Time to Patch – Page 3 – PossibleThreat Articles

Microsoft Patch Tuesday, May 2023 Edition

May 11, 2023 0 Comments adam barnett, blacklotus, cve-2023-24932, cve-2023-24941, cve-2023-28283, cve-2023-29325, cve-2023-29336, immersive labs, kevin breen, rapid7, sans internet storm center, Time to Patch

Credit to Author: BrianKrebs| Date: Wed, 10 May 2023 01:19:58 +0000

Microsoft today released software updates to fix at least four dozen security holes in its Windows operating systems and other software, including patches for two zero-day vulnerabilities that are already being exploited in active attacks.

Independent Krebs Security

Many Public Salesforce Sites are Leaking Private Data

April 27, 2023 0 Comments A Little Sunshine, charan akiri, dc health, dc health link, huntington bank, Latest Warnings, matthew jennings, mike rupert, salesforce community websites, scott carbee, tcf bank, The Coming Storm, Time to Patch, Vermont

Credit to Author: BrianKrebs| Date: Fri, 28 Apr 2023 02:09:56 +0000

A shocking number of organizations — including banks and healthcare providers — are leaking private and sensitive information from their public Salesforce Community websites, KrebsOnSecurity has learned. The data exposures all stem from a misconfiguration in Salesforce Community that allows an unauthenticated user to access records that should only be available after logging in.

Independent Krebs Security

Microsoft (& Apple) Patch Tuesday, April 2023 Edition

April 11, 2023 0 Comments bharat jogi, cve-2022-37969, cve-2023-28219, cve-2023-28220, cve-2023-28252, dbappsecurity, dustin childs, ios 15.5.7, ios/ipados 16.4.1, macos 12.6.5 and 11.7.6., mandiant, nokoyawa ransomware, Qualys, security tools, The Coming Storm, Time to Patch, trend micro zero day initiative, windows common log system file system

Credit to Author: BrianKrebs| Date: Wed, 12 Apr 2023 00:06:51 +0000

Microsoft today released software updates to plug 100 security holes in its Windows operating systems and other software, including a zero-day vulnerability that is already being used in active attacks. Not to be outdone, Apple has released a set of important updates addressing two zero-day vulnerabilities that are being used to attack iPhones, iPads and Macs.

Independent Krebs Security

Microsoft Patch Tuesday, March 2023 Edition

March 15, 2023 0 Comments cve-2023-23397, cve-2023-24800, dustin childs, immersive labs, kevin breen, microsoft 365 apps for enterprise, microsoft patch tuesday march 2023, rapid7, security tools, The Coming Storm, Time to Patch, windows smartscreen, zero day initiative

Credit to Author: BrianKrebs| Date: Wed, 15 Mar 2023 15:19:32 +0000

Microsoft on Tuesday released updates to quash at least 74 security bugs in its Windows operating systems and software. Two of those flaws are already being actively attacked, including an especially severe weakness in Microsoft Outlook that can be exploited without any user interaction.

Independent Krebs Security

Microsoft Patch Tuesday, February 2023 Edition

February 14, 2023 0 Comments cve-2023-21529, cve-2023-21706, cve-2023-21707, cve-2023-21715, cve-2023-21716, cve-2023-21823, cve-2023-23376, dustin childs, immersive labs, internet explorer 11, johannes ullrich, kevin breen, Latest Warnings, mandiant, Microsoft Office, microsoft patch tuesday february 2023, sans internet storm center, security tools, Time to Patch, trend micro zero day initiative

Credit to Author: BrianKrebs| Date: Tue, 14 Feb 2023 21:01:41 +0000

Microsoft is sending the world a whole bunch of love today, in the form of patches to plug dozens of security holes in its Windows operating systems and other software. This year’s special Valentine’s Day Patch Tuesday includes fixes for a whopping three different “zero-day” vulnerabilities that are already being used in active attacks.

