Patch Tuesday

January 2025 Patch Tuesday forecast: Changes coming in cybersecurity guidance

Adobe, Don't miss, Expert analysis, Hot stuff, Ivanti, Microsoft, Mozilla, News, Patch Tuesday, Windows /

January 2025 Patch Tuesday forecast: Changes coming in cybersecurity guidance 2025-01-10 at 09:45 By Help Net Security Welcome to 2025 and a new year of patch excitement! In my December article, I talked about Microsoft’s Secure Future Initiative (SFI) and how it manifested in many of the Microsoft products released in 2024. While this security […]

React to this headline:

Loading spinner

January 2025 Patch Tuesday forecast: Changes coming in cybersecurity guidance Read More »

Microsoft fixes exploited zero-day (CVE-2024-49138)

0-day, CVE, Don't miss, enterprise, Hot stuff, Immersive Labs, Microsoft, News, Patch Tuesday, Tenable, Windows, Windows Server /

Microsoft fixes exploited zero-day (CVE-2024-49138) 2024-12-10 at 23:04 By Zeljka Zorz On December 2024 Patch Tuesday, Microsoft resolved 71 vulnerabilities in a variety of its products, including a zero-day (CVE-2024-49138) that’s been exploited by attackers in the wild to execute code with higher privileges. CVE-2024-49138 exploited by attackers CVE-2024-49138 stems from a heap-based buffer overflow

React to this headline:

Loading spinner

Microsoft fixes exploited zero-day (CVE-2024-49138) Read More »

December 2024 Patch Tuesday forecast: The secure future initiative impact

Adobe, Don't miss, Expert analysis, Hot stuff, Microsoft, Mozilla, News, opinion, Patch Tuesday, predictions, Windows /

December 2024 Patch Tuesday forecast: The secure future initiative impact 2024-12-06 at 08:04 By Help Net Security It seems like 2024 just started, but the final Patch Tuesday of the year is almost here! In retrospect, it has been a busy year with continued Windows 11 releases, the new Server 2025 release, and all the

React to this headline:

Loading spinner

December 2024 Patch Tuesday forecast: The secure future initiative impact Read More »

Microsoft fixes actively exploited zero-days (CVE-2024-43451, CVE-2024-49039)

0-day, Active Directory, CVE, Don't miss, Hot stuff, Immersive Labs, Ivanti, Microsoft, Microsoft Defender, News, OpenSSL, Patch Tuesday, security update, Tenable, Trend Micro, vulnerability, Windows, Windows Server /

Microsoft fixes actively exploited zero-days (CVE-2024-43451, CVE-2024-49039) 2024-11-12 at 23:03 By Zeljka Zorz November 2024 Patch Tuesday is here, and Microsoft has dropped fixes for 89 new security issues in its various products, two of which – CVE-2024-43451 and CVE-2024-49039 – are actively exploited by attackers. The exploited vulnerabilities (CVE-2024-43451, CVE-2024-49039) CVE-2024-43451 is yet another

React to this headline:

Loading spinner

Microsoft fixes actively exploited zero-days (CVE-2024-43451, CVE-2024-49039) Read More »

November 2024 Patch Tuesday forecast: New servers arrive early

apple, Don't miss, Expert analysis, Google, Hot stuff, Ivanti, Microsoft, Mozilla, News, opinion, Patch Tuesday, predictions, Windows /

November 2024 Patch Tuesday forecast: New servers arrive early 2024-11-11 at 08:03 By Help Net Security Microsoft followed their October precedent set with Windows 11 24H2 and announced Microsoft Server 2025 on the first of November. We were expecting the official announcement at Microsoft Ignite near the end of the month, but with the early

React to this headline:

Loading spinner

November 2024 Patch Tuesday forecast: New servers arrive early Read More »

Microsoft patches two zero-days exploited in the wild (CVE-2024-43573, CVE-2024-43572)

0-day, CVE, Don't miss, Hot stuff, Microsoft, NetSPI, News, Patch Tuesday, security update, Tenable, Trend Micro, vulnerability, Windows /

Microsoft patches two zero-days exploited in the wild (CVE-2024-43573, CVE-2024-43572) 2024-10-08 at 22:49 By Zeljka Zorz For October 2024 Patch Tuesday, Microsoft has released fixes for 117 security vulnerabilities, including two under active exploitation: CVE-2024-43573, a spoofing bug affecting the Windows MSHTML Platform, and CVE-2024-43572, a remote code execution flaw in the Microsoft Management Console

React to this headline:

Loading spinner

Microsoft patches two zero-days exploited in the wild (CVE-2024-43573, CVE-2024-43572) Read More »

October 2024 Patch Tuesday forecast: Recall can be recalled

Don't miss, Expert analysis, Hot stuff, Ivanti, Microsoft, News, opinion, Patch Tuesday, predictions /

