Microsoft Patch Tuesday: 74 CVEs plus 2 “Exploit Detected” advisories
74 CVEs, and two "Exploitation Detected" advisories, which are nearly but not quite the same as 0-days. Also, two potential Teams treacheries that you really want to fix.
Patch Tuesday tracks Microsoft's regular security updates, helping readers understand vulnerabilities, fixes, and risks affecting software users.
Search across headline titles and summaries.
Background for this topic.
Patch Tuesday is the second Tuesday of each month, when Microsoft publishes a scheduled set of security and quality updates for supported products. The term is also used broadly for the recurring monthly patch cycle that organizations use to review, test, and deploy vendor fixes. Releases may address vulnerabilities in operating systems, applications, browsers, and infrastructure components, with severity and affected versions varying by update.
For security teams, the release is a trigger for vulnerability-management work: identify exposed and supported assets, assess whether a flaw is being exploited or affects a critical system, and prioritize deployment accordingly. Testing and staged rollout can reduce compatibility and availability problems, while leaving internet-facing or unpatched systems exposed can increase the chance of compromise. Teams should also account for patches that require reboots, configuration changes, or dependent updates, and track exceptions with compensating controls. Critical fixes may warrant accelerated or emergency deployment rather than waiting for the normal maintenance window.
Weekly headline count for the current query.
74 CVEs, and two "Exploitation Detected" advisories, which are nearly but not quite the same as 0-days. Also, two potential Teams treacheries that you really want to fix.
No zero-days this month, if you ignore the Edge RCE hole patched last week
An email you haven't even looked at yet could be used to trick Outlook into helping crooks to logon as you.
Lots of lovely patches for your Valentine's Day delight. Get 'em as soon as you can...
Get 'em while they're hot. And get 'em for the very last time, if you've still have Windows 7 or 8.1...
Tales of derring-do in the cyberunderground! (And some zero-days.)
In all the excitement, we kind of lost track ourselves. Were there six 0-days, or only four?
There's a zero-day patch, but it's not for the zero-day you thought.
Hacking on actual computers is one thing, but hacking purposefully on imaginary computers is, these days, something we can only imagine.
We tried it out to make sure, so you don't have to.
Remember the good old days when security patches rarely needed patches? Because security patches themlelves were rare enough anyway?