Microsoft has covered the memory-mapped I/O vulnerabilities known as Processor MMIO Stale Data Vulnerabilities that was published by Intel on June 14, 2022. These vulnerabilities are: CVE-2022-21123 – Shared Buffer Data Read (SBDR) CVE-2022-21125 – Shared Buffer Data Sampling (SBDS) CVE-2022-21127 – Special Register Buffer Data Sampling Update (SRBDS Update) CVE-2022-21166 – Device Register Partial Write (DRPW) … Continue reading “Microsoft Releases Patches for the Intel Processor MMIO Stale Data Vulnerabilities in June 2022 Patch Tuesday”
Tag: Patch Tuesday
Microsoft Patches 55 Vulnerabilities Including One Zero-day and Three Critical in the June 2022 Patch Tuesday
Microsoft released a new set of security patches with the June 2022 Patch Tuesday edition. In this month’s security advisory, Microsoft patched a total of 55 vulnerabilities including the Windows MSDT ‘Follina’ zero-day vulnerability (CVE-2022-30190). Out of these 55 vulnerabilities, three vulnerabilities were classified as Critical as they allow Remote Code Execution (RCE). Microsoft … Continue reading “Microsoft Patches 55 Vulnerabilities Including One Zero-day and Three Critical in the June 2022 Patch Tuesday”
Microsoft Patches 75 Vulnerabilities Including 3 Zero-days and 8 Rated as Critical in May 2022 Patch Tuesday
Microsoft has released the new set of security patches in the Patch Tuesday, May 2022 edition. This Patch Tuesday security advisory addressed 75 vulnerabilities including one advisory (ADV220001) for Azure in response to CVE-2022-29972, a publicly exposed Zero-Day Remote Code Execution (RCE) Vulnerability. Out of these 75 vulnerabilities, eight are classified as Critical. This … Continue reading “Microsoft Patches 75 Vulnerabilities Including 3 Zero-days and 8 Rated as Critical in May 2022 Patch Tuesday”
Oracle Releases 520 Security Patches for Various Oracle Product Families in April 2022 Patch Tuesday
Oracle has released a critical patch update for multiple vulnerabilities in its April 2022 Patch Tuesday. This patch update consists of 520 security patches in various Oracle product families. Out of these 520 security patches, 415 are for non-Oracle CVEs that include fixes for security issues in third-party products that are exploitable in the … Continue reading “Oracle Releases 520 Security Patches for Various Oracle Product Families in April 2022 Patch Tuesday”
Microsoft Patches 145 Vulnerabilities with 10 rated as Critical and Two Zero-Days in April 2022 Patch Tuesday
Microsoft has released security fixes for several vulnerabilities including patches for zero-day vulnerabilities in its April 2022 Patch Tuesday. Microsoft addresses 145 vulnerabilities in their April 2022 Patch Tuesday release. Out of these 145 vulnerabilities, 10 are rated as critical. The release also includes fixes for two zero-day vulnerabilities out of which one is known … Continue reading “Microsoft Patches 145 Vulnerabilities with 10 rated as Critical and Two Zero-Days in April 2022 Patch Tuesday”
Microsoft Patches 92 Vulnerabilities in March 2022 Patch Tuesday including 3 Zero-days
Microsoft has released security fixes for several vulnerabilities including patches for zero-day vulnerabilities in its March 2022 Patch Tuesday. Microsoft addresses 92 vulnerabilities in their March 2022 Patch Tuesday release. Out of these 92 vulnerabilities, three (3) are rated as critical. The release also includes fixes for three (3) publicly disclosed zero-day vulnerabilities. As of … Continue reading “Microsoft Patches 92 Vulnerabilities in March 2022 Patch Tuesday including 3 Zero-days”
Microsoft addresses 70 vulnerabilities in February 2022 Patch Tuesday
Microsoft addresses 70 vulnerabilities in their February 2022 Patch Tuesday release. While none of the vulnerabilities in this month’s Microsoft release cycle have been assigned as critical risk, several have been given a high-risk rating (CVSSv3.1 score of 7.0 – 8.9). As of this writing, none of this month’s list of vulnerabilities is known to … Continue reading “Microsoft addresses 70 vulnerabilities in February 2022 Patch Tuesday”
Microsoft Windows security update for January 2022 addresses 126 Vulnerabilities with 9 rated as Critical
Microsoft patched 126 vulnerabilities in their January 2022 Patch Tuesday release. Out of these, nine are rated as critical severity. As of this writing, none of the 126 vulnerabilities are known to be actively exploited. Microsoft has fixed problems in their software including Remote Code Execution (RCE) vulnerabilities, privilege escalation security flaws, spoofing bugs, … Continue reading “Microsoft Windows security update for January 2022 addresses 126 Vulnerabilities with 9 rated as Critical”
Microsoft Windows security update for October 2021 addresses four zero-days and 71 flaws
Microsoft October 2021 patch Tuesday has arrived with the latest updates! In this month’s security update, Microsoft has fixed a total of 74 flaws including four zero-day vulnerabilities. Out of these 74 vulnerabilities, three are classified as Critical, 70 as Important, and one as Low. This update covers the products such as Microsoft Office, Exchange Server, MSHTML, Visual Studio, and the Edge … Continue reading “Microsoft Windows security update for October 2021 addresses four zero-days and 71 flaws”
Microsoft Windows Critical RCE Vulnerability – Bad Neighbor (CVE-2020-16898)
Multiple vulnerabilities were addressed in Microsoft Patch Tuesday, October 2020. This blog discusses the most critical one out of them – CVE-2020-16898, which makes TCP/IP driver of Windows vulnerable. It eventually causes Denial of Service (DoS) and is said to be a potential Remote Code Execution (RCE), if mixed with other exploits. This CVE is … Continue reading “Microsoft Windows Critical RCE Vulnerability – Bad Neighbor (CVE-2020-16898)”