Microsoft Patch Tuesday, December 2022 Edition

Credit to Author: BrianKrebs| Date: Wed, 14 Dec 2022 17:01:07 +0000

Microsoft has released its final monthly batch of security updates for 2022, fixing more than four dozen security holes in its various Windows operating systems and related software. The most pressing patches include a zero-day vulnerability in a Windows feature that tries to flag malicious files from the Web, a critical bug in PowerShell, and a dangerous flaw in Windows 11 systems that was detailed publicly prior to this week’s Patch Tuesday.

Read more

Patch Tuesday, November 2022 Election Edition

Credit to Author: BrianKrebs| Date: Wed, 09 Nov 2022 01:50:14 +0000

Let’s face it: Having “2022 election” in the headline above is probably the only reason anyone might read this story today. Still, while most of us here in the United States are anxiously awaiting the results of how well we’ve patched our Democracy, it seems fitting that Microsoft Corp. today released gobs of security patches for its ubiquitous Windows operating systems. November’s patch batch includes fixes for a whopping six zero-day security vulnerabilities that miscreants and malware are already exploiting in the wild.

Read more

Microsoft Patch Tuesday, October 2022 Edition

Credit to Author: BrianKrebs| Date: Tue, 11 Oct 2022 21:06:23 +0000

Microsoft today released updates to fix at least 85 security holes in its Windows operating systems and related software, including a new zero-day vulnerability in all supported versions of Windows that is being actively exploited. However, noticeably absent from this month’s Patch Tuesday are any updates to address a pair of zero-day flaws being exploited this past month in Microsoft Exchange Server.

Read more

Microsoft Patch Tuesday, August 2022 Edition

Credit to Author: BrianKrebs| Date: Tue, 09 Aug 2022 23:01:10 +0000

Microsoft today released updates to fix a record 141 security vulnerabilities in its Windows operating systems and related software. Once again, Microsoft is patching a zero-day vulnerability in the Microsoft Support Diagnostics Tool (MSDT), a service built into Windows. Redmond also addressed multiple flaws in Exchange Server — including one that was disclosed publicly prior to today — and it is urging organizations that use Exchange for email to update as soon as possible and to enable additional protections.

Read more

Microsoft Patch Tuesday, July 2022 Edition

Credit to Author: BrianKrebs| Date: Wed, 13 Jul 2022 01:02:49 +0000

Microsoft today released updates to fix at least 86 security vulnerabilities in its Windows operating systems and other software, including a weakness in all supported versions of Windows that Microsoft warns is actively being exploited. The software giant also has made a controversial decision to put the brakes on a plan to block macros in Office documents downloaded from the Internet.

Read more

Microsoft Patch Tuesday, March 2022 Edition

Credit to Author: BrianKrebs| Date: Wed, 09 Mar 2022 16:22:12 +0000

Microsoft on Tuesday released software updates to plug at least 70 security holes in its Windows operating systems and related software. For the second month running, there are no scary zero-day threats looming for Windows users (that we know of), and relatively few “critical” fixes. And yet we know from experience that attackers are already trying to work out how to turn these patches into a roadmap for exploiting the flaws they fix. Here’s a look at the security weaknesses Microsoft says are most likely to be targeted first.

Read more

Microsoft Patch Tuesday, February 2022 Edition

Credit to Author: BrianKrebs| Date: Tue, 08 Feb 2022 22:38:16 +0000

Microsoft today released software updates to plug security holes in its Windows operating systems and related software. This month’s relatively light patch batch is refreshingly bereft of any zero-day threats, or even scary critical vulnerabilities. But it does fix four dozen flaws, including several that Microsoft says will likely soon be exploited by malware or malcontents.

Read more

At Request of U.S., Russia Rounds Up 14 REvil Ransomware Affiliates

Credit to Author: BrianKrebs| Date: Fri, 14 Jan 2022 22:41:34 +0000

The Russian government said today it arrested 14 people accused of working for “REvil,” a particularly aggressive ransomware group that has extorted hundreds of millions of dollars from victim organizations. The Russian Federal Security Service (FSB) said the actions were taken in response to a request from U.S. officials, but many experts believe the crackdown is part of an effort to reduce tensions over Russian President Vladimir Putin’s decision to station 100,000 troops along the nation’s border with Ukraine.

Read more