December 2019 Patch Tuesday – 36 Vulns, 7 Critical, Actively Attacked Win32k vuln, Adobe vulns

This month’s Patch Tuesday is rather light and addresses 36 vulnerabilities, with only 7 labeled as Critical. Five of the seven Critical vulns are in Git for Visual Studio. The others are for Hyper-V and Win32k. Also, there is one actively attacked “Important” vuln in Win32k. Adobe released patches today ... Read More

November 2019 Patch Tuesday – 74 vulns, 13 Critical, Actively Attacked IE vuln, Hyper-V escapes, Adobe

This month’s Microsoft Patch Tuesday addresses 74 vulnerabilities with 13 of them labeled as Critical. Of the 13 Critical vulns, 5 are for browsers and scripting engines. Out of the 8 remaining Critical vulns, 4 are potential hypervisor escapes in Hyper-V, as well as vulnerabilities in Microsoft Exchange, Win32k, Windows ... Read More

October 2019 Patch Tuesday – 59 vulns, 9 Critical, Azure App Service, Remote Desktop Client, PoC for Windows Error Reporting

This month’s Microsoft Patch Tuesday addresses 59 vulnerabilities with only 9 of them labeled as Critical. Of the 9 Critical vulns, 7 of them are for browsers and scripting engines. The remaining 2 are for Azure App Service and Remote Desktop Client. In addition, PoC code has been published for ... Read More

September Patch Tuesday – 79 Vulns, 17 Critical, Remote Desktop Client, SharePoint, Exploited PrivEsc

This month’s Microsoft Patch Tuesday addresses 79 vulnerabilities with 17 of them labeled as Critical. Of the 17 Critical vulns, 8 are for scripting engines and browsers, 4 are for the Remote Desktop Client, and 3 are for SharePoint. In addition, Microsoft has again patched a critical vulnerability in LNK ... Read More

August 2019 Patch Tuesday – 93 Vulns, 29 Critical, 7 Remote Desktop Vulns, Hyper-V, DHCP, Adobe vulns

Update Aug 13, 2019: Detect and Patch Windows Remote Desktop Vulnerabilities This month’s Microsoft Patch Tuesday addresses 93 vulnerabilities with 29 of them labeled as Critical. Of the 29 Critical vulns, 10 are for scripting engines and browsers, 6 for Windows Graphics/Font Library, and 4 are for Office apps. In ... Read More

July 2019 Patch Tuesday – 77 Vulns, 15 Critical, DHCP RCE, Exploited PrivEsc, SQL, Adobe Vulns

This month’s Microsoft Patch Tuesday addresses 77 vulnerabilities with 15 of them labeled as Critical. Of the 15 Critical vulns, 11 are for scripting engines and browsers, with the remaining four covering DHCP Server, GDI+, .NET Framework, and Azure DevOps Server / Team Foundation Server. In addition, Microsoft has released ... Read More
Exim MTA Vulnerability (The Return of the WIZard – CVE-2019-10149)

Exim MTA Vulnerability (The Return of the WIZard – CVE-2019-10149)

Last week, Qualys issued a security advisory for a vulnerability we discovered during a code review of Exim. This vulnerability can lead to Remote Command Injection, and is currently being actively attacked in the wild. This blog will show you how to quickly identify assets that are impacted by this ... Read More

June 2019 Patch Tuesday – 88 Vulns, 21 Critical, Hyper-V Escape, Adobe Vulns

This month’s Microsoft Patch Tuesday addresses 88 vulnerabilities with 21 of them labeled as Critical. Of the 21 Critical vulns, 17 are for scripting engines and browsers, and 3 are potential hypervisor escapes in Hyper-V. The remaining vulnerability is an RCE in the Microsoft Speech API. Microsoft also issued guidance ... Read More
Windows RDP Remote Code Execution Vulnerability (BlueKeep) – How to Detect and Patch

Windows RDP Remote Code Execution Vulnerability (BlueKeep) – How to Detect and Patch

This month’s Microsoft Patch Tuesday included a very high-risk vulnerability (CVE-2019-0708, aka BlueKeep) in Remote Desktop that impacts Windows XP, Windows 7, Server 2003, Server 2008, and Server 2008 R2. This vulnerability allows an unauthenticated attacker (or malware) to execute code on the vulnerable system. It is very likely that ... Read More

May 2019 Patch Tuesday – 79 Vulns, 22 Critical, RDP RCE, MDS Attacks, Adobe Vulns

This month’s Microsoft Patch Tuesday addresses 79 vulnerabilities with 22 of them labeled as Critical. Of the 22 Critical vulns, 18 are for scripting engines and browsers. The remaining 4 are remote code execution (RCE) in Remote Desktop, DHCP Server, GDI+, and Word. Microsoft also released guidance on the recently ... Read More
Loading...