mitigate Apache Log4j CVE-2021-44228.

7 min Vulnerability Management

Patch Tuesday - October 2021

Today’s Patch Tuesday sees Microsoft issuing fixes [https://msrc.microsoft.com/update-guide/releaseNote/2021-Oct] for over 70 CVEs, affecting the usual mix of their product lines. From Windows, Edge, and Office, to Exchange, SharePoint, and Dynamics, there is plenty of patching to do for workstation and server administrators alike. One vulnerability has already been seen exploited in the wild: CVE-2021-40449 [https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-40449] is an elev

7 min Patch Tuesday

Patch Tuesday - September 2021

Microsoft has fixed a total of 60 vulnerabilities this month, including two publicly disclosed 0-days. Here’s three big things you can go patch right now.

6 min Patch Tuesday

Patch Tuesday - August 2021

Hot off the press, it’s another issue of the Patch Tuesday blog! While the number of vulnerabilities is low this month, there are a number of high risk items administrators will want to patch right away including a few that will require additional remediation steps. This Patch Tuesday also includes updates for three vulnerabilities that were publicly disclosed earlier this month. Let’s jump in. Windows Elevation of Privilege Vulnerability aka HiveNightmare/SeriousSAM https://msrc.microsoft.com/

9 min Vulnerability Management

Patch Tuesday - July 2021

Microsoft has patched another 117 CVEs [https://msrc.microsoft.com/update-guide/releaseNote/2021-Jul], returning to volumes seen in early 2021 and most of 2020. It would appear that the recent trend of approximately 50 vulnerability fixes per month was not indicative of a slowing pace. This month there were 13 vulnerabilities rated Critical with nearly the rest being rated Important. Thankfully, none of the updates published today require additional steps to remediate, so administrators should b

5 min Vulnerability Management

Patch Tuesday - June 2021

It is another low volume Patch Tuesday this month as Microsoft releases fixes for 50 vulnerabilities. This should not diminish the importance of speedily applying the updates. 6 of the vulnerabilities being patched this month are 0-days under active exploitation (CVE-2021-31955 [https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-31955], CVE-2021-31956 [https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-31956], CVE-2021-33739 [https://msrc.microsoft.com/updat

5 min Patch Tuesday

Patch Tuesday - May 2021

Here we are again with another installment of Patch Tuesday. When compared to the past few months this one feels a bit light both in severity and number of vulnerabilities addressed. Microsoft has only released patches for 55 CVEs this month, less than half of the usual volume, with only 4 of them being scored as critical. Let's dive into the details. HTTP Protocol Stack Remote Code Execution Vulnerability - CVE-2021-31166 [https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-

4 min Vulnerability Disclosure

Patch Tuesday Dashboard Template Release

Patch Tuesday introduces numerous vulnerabilities and their solutions that apply to many, if not nearly all, devices. Keeping up with the deployment of these patches is often challenging.

9 min Patch Tuesday

Patch Tuesday - April 2021

Patch Tuesday is here again and there are more Exchange updates to apply! A total of 114 vulnerabilities were fixed this month with more than half of them affecting all versions of Windows, with about half of them being remote code execution bugs, and about a fifth of them being rated as critical by Microsoft. Let's dive in! New Exchange Server Patches Available If you were only going to patch one thing today, please let it be this. Exchange Server has been a hot topic since the vulnerabilities