Bug Left Some Windows PCs Dangerously Unpatched

Credit to Author: BrianKrebs| Date: Tue, 10 Sep 2024 21:46:21 +0000

Microsoft Corp. today released updates to fix at least 79 security vulnerabilities in its Windows operating systems and related software, including multiple flaws that are already showing up in active attacks. Microsoft also corrected a critical bug that has caused some Windows 10 PCs to remain dangerously unpatched against actively exploited vulnerabilities for several months this year.

Read more

For March's Patch Tuesday, no zero-day flaws

Microsoft this week pushed out 61 Patch Tuesday updates with no reports of public disclosures or other zero-days affecting the larger ecosystem (Windows, Office, .NET). Though there are three updated packages from February, they’re just informational changes with no further action is required.

The team at Readiness has crafted this helpful infographic outlining the risks associated with each of the March updates.

To read this article in full, please click here

Read more

Microsoft fixes two zero-days with Patch Tuesday release

Microsoft on Tuesday released 73 updates in its monthly Patch Tuesday release, addressing issues in Microsoft Exchange Server and Adobe and two zero-day flaws being actively exploited in Microsoft Outlook (CVE-2024-21410) and Microsoft Exchange (CVE-2024-21413).

Including the recent reports that the Windows SmartScreen vulnerability (CVE-2024-21351) is under active exploitation, we have added “Patch Now” schedules to Microsoft Office, Windows and Exchange Server. The team at Readiness has provided this detailed infographic outlining the risks associated with each of the updates for this cycle.

To read this article in full, please click here

Read more

Fat Patch Tuesday, February 2024 Edition

Credit to Author: BrianKrebs| Date: Tue, 13 Feb 2024 22:28:48 +0000

Microsoft Corp. today pushed software updates to plug more than 70 security holes in its Windows operating systems and related products, including two zero-day vulnerabilities that are already being exploited in active attacks.

Read more

Critical zero-day flaws in Windows, Office mean it's time to patch

We are now in the third decade of Microsoft’s monthly Patch Tuesday releases, which deliver fewer critical updates to browsers and Windows platforms — and much more reliable updates to Microsoft Office — than in the early days of patching. But this month, the company rolled out 63 updates (including fixes for three zero-days in Windows and Office).

Updates to Microsoft Exchange and Visual Studio can be included in standard patch release cycles, while Adobe needs to be included in your “Patch Now” releases for third-party applications. 

The team at Readiness has provided a detailed infographic that outlines the risks associated with each of the updates for November.

To read this article in full, please click here

Read more

Microsoft addresses three zero-days for October’s Patch Tuesday

Read more

Critical updates for Microsoft Office and Visual Studio drive September's Patch Tuesday

Microsoft released 59 updates in its September Patch Tuesday release, with critical patches for Microsoft Office and Visual Studio, and  continued the trend of including non-Microsoft applications in its update cycle. (Notepad++ is a notable addition, with Autodesk returning with a revised bulletin.) We’ve made “Patch Now” recommendations for Microsoft development platforms (Visual Studio) and Microsoft Word.

Unfortunately, updates for Microsoft Exchange Server have also returned, requiring server reboots this time, too.

The team at Readiness has created this infographic outlining the risks associated with each of the September updates.

To read this article in full, please click here

Read more

Patch Tuesday: Microsoft rolls out 90 updates for Windows, Office

With its August Patch Tuesday release, Microsoft pushed out 90 updates for the Windows and Office platforms. The latest fixes include  another update for Microsoft Exchange (along with with a warning about failed updates to Exchange Server 2016 and 2019) and a “Patch Now” recommendation from us for Office.

The team at Application Readiness has crafted this useful infographic outlining the risks associated with each of the updates for this month.

To read this article in full, please click here

Read more

Four zero-days make July 's Patch Tuesday a 'patch now' update

Read more

June's Patch Tuesday updates focus on Windows, Office

Microsoft released 73 updates to its Windows, Office, and Visual Studio platforms on Patch Tuesday, with many of them dealing with core, but not urgent, security vulnerabilities. That’s a welcome respite from the previous six months of urgent zero-days and public disclosures. With that in mind, the Readiness testing team suggests a focus on printing and backup/recovery processes to make sure they’re not affected by this update cycle.

For the first time, we see a (non-Adobe) third-party vendor added to a Patch Tuesday release, with three minor plugin updates to Visual Studio for AutoDesk. Expect to see more such vendors added to Microsoft’s updates in the near future. The team at Readiness has created a useful infographic that outlines the risks associated with each of the updates.

To read this article in full, please click here

Read more