12 min
Vulnerability Management
Patch Tuesday - July 2023
Five zero-day vulns, including an Office maldoc attack with no patch yet and a SmartScreen bypass. Eight critical RCEs, and 130 total vulns. Busier than recent months.
10 min
Vulnerability Management
Patch Tuesday - June 2023
No zero-day vulns this month. PGM & .NET/Visual Studio critical RCEs. SharePoint EoP. Exchange RCEs.
9 min
Vulnerability Management
Patch Tuesday - May 2023
A relatively light 49 vulnerabilities patched in May 2023, including a new entry method for BlackLotus bootkit malware.
12 min
Vulnerability Management
Patch Tuesday - April 2023
114 vulnerabilities patched, including a zero-day driver-based LPE. Message Queueing Service RCE. End of support for 2013 products.
11 min
Vulnerability Management
Patch Tuesday - March 2023
Microsoft March 2023 Patch Tuesday fixes 101 security issues, including a Critical zero-day vulnerability in Outlook which has been exploited by Russia-based actors against European government & critical infrastructure targets.
8 min
Vulnerability Management
Patch Tuesday - February 2023
Microsoft has patched 72 CVEs, including three actively-exploited zero-days affecting Windows and Microsoft 365 for Enterprise.
8 min
Vulnerability Management
Patch Tuesday - January 2023
The first Patch Tuesday of 2023 sees Microsoft patching nearly 100 CVEs, including two zero-day vulnerabilities.
6 min
Vulnerability Management
Patch Tuesday - December 2022
48 new CVEs (plus 24 affecting Chromium-based Edge) published by Microsoft, including two zero-day vulnerabilities, one of which has been seen actively exploited.
6 min
Vulnerability Management
Patch Tuesday - November 2022
Microsoft has patched the two zero-day vulnerabilities in Exchange from September, along with 67 new CVEs (4 of which are also zero-days). Most vulnerabilities this month affect Windows.
8 min
Vulnerability Management
Patch Tuesday - October 2022
Microsoft has patched 96 CVEs, including zero-days affecting Windows and Office for Mac. The recent Exchange Server zero-days seen exploited in the wild remain unpatched.
7 min
Vulnerability Management
Patch Tuesday - September 2022
In this month's Patch Tuesday, we cover the 79 CVEs, including a zero-day privilege escalation, patched by Microsoft this month.
11 min
Vulnerability Management
Patch Tuesday - August 2022
Microsoft has patched 141 CVEs in their August 2022 updates, including one zero-day affecting the Microsoft Windows Support Diagnostic Tool (MSDT).
7 min
Vulnerability Management
Patch Tuesday - July 2022
One 0-day vulnerability, four Critical RCEs, and a whole bunch of fixes for Azure Site Recovery.
6 min
Patch Tuesday
Patch Tuesday - June 2022
Patches for Follina, more NFS and LDAP vulnerabilities, and the beginning of the end for IE11.
7 min
Vulnerability Management
Patch Tuesday - May 2022
This month is par for the course in terms of both number and severity of vulnerabilities being patched by Microsoft. There is one 0-day this month: CVE-2022-26925, a Spoofing vulnerability in the Windows Local Security Authority (LSA) subsystem.