Patch Tuesday

Microsoft patches 112 bugs, including a zero-day for the Windows kernel.

This month Microsoft patches a serious remote code execution (RCE) in Windows that could be easily wormable and Outlook gets a patch for a bug that could let an attacker run arbitrary code on affected systems. And after a break of a few months, Adobe releases a security update for Flash Player.

Microsoft patches 120 vulnerabilities this month, including 2 zero-day flaws. One in Windows and the second in Internet Explorer.

Microsoft releases 123 security updates, including a patch for a critical Windows Server DNS bug and Hyper-V RemoteFX vGPU gets disabled.

This month Microsoft addresses 129 vulnerabilities, including SMBv3 bugs, Flash Player, and remote code execution flaws in VBScript.

Microsoft issues fixes for 111 vulnerabilities, making this month the third biggest set of patches in Microsoft’s history.

This month Microsoft patches three Windows 10 zero-days, including a patch for two RCE flaws discovered last month in the Windows Adobe Type Manager Library. There are also important updates for vulnerabilities in the OneDrive desktop app for Windows, the DNS client service, and in the way that Windows handles token relationships.

Microsoft recommends applying an out-of-band emergency patch for SMB remote code execution flaw as soon as possible.

The biggest Patch Tuesday in the company’s history, this month Microsoft fixes 115 bugs. There’s also a security advisory for a critical bug in SMBv3 and a patch for a flaw in the way Windows parses .LNK files. The bug could let an attacker run code regardless of whether a user opens the infected file.

Microsoft UEFI Revocation List File update causes problems on some devices. Here’s what you need to know about the latest Windows Update problem.