Independent Krebs Security

Microsoft Patch Tuesday, January 2023 Edition

January 10, 2023 0 Comments cve-2023-21563, cve-2023-21674, cve-2023-21678, cve-2023-21743, cve-2023-21745, cve-2023-21762, dustin childs, Latest Warnings, microsoft bitlocker, satnam narang, security tools, tenable, Time to Patch

Credit to Author: BrianKrebs| Date: Tue, 10 Jan 2023 22:28:55 +0000

Microsoft today released updates to fix nearly 100 security flaws in its Windows operating systems and other software. Highlights from the first Patch Tuesday of 2023 include a zero-day vulnerability in Windows, printer software flaws reported by the U.S. National Security Agency, and a critical Microsoft SharePoint Server bug that allows a remote, unauthenticated attacker to make an anonymous connection.

Independent Krebs Security

Microsoft Patch Tuesday, December 2022 Edition

December 14, 2022 0 Comments apple zero-day, cve-2022-41076, cve-2022-44698, cve-2022-44710, cve-2022-44713, greg wiseman, immersive labs, kevin breen, Latest Warnings, microsoft patch tuesday december 2022, PowerShell, rapid7, security tools, sophos, Time to Patch, trend micro's zero day initiative, will dormann, Windows

Credit to Author: BrianKrebs| Date: Wed, 14 Dec 2022 17:01:07 +0000

Microsoft has released its final monthly batch of security updates for 2022, fixing more than four dozen security holes in its various Windows operating systems and related software. The most pressing patches include a zero-day vulnerability in a Windows feature that tries to flag malicious files from the Web, a critical bug in PowerShell, and a dangerous flaw in Windows 11 systems that was detailed publicly prior to this week’s Patch Tuesday.

Independent Krebs Security

Patch Tuesday, November 2022 Election Edition

November 8, 2022 0 Comments askwoody, cve-2022-41073, cve-2022-41080, cve-2022-41082, cve-2022-41091, cve-2022-41125, cve-2022-41128, immersive labs, kevin breen, Microsoft, microsoft patch tuesday november 2022, sans internet storm center, satnam narang, tenable, Time to Patch, Windows, windows print spooler

Credit to Author: BrianKrebs| Date: Wed, 09 Nov 2022 01:50:14 +0000

Let’s face it: Having “2022 election” in the headline above is probably the only reason anyone might read this story today. Still, while most of us here in the United States are anxiously awaiting the results of how well we’ve patched our Democracy, it seems fitting that Microsoft Corp. today released gobs of security patches for its ubiquitous Windows operating systems. November’s patch batch includes fixes for a whopping six zero-day security vulnerabilities that miscreants and malware are already exploiting in the wild.

Independent Krebs Security

Microsoft Patch Tuesday, October 2022 Edition

October 11, 2022 0 Comments caitlin condon, cve-2022-37968, cve-2022-41033, immersive labs, kevin breen, Latest Warnings, microsoft patch tuesday october 2022, rapid7, satnam narang, tenable, Time to Patch

Credit to Author: BrianKrebs| Date: Tue, 11 Oct 2022 21:06:23 +0000

Microsoft today released updates to fix at least 85 security holes in its Windows operating systems and related software, including a new zero-day vulnerability in all supported versions of Windows that is being actively exploited. However, noticeably absent from this month’s Patch Tuesday are any updates to address a pair of zero-day flaws being exploited this past month in Microsoft Exchange Server.

Independent Krebs Security

Microsoft: Two New 0-Day Flaws in Exchange Server

September 30, 2022 0 Comments cve-2022-41040, cve-2022-41082, gtsc, Latest Warnings, microsoft exchange server zero-day, steven adair, The Coming Storm, Time to Patch, volexity, zimbra collaboration suite

Credit to Author: BrianKrebs| Date: Fri, 30 Sep 2022 16:51:57 +0000

Microsoft Corp. is investigating reports that attackers are exploiting two previously unknown vulnerabilities in Exchange Server, a technology many organizations rely on to send and receive email. Microsoft says it is expediting work on software patches to plug the security holes. In the meantime, it is urging a subset of Exchange customers to enable a setting that could help mitigate ongoing attacks.