Patch Tuesday

Microsoft fixes a zero-day in its Defender antimalware software and issues a patch for a vulnerability that was publicly disclosed in December.

This month there are just 58 bugs patched for Microsoft products, including a critical remote code execution flaw in Hyper-V and Microsoft issues a security advisory for Windows DNS.

Microsoft patches 112 bugs, including a zero-day for the Windows kernel.

This month Microsoft patches a serious remote code execution (RCE) in Windows that could be easily wormable and Outlook gets a patch for a bug that could let an attacker run arbitrary code on affected systems. And after a break of a few months, Adobe releases a security update for Flash Player.

Microsoft patches 120 vulnerabilities this month, including 2 zero-day flaws. One in Windows and the second in Internet Explorer.

Microsoft releases 123 security updates, including a patch for a critical Windows Server DNS bug and Hyper-V RemoteFX vGPU gets disabled.

This month Microsoft addresses 129 vulnerabilities, including SMBv3 bugs, Flash Player, and remote code execution flaws in VBScript.

Microsoft issues fixes for 111 vulnerabilities, making this month the third biggest set of patches in Microsoft's history.

This month Microsoft patches three Windows 10 zero-days, including a patch for two RCE flaws discovered last month in the Windows Adobe Type Manager Library. There are also important updates for vulnerabilities in the OneDrive desktop app for Windows, the DNS client service, and in the way that Windows handles token relationships.

Microsoft recommends applying an out-of-band emergency patch for SMB remote code execution flaw as soon as possible.

The biggest Patch Tuesday in the company's history, this month Microsoft fixes 115 bugs. There's also a security advisory for a critical bug in SMBv3 and a patch for a flaw in the way Windows parses .LNK files. The bug could let an attacker run code regardless of whether a user opens the infected file.

Microsoft UEFI Revocation List File update causes problems on some devices. Here's what you need to know about the latest Windows Update problem.  

This month sees a bumper crop of 99 patches from Microsoft, including a fix for the IE zero-day announced last month and a change in default configuration for new Windows Server Active Directory deployments.

Windows 7 gets its last regular Patch Tuesday security updates, Microsoft fixes a CryptoAPI vulnerability reported by the NSA, and Windows Server RDP also gets patched.

This month’s end-of-year Patch Tuesday is relatively light, with Microsoft fixing a Windows zero-day and a spoofing vulnerability in SQL Server Reporting Services.