Patch Tuesday

This month sees a bumper crop of 99 patches from Microsoft, including a fix for the IE zero-day announced last month and a change in default configuration for new Windows Server Active Directory deployments.

Windows 7 gets its last regular Patch Tuesday security updates, Microsoft fixes a CryptoAPI vulnerability reported by the NSA, and Windows Server RDP also gets patched.

This month’s end-of-year Patch Tuesday is relatively light, with Microsoft fixing a Windows zero-day and a spoofing vulnerability in SQL Server Reporting Services.

This month sees Microsoft patch a zero-day in IE, a security advisory for TPMs, and release the Windows 10 November 2019 Update for seekers.

This month is light on security fixes and there are no zero-days but there are still plenty of critical flaws that need patching.

This month Microsoft patches two zero-days that could lead to elevation of privileges and more Remote Desktop Protocol bugs.

This month Microsoft patches ‘wormable’ vulnerabilities in Remote Desktop that it discovered during routine hardening, remote code execution flaws in Edge and IE, and a new advisory for LDAP security is issued for Active Directory.

This month sees Microsoft patch two zero-day vulnerabilities in Windows, an issue that may cause BitLocker to go into recovery mode, and the usual list of important and critical flaws for other products.

This month Microsoft patches four zero-day flaws in Windows 10 and some Bluetooth security keys stop working.

This month’s quality update for Windows 10 is so good that it installs itself twice, Microsoft releases patches for Intel Microarchitectural Data Sampling (MDS) attacks, and there’s a fix for a zero-day flaw in Windows Error Reporting.