October 2024 Patch Tuesday forecast: Recall can be recalled 2024-10-04 at 07:46 By Help Net Security October arrived, and Microsoft started the month by announcing the release of Windows 11 24H2. The preview versions of this release have been in the news due to many innovations and one controversial feature. Windows 11 24H2 and Microsoft

React to this headline:

Loading spinner

October 2024 Patch Tuesday forecast: Recall can be recalled Read More »

Microsoft Says Windows Update Zero-Day Being Exploited to Undo Security Fixes

CVE-2024-38226, CVE-2024-43491, Featured, Microsoft, Patch Tuesday, Vulnerabilities, Windows Update /

Microsoft Says Windows Update Zero-Day Being Exploited to Undo Security Fixes 2024-09-10 at 23:31 By Ryan Naraine Patch Tuesday: Microsoft raises an alarm for in-the-wild exploitation of a critical flaw in Windows Update. The post Microsoft Says Windows Update Zero-Day Being Exploited to Undo Security Fixes appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Microsoft Says Windows Update Zero-Day Being Exploited to Undo Security Fixes Read More »

Microsoft fixes 4 exploited zero-days and a code defect that nixed earlier security fixes

0-day, CVE, Don't miss, Elastic, Hot stuff, Immersive Labs, News, Patch Tuesday, SharePoint, Tenable, Trend Micro, vulnerability, Windows /

Microsoft fixes 4 exploited zero-days and a code defect that nixed earlier security fixes 2024-09-10 at 22:46 By Zeljka Zorz September 2024 Patch Tuesday is here and Microsoft has delivered 79 fixes, including those for a handful of zero-days (CVE-2024-38217, CVE-2024-38226, CVE-2024-38014, CVE-2024-43461) exploited by attackers in the wild, and a Windows 10 code defect

React to this headline:

Loading spinner

Microsoft fixes 4 exploited zero-days and a code defect that nixed earlier security fixes Read More »

Adobe Patches Critical, Code Execution Flaws in Multiple Products

Acrobat and Reader, Adobe, ColdFusion, Patch Tuesday, Vulnerabilities /

Adobe Patches Critical, Code Execution Flaws in Multiple Products 2024-09-10 at 20:01 By Ryan Naraine Patch Tuesday: Adobe releases patches for 28 security vulnerabilities and warned of code execution risks on Windows and macOS platforms. The post Adobe Patches Critical, Code Execution Flaws in Multiple Products appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Adobe Patches Critical, Code Execution Flaws in Multiple Products Read More »

SAP Releases 16 New Security Notes on September 2024 Patch Day

Patch Tuesday, SAP, Vulnerabilities /

SAP Releases 16 New Security Notes on September 2024 Patch Day 2024-09-10 at 17:31 By Ionut Arghire SAP has released patches for multiple missing authorization check and information disclosure vulnerabilities on its September 2024 Security Patch Day. The post SAP Releases 16 New Security Notes on September 2024 Patch Day appeared first on SecurityWeek. This

React to this headline:

Loading spinner

SAP Releases 16 New Security Notes on September 2024 Patch Day Read More »

September 2024 Patch Tuesday forecast: Downgrade is the new exploit

Adobe, apple, Chrome, cybersecurity, Don't miss, Expert analysis, Expert corner, Firefox, Hot stuff, Ivanti, Microsoft, Mozilla, News, Patch Tuesday, patching, Windows /

September 2024 Patch Tuesday forecast: Downgrade is the new exploit 2024-09-06 at 08:16 By Help Net Security I asked for a calm August 2024 Patch Tuesday in last month’s forecast article and that came to pass. The updates released were limited to the regular operating systems and all forms of Office applications. Six zero-day vulnerabilities

React to this headline:

Loading spinner

September 2024 Patch Tuesday forecast: Downgrade is the new exploit Read More »

Zero-Click Exploit Concerns Drive Urgent Patching of Windows TCP/IP Flaw

IPv6, Malware & Threats, Microsoft, Patch Tuesday, TCP/IP, Vulnerabilities, Zero-Day /

Zero-Click Exploit Concerns Drive Urgent Patching of Windows TCP/IP Flaw 2024-08-15 at 20:01 By Ryan Naraine Security experts are ratcheting up the urgency for Windows admins to patch a wormable, pre-auth remote code execution vulnerability in the Windows TCP/IP stack. The post Zero-Click Exploit Concerns Drive Urgent Patching of Windows TCP/IP Flaw appeared first on

React to this headline:

Loading spinner

Zero-Click Exploit Concerns Drive Urgent Patching of Windows TCP/IP Flaw Read More »

