Patch Tuesday

Patch Tuesday November 2021 – Microsoft Patches Windows RDP Zero-Day and Exchange RCE

by Russell Smith

Patch Tuesday in November 2021 sees Microsoft release patches to address 55 CVEs, including fixes for 6 zero-day bugs. There are updates for products including Windows, Windows Server, Office, Exchange Server, Active Directory, Microsoft Dynamics, Hyper-V, and Azure Real Time Operating System (RTOS), which is ThreadX RTOS, an embedded real-time operating system that Microsoft purchased… Read More

Patch Tuesday – July 2021

by Russell Smith

Microsoft patches 103 security vulnerabilities this month, including PrintNightmare, a Windows DNS Server bug, 3 elevation of privilege vulnerabilities in the Windows kernel, and much more. Windows and Windows Server Let's start with the bug that surfaced earlier in July month called PrintNightmare. PrintNightmare Microsoft issued an out-of-band cumulative update (CU) for a remote execution… Read More

Patch Tuesday – June 2021

by Russell Smith

This month Microsoft patches 7 zero-day flaws in Windows, 6 of which are being exploited in the wild. And there are also important updates for SharePoint Server, Microsoft Office, and Adobe Acrobat and Reader. Windows and Windows Server If you haven't already started testing and deploying June's updates for Windows and Windows Server, then it's… Read More

Patch Tuesday – April 2021

with 1 Comment by Russell Smith

This month Microsoft releases critical patches for on-premises Exchange Server, a fix for the AD Kerberos KDC flaw, and plugs a zero-day elevation of privilege bug in Windows 10. Windows and Windows Server This month Microsoft patched an elevation of privilege bug (CVE-2021-28310) in Windows that is already been exploited in the wild. The patch… Read More

Patch Tuesday – March 2021

by Russell Smith

Microsoft released patches to fix 82 security bugs in Windows and other software this month. There are critical bugs in IE, Exchange Server, and Windows Server DNS. Windows and Windows Server Windows gets two patches for critical remote code execution (RCE) flaws. CVE-2021-26876 is a vulnerability in OpenType font parsing and CVE-2021-26867 is a flaw… Read More

Patch Tuesday – October 2020

by Russell Smith

This month Microsoft patches a serious remote code execution (RCE) in Windows that could be easily wormable and Outlook gets a patch for a bug that could let an attacker run arbitrary code on affected systems. And after a break of a few months, Adobe releases a security update for Flash Player.