Jump to content

Patch Tuesday Updates (Windows)


LSW

Recommended Posts

For those of you who have never noticed, the second Tuesday of the month is so called "Patch Tuesday" where Microsoft pushes out it's patches and updates. I will be posting notifications here as a reminder when there are important ones released. Remember that one of the base ways to protect yourself from malware and hackers is to keep all your software and Operating System (OS) up to date.

Link to comment
Share on other sites

April & May 2018 Patch Tuesdays both pushed out over 30 important security patches out.

June 2018 patches include only 11 critical updates, but those 11 are just as important and should be updated immediately.

https://thehackernews.com/2018/06/microsoft-june-security-patch.html

Quote

Microsoft today released security patch updates for more than 50 vulnerabilities, affecting Windows, Internet Explorer, Edge, MS Office, MS Office Exchange Server, ChakraCore, and Adobe Flash Player—11 of which are rated critical and 39 as important in severity.

Only one of these vulnerabilities, a remote code execution flaw (CVE-2018-8267) in the scripting engine, is listed as being publicly known at the time of release. However, none of the flaws are listed as under active attack.

...

Microsoft has also addressed an important vulnerability in its Cortana Smart Assistant that could allow anyone to unlock your Windows computer. You can head on to this article to learn how the bug can be used to retrieve confidential information from a locked system and even run malicious code.

 

Link to comment
Share on other sites

  • 4 weeks later...

Patch Tuesday came again, time to update your PC:

Microsoft Releases Patch Updates for 53 Vulnerabilities In Its Software

https://thehackernews.com/2018/07/microsoft-security-patch-update.html

Quote

Microsoft today released security patch updates for 53 vulnerabilities, affecting Windows, Internet Explorer (IE), Edge, ChakraCore, .NET Framework, ASP.NET, PowerShell, Visual Studio, and Microsoft Office and Office Services, and Adobe Flash Player.


Out of 53 vulnerabilities, 17 are rated critical, 34 important, one moderate and one as low in severity.

This month there is no critical vulnerability patched in Microsoft Windows operating system and surprisingly, none of the flaw patched by the tech giant this month is listed as publicly known or under active attack.

 

Link to comment
Share on other sites

Adobe Releases Security Patch Updates For 112 Vulnerabilities

https://thehackernews.com/2018/07/adobe-patch-update-july.html

Quote

Adobe has released security patches for a total 112 vulnerabilities in its products, most of which have a higher risk of being exploited.
The vulnerabilities addressed in this month's patch Tuesday affect Adobe Flash Player, Adobe Experience Manager, Adobe Connect, Adobe Acrobat, and Reader.
None of the security vulnerabilities patched this month were either publicly disclosed or found being actively exploited in the wild.

 

Link to comment
Share on other sites

  • 1 month later...

Microsoft Releases Patches for 60 Flaws—Two Under Active Attack

https://thehackernews.com/2018/08/microsoft-patch-updates.html

Quote

...Patch Tuesday update for August 2018, patching a total of 60 vulnerabilities, of which 19 are rated as critical.

The updates patch flaws in Microsoft Windows, Edge Browser, Internet Explorer, Office, ChakraCore, .NET Framework, Exchange Server, Microsoft SQL Server and Visual Studio.

Two of these vulnerabilities patched by the tech giant is listed as publicly known and being exploited in the wild at the time of release.

According to the advisory released by Microsoft, all 19 critical-rated vulnerabilities lead to remote code execution (RCE), some of which could eventually allow attackers to take control of the affected system if exploited successfully.

Besides this, Microsoft has also addressed 39 important flaws, one moderate and one low in severity.

 

Link to comment
Share on other sites

  • 4 weeks later...

Microsoft Issues Software Updates for 17 Critical Vulnerabilities

https://thehackernews.com/2018/09/microsoft-software-updates.html

Quote

Just a few minutes ago Microsoft released its latest monthly Patch Tuesday update for September 2018, patching a total of 61 security vulnerabilities, 17 of which are rated as critical, 43 are rated Important, and one Moderate in severity.

This month's security updates patch vulnerabilities in Microsoft Windows, Edge, Internet Explorer, MS Office, ChakraCore, .NET Framework, Microsoft.Data.OData, ASP.NET, and more.

Four of the security vulnerabilities patched by the tech giant this month have been listed as "publicly known" and more likely exploited in the wild at the time of release.

 

Link to comment
Share on other sites

  • 4 weeks later...

