Patch Tuesday – Page 6 – PossibleThreat Articles

The second Tuesday of the year brings us many updates, including one for an actively exploited vulnerability that could lead to elevation of privileges

Security Sophos

January 2023 patch roundup: Microsoft tees up 98 updates

January 10, 2023 0 Comments 3d builder, adobe reader, cve-2023-21531, cve-2023-21552, cve-2023-21559, cve-2023-21674, cve-2023-21678, cve-2023-21743, exp/2321552-a, exp/2321674-a, featured, Microsoft, Patch Tuesday, sharepoint, sophos x-ops, threat research, Windows, windows 7, x-ops

Credit to Author: Angela Gunn| Date: Wed, 11 Jan 2023 02:05:40 +0000

Adobe greets the new year with patches for 18 vulns in Reader, Acrobat, and others; sun sets on the last of Win7, 8, RT support

Security Sophos

Microsoft Patch Tuesday: One 0-day; Win 7 and 8.1 get last-ever patches

January 10, 2023 0 Comments Exploit, malware. spam. vulnerability, Microsoft, Patch Tuesday, vulnerability

Credit to Author: Paul Ducklin| Date: Wed, 11 Jan 2023 00:22:30 +0000

Get ’em while they’re hot. And get ’em for the very last time, if you still have Windows 7 or 8.1…

MalwareBytes Security

Update now! Two zero-days fixed in 2022’s last patch Tuesday

December 14, 2022 0 Comments Android, Apple, Cisco, citrix, cve-2022-41076, cve-2022-44670, cve-2022-44676, cve-2022-44698, cve-2022-44710, Exploits and vulnerabilities, fortinet, Google, Microsoft, motw, Mozilla, news, Patch Tuesday, race condition, remote powershell, sap

Categories: Exploits and vulnerabilities

Categories: News

Tags: patch Tuesday

Tags: Microsoft

Tags: Android

Tags: Apple

Tags: Mozilla

Tags: Google

Tags: Sap

Tags: Citrix

Tags: Fortinet

Tags: Cisco

Tags: CVE-2022-44698

Tags: MotW

Tags: CVE-2022-44710

Tags: race condition

Tags: CVE-2022-44670

Tags: CVE-2022-44676

Tags: CVE-2022-41076

Tags: remote powershell

The last patch Tuesday of 2022 is here—find out what Microsoft and many others have fixed

Security Sophos

Patch Tuesday: 0-days, RCE bugs, and a curious tale of signed malware

December 13, 2022 0 Comments driver signing, Exploit, Microsoft, Patch Tuesday, vulnerability

Credit to Author: Paul Ducklin| Date: Wed, 14 Dec 2022 01:13:40 +0000

Tales of derring-do in the cyberunderground! (And some zero-days.)

Security Sophos

2022 Patch Tuesday cycle wraps with 48 CVEs, one advisory

December 13, 2022 0 Comments cve-2022-44690, cve-2022-44693, cve-2022-44698, cve-2022-44710, driver certificate deprecation, driver signature enforcement, drivers, Microsoft, Patch Tuesday, threat research, x-ops

Credit to Author: Angela Gunn| Date: Tue, 13 Dec 2022 18:00:22 +0000

Windows-heavy collection closes out a year of elevation-of-privilege vulnerabilities; no Exchange patches in sight

Security Sophos

Signed driver malware moves up the software trust chain

December 13, 2022 0 Comments 2022-12, adv220005, burntcigar, byovd, cuba ransomware, driver signature enforcement, drivers, featured, Patch Tuesday, sbom, security operations, signed drivers, sophos x-ops, supply chain compromise, threat research, whcp, whql, Windows, x-ops

Credit to Author: Andrew Brandt| Date: Tue, 13 Dec 2022 18:00:15 +0000

The criminals signed their AV-killer malware, closely related to one known as BURNTCIGAR, with a legitimate WHCP certificate

Security Sophos

S3 Ep108: You hid THREE BILLION dollars in a popcorn tin?

November 10, 2022 0 Comments bust, cryptocurrency, Exploit, Law & order, Microsoft, Naked Security Podcast, Patch Tuesday, Podcast, Privacy, vulnerability, Windows

Credit to Author: Paul Ducklin| Date: Thu, 10 Nov 2022 17:26:34 +0000

Patches, busts, leaks and why even low-likelihood exploits can be high-severity risks – listen now!

Security Sophos

Exchange 0-days fixed (at last) – plus 4 brand new Patch Tuesday 0-days!

November 9, 2022 0 Comments 0 day, exchange, Exploit, Microsoft, Patch Tuesday, Privacy, vulnerability, zero day

Credit to Author: Paul Ducklin| Date: Wed, 09 Nov 2022 17:58:37 +0000

In all the excitement, we kind of lost count ourselves. Were there six 0-days, or only four?