Microsoft holds last Patch Tuesday of the year with 72 gifts for admins

December 10, 2024 at 03:55PM This month, Microsoft has released 72 fixes, with CVE-2024-49138 posing an immediate risk due to active exploitation. Adobe, on the other hand, issued 167 fixes, including 91 for Adobe Experience Manager and critical updates for Adobe Connect. Users are urged to patch vulnerabilities across all platforms promptly. ### Meeting Takeaways … Read more

Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 89 flaws

November 13, 2024 at 11:36AM Microsoft’s November 2024 Patch Tuesday addressed 89 vulnerabilities, including four zero-days, with two actively exploited. Key fixes involve critical flaws in remote code execution and privilege escalation. Other notable updates were shared by Adobe, Cisco, and Google. Comprehensive vulnerability details are outlined in the full report. ### Meeting Takeaways – … Read more

Admins can give thanks this November for dollops of Microsoft patches

November 12, 2024 at 08:32PM Microsoft’s recent Patch Tuesday update addressed 89 security flaws, including two under active attack. Vulnerabilities CVE-2024-49039 and CVE-2024-43451 enable privilege escalation and account impersonation, respectively. Additionally, severe flaws in Azure and .NET products could lead to remote code execution. CISA highlighted an increase in zero-day exploitations throughout 2023. ### Meeting … Read more

Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 91 flaws

November 12, 2024 at 02:04PM Microsoft’s November 2024 Patch Tuesday addresses 91 vulnerabilities, including four critical flaws and two actively exploited zero-days. Notable vulnerabilities include NTLM Hash Disclosure and Windows Task Scheduler issues. The update also highlights fixes for other major products and features from various vendors, ensuring enhanced security across systems. ### Meeting Takeaways … Read more

Windows 10 KB5043064 update released with 6 fixes, security updates

September 10, 2024 at 02:23PM Microsoft has released the KB5043064 cumulative update for Windows 10 22H2 and 21H2, including 6 fixes and security updates fixing 142 vulnerabilities. Users can install it manually or schedule an update time. It addresses various issues, including Bluetooth and BitLocker bugs. However, there are issues with account profile pictures and … Read more

Microsoft August 2024 Patch Tuesday fixes 9 zero-days, 6 exploited

August 13, 2024 at 02:44PM Today, Microsoft’s August 2024 Patch Tuesday addresses 89 flaws with security updates, including six actively exploited and three publicly disclosed zero-days. Additionally, Microsoft is in the process of addressing a tenth publicly disclosed zero-day. Based on the meeting notes, the key takeaways are: – It is Microsoft’s August 2024 Patch … Read more

Microsoft Warns of Windows Hyper-V Zero-Day Being Exploited

July 9, 2024 at 03:03PM Microsoft released a large set of updates to address security vulnerabilities in the Windows environment. They warned of active exploitation of a Windows Hyper-V privilege escalation bug and a Windows MSHTML Platform spoofing vulnerability. These vulnerabilities represent only a portion of the 143 documented bugs, with five rated as critical. … Read more

Ransomware crew may have exploited Windows make-me-admin bug as a zero-day

June 12, 2024 at 06:16PM Symantec’s threat hunters suspect Black Basta ransomware gang exploited a Windows privilege escalation bug, CVE-2024-26169, before Microsoft’s patch. Symantec’s analysis suggests the ransomware could have been compiled pre-patch, allowing “at least one group” to exploit the vulnerability as a zero-day. The ransomware gang, tracked as Storm-1811, used social engineering attacks … Read more

Windows 11 KB5036893 released with 29 changes, Moment 5 features

April 9, 2024 at 02:00PM Microsoft has released the KB5036893 cumulative update for Windows 11 23H3, featuring 29 changes and enabling Moment 5 features for all users. It’s mandatory for April 2024 security updates fixing sixty vulnerabilities. The update can be installed via Windows Update or Microsoft Update Catalog and includes multiple enhancements and fixes. … Read more

Microsoft’s March Updates Fix 61 Vulnerabilities, Including Critical Hyper-V Flaws

March 13, 2024 at 02:03AM Microsoft released a monthly security update addressing 61 vulnerabilities, including 2 critical issues in Windows Hyper-V with potential for denial-of-service and remote code execution. None of the flaws were publicly known or under active attack, but updates were also made to the Chromium-based Edge browser. Other vendors have also released … Read more