Microsoft October Patch Tuesday Fixes 12 Critical Vulnerabilities

https://thehackernews.com/2018/10/microsoft-windows-update.html

Quote

Microsoft has just released its latest monthly Patch Tuesday updates for October 2018, fixing a total of 49 security vulnerabilities in its products.

This month's security updates address security vulnerabilities in Microsoft Windows, Edge Browser, Internet Explorer, MS Office, MS Office Services and Web Apps, ChakraCore, SQL Server Management Studio, and Exchange Server.

Out of 49 flaws patched this month, 12 are rated as critical, 35 are rated as important, one moderate, and one is low in severity.

Three of these vulnerabilities patched by the tech giant are listed as “publicly known” at the time of release, and one flaw is reported as being actively exploited in the wild.

 

Link to comment
Share on other sites

To go along with this month's M$ patches, Adobe has released some as well.

Adobe Releases Security Patch Updates for 11 Vulnerabilities

https://thehackernews.com/2018/10/adobe-security-updates.html

Quote

Adobe has released its monthly security updates to address a total of 11 vulnerabilities in Adobe Digital Editions, Framemaker, and Technical Communications Suite, of which four are rated critical and rest 7 are important in severity.

Adobe has also released updated versions for Flash Player, but surprisingly this month the software received no security patch update.

Also, none of the security vulnerabilities patched this month were either publicly disclosed or found being actively exploited in the wild.

 

  • Like 1
Link to comment
Share on other sites

  • 1 month later...

63 New Flaws (Including 0-Days) Windows Users Need to Patch Now

https://thehackernews.com/2018/11/microsoft-patch-tuesday-updates.html

Quote

It's Patch Tuesday once again…time for another round of security updates for the Windows operating system and other Microsoft products.

This month Windows users and system administrators need to immediately take care of a total of 63 security vulnerabilities, of which 12 are rated critical, 49 important and one moderate and one low in severity.

Two of the vulnerabilities patched by the tech giant this month are listed as publicly known at the time of release, and one flaw is reported as being actively exploited in the wild by multiple cybercriminal groups.

 

Link to comment
Share on other sites

  • 4 weeks later...

Microsoft Issues Patch for Windows Zero-Day Flaw Under Active Attack

https://thehackernews.com/2018/12/microsoft-patch-updates.html

Quote
Microsoft today, on its year-end December Patch Tuesday, released security updates to patch a total 39 vulnerabilities its Windows operating systems and applications—10 of which are rated as critical and other important in severity.
 
One of the security vulnerabilities patched by the tech giant this month is listed as publicly known at the time of release, and one is a zero-day reported as being actively exploited in the wild by multiple hacking groups, including FruityArmor and SandCat APTs.

 

Link to comment
Share on other sites

  • 4 weeks later...

Microsoft Patch Tuesday — January 2019 Security Updates Released

https://thehackernews.com/2019/01/windows-security-updates.html

Quote
Microsoft has issued its first Patch Tuesday for this year to address 49 CVE-listed security vulnerabilities in its Windows operating systems and other products, 7 of which are rated critical, 40 important and 2 moderate in severity.
 
Just one of the security vulnerabilities patched by the tech giant this month has been reported as being publicly known at the time of release, and none are being actively exploited in the wild.
 
All the seven critical-rated vulnerabilities lead to remote code execution and primarily impact various versions of Windows 10 and Server editions.

 

Link to comment
Share on other sites

  • 1 month later...

Microsoft Patch Tuesday — February 2019 Update Fixes 77 Flaws

https://thehackernews.com/2019/02/microsoft-patch-tuesday-february.html

Quote

Microsoft has issued its second Patch Tuesday for this year to address a total of 77 CVE-listed security vulnerabilities in its Windows operating systems and other products, 20 of which are rated critical, 54 important and 3 moderate in severity.

 
February security update addresses flaws in Adobe Flash Player, Internet Explorer, Edge, Windows, MS Office, and Office Services and Web Apps, ChakraCore, .NET Framework, Exchange Server, Visual Studio, Azure IoT SDK, Dynamics, Team Foundation Server, and Visual Studio Code.
 
Four of the security vulnerabilities patched by the tech giant this month have been reported as being publicly known at the time of release, and one is being actively exploited in the wild.

 

Link to comment
Share on other sites

  • 4 weeks later...

Pre-Patch Tuesday:

Windows 10 Now Automatically Uninstalls Updates That Cause Problems

https://thehackernews.com/2019/03/windows-buggy-updates.html

Quote

 

Do you always think twice before installing Windows updates worrying that it could crash your system or leave it non-working the day after Patch Tuesdays?
 