Microsoft fixes 6 zero-days under active attack

0-day, CVE, Don't miss, Hot stuff, Immersive Labs, Microsoft, Microsoft Edge, MS Office, News, Patch Tuesday, security update, Tenable, Trend Micro, Windows /

Microsoft fixes 6 zero-days under active attack 2024-08-13 at 23:16 By Zeljka Zorz August 2024 Patch Tuesday is here, and Microsoft has delivered fixes for 90 vulnerabilities, six of which have been exploited in the wild as zero-days, and four are publicly known. The zero-days under attack CVE-2024-38178 is a Scripting Engine Memory Corruption Vulnerability

React to this headline:

Loading spinner

Microsoft fixes 6 zero-days under active attack Read More »

Microsoft Warns of Six Windows Zero-Days Being Actively Exploited

exploit, Featured, Microsoft, Patch Tuesday, Vulnerabilities, Windows, Zero-Day /

Microsoft Warns of Six Windows Zero-Days Being Actively Exploited 2024-08-13 at 23:01 By Ryan Naraine Microsoft’s security response team pushed out documentation for almost 90 vulnerabilities across Windows and OS components and marked several flaws in the actively exploited category. The post Microsoft Warns of Six Windows Zero-Days Being Actively Exploited appeared first on SecurityWeek.

React to this headline:

Loading spinner

Microsoft Warns of Six Windows Zero-Days Being Actively Exploited Read More »

Adobe Calls Attention to Massive Batch of Code Execution Flaws

Acrobat and Reader, Adobe, magento, Patch Tuesday, Photoshop, Vulnerabilities /

Adobe Calls Attention to Massive Batch of Code Execution Flaws 2024-08-13 at 20:46 By Ryan Naraine Patch Tuesday: Adobe patches 72 security vulnerabilities and warns that Windows and macOS users are at risk of code execution, memory leaks, and denial-of-service attacks. The post Adobe Calls Attention to Massive Batch of Code Execution Flaws appeared first

React to this headline:

Loading spinner

Adobe Calls Attention to Massive Batch of Code Execution Flaws Read More »

August 2024 Patch Tuesday forecast: Looking for a calm August release

Adobe, apple, Expert analysis, Google, Microsoft, Mozilla, News, opinion, Patch Tuesday, predictions, security update /

August 2024 Patch Tuesday forecast: Looking for a calm August release 2024-08-09 at 13:01 By Help Net Security July ended up being more ‘exciting’ than many of us wanted; we’re supposed to be in the height of summer vacation season. First, we had a large set of updates on Patch Tuesday, then we had to

React to this headline:

Loading spinner

August 2024 Patch Tuesday forecast: Looking for a calm August release Read More »

Citrix Patches Critical NetScaler Console Vulnerability

Citrix, cloud security, NetScaler, Patch Tuesday, Vulnerabilities /

Citrix Patches Critical NetScaler Console Vulnerability 2024-07-10 at 16:46 By Ionut Arghire Citrix rolls out patches for multiple security vulnerabilities, including critical and high-severity issues in the NetScaler product line. The post Citrix Patches Critical NetScaler Console Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React

React to this headline:

Loading spinner

Citrix Patches Critical NetScaler Console Vulnerability Read More »

Microsoft fixes two zero-days exploited by attackers (CVE-2024-38080, CVE-2024-38112)

0-day, Action1, Automox, CVE, Don't miss, Hot stuff, Microsoft, MS SQL Server, News, Patch Tuesday, security update, Trend Micro, virtualization, vulnerability, Windows /

Microsoft fixes two zero-days exploited by attackers (CVE-2024-38080, CVE-2024-38112) 2024-07-09 at 22:31 By Zeljka Zorz For July 2024 Patch Tuesday, Microsoft has released security updates and patches that fix 142 CVEs, including two exploited zero-days (CVE-2024-38080, CVE-2024-38112) in Windows Hyper-V and Windows MSHTML Platform (respectively). Zero-days exploited in the wild (CVE-2024-38080, CVE-2024-38112) CVE-2024-38080 is a

React to this headline:

Loading spinner

Microsoft fixes two zero-days exploited by attackers (CVE-2024-38080, CVE-2024-38112) Read More »

Microsoft Warns of Windows Hyper-V Zero-Day Being Exploited

Adobe, Hyper-V, Incident Response, Malware & Threats, Microsoft, Patch Tuesday, Vulnerabilities, Zero-Day /

Microsoft Warns of Windows Hyper-V Zero-Day Being Exploited 2024-07-09 at 22:04 By Ryan Naraine Patch Tuesday: Microsoft patches more than 140 security vulnerabilities in the Windows ecosystem, including a pair of exploited zero-days. The post Microsoft Warns of Windows Hyper-V Zero-Day Being Exploited appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Microsoft Warns of Windows Hyper-V Zero-Day Being Exploited Read More »

Scroll to Top