Microsoft Issues Patches for SharePoint Zero-Day and 168 Other New Vulnerabilities

Microsoft on Tuesday released updates to address a record 169 security flaws across its product portfolio, including one vulnerability that has been actively exploited in the wild. Of these 169 vulnerabilities, 157 are rated Important, eight are rated Critical, three are rated Moderate, and one i...

Patch Tuesday, April 2026 Edition

Microsoft today pushed software updates to fix a staggering 167 security vulnerabilities in its Windows operating systems and related software, including a SharePoint Server zero-day and a publicly disclosed weakness in Windows Defender dubbed "BlueHammer." Separately, Google Chrome fixed its...

Microsoft and Adobe Patch Tuesday, April 2026 Security Update Review

April 2026's Patch Tuesday arrives with Microsoft addressing a fresh set of vulnerabilities across its ecosystem, reinforcing the ongoing need for timely patching in an increasingly threat-heavy landscape. Here's a quick breakdown of what you need to know. Microsoft Patch Tuesday for April 2026...

Microsoft多款产品 安全漏洞

Microsoft Visual Studio is a product of the American company Microsoft. Microsoft Visual Studio is a series of development toolkits, and it also constitutes a complete set of development tools. The Microsoft .NET Framework is a comprehensive and consistent programming model, and it serves as a...

March "In the Trend of VM" (#25): once again, vulnerabilities are only in Microsoft products

March "In the Trend of VM" 25: once again, vulnerabilities are only in Microsoft products. I present the traditional monthly roundup of trending vulnerabilities according to Positive Technologies. As in February, it turned out to be quite compact and focused on a single vendor. 🗞 Post on Habr rus...

KLA90926 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Security Update. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, bypass security restrictions, obtain sensitive information, cause denial of service, spoof user interface. Below is a...

Microsoft Patch Tuesday for October 2025 — Snort rules and prominent vulnerabilities

Microsoft has released its monthly security update for October 2025, addressing 175 Microsoft CVEs and 21 non-Microsoft CVEs. Among these, 17 vulnerabilities are considered critical and 11 are flagged as important and considered more likely to be exploited. Current intelligence shows that three o...

EUVD-2024-19062

Malicious code in bioql PyPI...

Microsoft Patch Tuesday for August 2025 — Snort rules and prominent vulnerabilities

Microsoft has released its monthly security update for August 2025, which includes 111 vulnerabilities affecting a range of products, including 13 that Microsoft marked as "critical". In this month's release, Microsoft observed none of the included vulnerabilities being actively exploited in the...

Microsoft Patches 130 Vulnerabilities, Including Critical Flaws in SPNEGO and SQL Server

For the first time in 2025, Microsoft's Patch Tuesday updates did not bundle fixes for exploited security vulnerabilities, but the company acknowledged one of the addressed flaws had been publicly known. The patches resolve a whopping 130 vulnerabilities, along with 10 other non-Microsoft CVEs th...

Microsoft Patches 67 Vulnerabilities Including WEBDAV Zero-Day Exploited in the Wild

Microsoft has released patches to fix 67 security flaws, including one zero-day bug in Web Distributed Authoring and Versioning WebDAV that it said has come under active exploitation in the wild. Of the 67 vulnerabilities, 11 are rated Critical and 56 are rated Important in severity. This include...

June Microsoft Patch Tuesday

June Microsoft Patch Tuesday. A total of 81 vulnerabilities, roughly the same as in May. Among them, 15 vulnerabilities were added between the May and June MSPT. There are 3 vulnerabilities with signs of exploitation in the wild: RCE - WEBDAV/Internet Shortcut Files CVE-2025-33053. For successful...

Description of the security update for SharePoint Server 2019 Language Pack: June 10, 2025 (KB5002727)

Description of the security update for SharePoint Server 2019 Language Pack: June 10, 2025 KB5002727 Summary This security update resolves a Microsoft Word remote code execution vulnerability. To learn more about the vulnerability, see the following security advisories: Microsoft Common...

Description of the security update for Excel 2016: June 10, 2025 (KB5002735)

Description of the security update for Excel 2016: June 10, 2025 KB5002735 Summary This security update resolves a Microsoft Excel remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2025-47165. Note: To apply this...

Patch Tuesday - May 2025

Microsoft is addressing 77 vulnerabilities this May 2025 Patch Tuesday. Microsoft has evidence of in-the-wild exploitation for five of the vulnerabilities published today, and these are already reflected in CISA KEV. Separately, Microsoft is aware of existing public disclosure for two...

March episode “In the Trend of VM” (#13): vulnerabilities of Microsoft, PAN-OS, СommuniGate and who should patch hosts with deployed application

March episode "In the Trend of VM" 13: vulnerabilities of Microsoft, PAN-OS, СommuniGate and who should patch hosts with deployed application. I'm posting the translated video with a big delay, but it's better than never. Video on YouTube and LinkedIn Post on Habr rus Digest on the PT website...

Patch Tuesday - April 2025

Microsoft is addressing 121 vulnerabilities this April 2025 Patch Tuesday, which is more than twice as many as last month. Microsoft has evidence of in-the-wild exploitation for just one of the vulnerabilities published today, which is already reflected in CISA KEV. Once again, Microsoft has...

Description of the security update for SharePoint Server Subscription Edition: April 8, 2025 (KB5002705)

Description of the security update for SharePoint Server Subscription Edition: April 8, 2025 KB5002705 Summary This security update resolves a Microsoft SharePoint remote code execution vulnerability. To learn more about the vulnerability, see the following security advisories: Microsoft Common...

Description of the security update for SharePoint Server 2019: April 8, 2025 (KB5002691)

Description of the security update for SharePoint Server 2019: April 8, 2025 KB5002691 Summary This security update resolves a Microsoft SharePoint remote code execution vulnerability, Microsoft Office remote code execution vulnerability, and Microsoft Word remote code execution vulnerability. To...

Description of the security update for Office 2016: April 8, 2025 (KB5002669)

Description of the security update for Office 2016: April 8, 2025 KB5002669 Summary This security update resolves a Microsoft Office elevation of privilege vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2025-27744. Note: To apply this...