Don't worry.
 
Microsoft has addressed this issue by adding a safety measure that would from now onwards automatically uninstall buggy software updates installed on your system if Windows 10 detects a startup failure, which could be due to incompatibility or issues in new software.

 

 

Link to comment
Share on other sites

Microsoft Releases Patches for 64 Flaws — Two Under Active Attack

https://thehackernews.com/2019/03/microsoft-windows-security-updates.html

Quote

 

Microsoft today released its March 2019 software updates to address a total of 64 CVE-listed security vulnerabilities in its Windows operating systems and other products, 17 of which are rated critical, 45 important, one moderate and one low in severity.
 
The update addresses flaws in Windows, Internet Explorer, Edge, MS Office, and MS Office SharePoint, ChakraCore, Skype for Business, and Visual Studio NuGet.
 
Four of the security vulnerabilities, all rated important, patched by the tech giant this month were disclosed publicly, of which none were found exploited in the wild.

 

 

Link to comment
Share on other sites

  • 4 weeks later...

Microsoft Releases April 2019 Security Updates — Two Flaws Under Active Attack

https://thehackernews.com/2019/04/microsoft-patch-updates.html

Quote

 

Microsoft today released its April 2019 software updates to address a total of 74 CVE-listed vulnerabilities in its Windows operating systems and other products, 13 of which are rated critical and rest are rated Important in severity.
 
April 2019 security updates address flaws in Windows OS, Internet Explorer, Edge, MS Office, and MS Office Services and Web Apps, ChakraCore, Exchange Server, .NET Framework and ASP.NET, Skype for Business, Azure DevOps Server, Open Enclave SDK, Team Foundation Server, and Visual Studio.
 
None of the vulnerabilities addressed this month by the tech giant were disclosed publicly at the time of release, leaving the two recently disclosed zero-day flaws in Internet Explorer and Edge browsers still open for hackers.

 

 

Link to comment
Share on other sites

  • 1 month later...

Microsoft Releases Patches For A Critical 'Wormable Flaw' and 78 Other Issues

https://thehackernews.com/2019/05/microsoft-security-updates.html

Quote

 

It's Patch Tuesday—the day when Microsoft releases monthly security updates for its software.
 
Microsoft has software updates to address a total of 79 CVE-listed vulnerabilities in its Windows operating systems and other products, including a critical wormable flaw that can propagate malware from computer to computer without requiring users' interaction.
 
Out of 79 vulnerabilities, 18 issues have been rated as critical and rest Important in severity. Two of the vulnerabilities addressed this month by the tech giant are listed as publicly known, of which one is listed as under active attack at the time of release.
 
May 2019 security updates address flaws in Windows OS, Internet Explorer, Edge, Microsoft Office, and Microsoft Office Services and Web Apps, ChakraCore, .NET Framework, and ASP.NET, Skype for Android, Azure DevOps Server, and the NuGet Package Manager.

 

 

Link to comment
Share on other sites

Windows 10 Update Bricks PCs, Microsoft Offers Work-a-rounds

https://threatpost.com/windows-10-update-bricks-pcs/144897/

Quote

 

Microsoft has acknowledged that a Windows 10 bug is causing some users’ systems to freeze after using their System Restore feature.
 
The issue arose after users complained that when they updated Windows 10 and attempted to restart their system, they were met with a “Stop error” that blocked them from booting up. Microsoft for its part said in its advisory that “this is a known issue in Windows 10” and offered workarounds to the problem.
 
“In this scenario, the system is not restored to the ‘R1’ restore point. Instead, the computer experiences a Stop error (0xc000021a). You restart the computer, but the system cannot return to the Windows desktop,” according to a Friday Microsoft advisory.

 

 

Link to comment
Share on other sites

  • 3 weeks later...

Microsoft Releases June 2019 Security Updates to Patch 88 Vulnerabilities

https://thehackernews.com/2019/06/windows-june-updates.html

Quote

This month's security updates include patches for a total of 88 vulnerabilities, 21 are rated Critical, 66 are Important, and one is rated Moderate in severity.

The June 2019 updates include patches Windows OS, Internet Explorer, Microsoft Edge browser, Microsoft Office and Services, ChakraCore, Skype for Business, Microsoft Lync, Microsoft Exchange Server, and Azure.

Four of the security vulnerabilities, all rated important and could allow attackers to escalate privileges, patched by the tech giant this month were disclosed publicly, of which none were found exploited in the wild.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
×
×
  • Create New...