8 min
Vulnerability Management
Patch Tuesday - January 2023
The first Patch Tuesday of 2023 sees Microsoft patching nearly 100 CVEs, including two zero-day vulnerabilities.
6 min
Vulnerability Management
Patch Tuesday - December 2022
48 new CVEs (plus 24 affecting Chromium-based Edge) published by Microsoft, including two zero-day vulnerabilities, one of which has been seen actively exploited.
6 min
Vulnerability Management
Patch Tuesday - November 2022
Microsoft has patched the two zero-day vulnerabilities in Exchange from September, along with 67 new CVEs (4 of which are also zero-days). Most vulnerabilities this month affect Windows.
8 min
Vulnerability Management
Patch Tuesday - October 2022
Microsoft has patched 96 CVEs, including zero-days affecting Windows and Office for Mac. The recent Exchange Server zero-days seen exploited in the wild remain unpatched.
7 min
Vulnerability Management
Patch Tuesday - September 2022
In this month's Patch Tuesday, we cover the 79 CVEs, including a zero-day privilege escalation, patched by Microsoft this month.
11 min
Vulnerability Management
Patch Tuesday - August 2022
Microsoft has patched 141 CVEs in their August 2022 updates, including one zero-day affecting the Microsoft Windows Support Diagnostic Tool (MSDT).
7 min
Vulnerability Management
Patch Tuesday - July 2022
One 0-day vulnerability, four Critical RCEs, and a whole bunch of fixes for Azure Site Recovery.
6 min
Patch Tuesday
Patch Tuesday - June 2022
Patches for Follina, more NFS and LDAP vulnerabilities, and the beginning of the end for IE11.
7 min
Vulnerability Management
Patch Tuesday - May 2022
This month is par for the course in terms of both number and severity of vulnerabilities being patched by Microsoft. There is one 0-day this month: CVE-2022-26925, a Spoofing vulnerability in the Windows Local Security Authority (LSA) subsystem.
11 min
Vulnerability Management
Patch Tuesday - April 2022
From Defender to Windows, Office to Azure, this month’s Patch Tuesday has a large swath of Microsoft’s portfolio getting vulnerabilities fixed. 119 CVEs were addressed today, not including the 26 Chromium vulnerabilities that were fixed in the Edge browser.
8 min
Vulnerability Management
Patch Tuesday - March 2022
March 2022's Patch Tuesday sees Microsoft addressing 71 CVEs (excluding Chromium/Edge), 3 of which are considered Critical.
6 min
Vulnerability Management
Patch Tuesday - February 2022
February 2022's fixes from Microsoft are relatively light as far as Patch Tuesdays go.
10 min
Patch Tuesday
Patch Tuesday - January 2022
The first Patch Tuesday of 2022 sees Microsoft publishing fixes for over 120
CVEs across the bulk of their product line, including 29 previously patched CVEs
affecting their Edge browser via Chromium. None of these have yet been seen
exploited in the wild, though six were publicly disclosed prior to today. This
includes two Remote Code Execution (RCE) vulnerabilities in open source
libraries that are bundled with more recent versions of Windows: CVE-2021-22947
[https://msrc.microsoft.com/update-
7 min
Vulnerability Management
Patch Tuesday - December 2021
This month’s Patch Tuesday comes in the middle of a global effort to mitigate Apache Log4j CVE-2021-44228.
8 min
InsightVM
Using InsightVM to Find Apache Log4j CVE-2021-44228
How to use InsightVM or Nexpose to detect exposure to Log4Shell CVE-2021-44228 in your environment, plus additional detail about how our various vulnerability checks work under the hood.