Microsoft and Adobe Patch Tuesday, July 2025 Security Update Review

With cybersecurity threats continuing to evolve, Microsoft's July 2025 Patch Tuesday highlights the need for consistent patching — this month's release includes key fixes for actively exploited vulnerabilities. Here's a quick breakdown of what you need to know. Microsoft Patch Tuesday for July 20...

A week in security (June 9 – June 15)

Last week on Malwarebytes Labs: Been scammed online? Here’s what to do How and where to report an online scam Google bug allowed phone number of almost any user to be discovered 44% of people encounter a mobile scam every single day, Malwarebytes finds GirlsDoPorn owner faces life in jail after...

Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Interaction

A novel attack technique named EchoLeak has been characterized as a "zero-click" artificial intelligence AI vulnerability that allows bad actors to exfiltrate sensitive data from Microsoft 365 M365 Copilot's context sans any user interaction. The critical-rated vulnerability has been assigned the...

Microsoft Patch Tuesday for June 2025 — Snort rules and prominent vulnerabilities

Update 6/12/2025: Microsoft released an additional CVE CVE-2025-32717 . Details and SIDs have been reflected to include this additional vulnerability. Microsoft has released its monthly security update for June 2025, which includes 66 vulnerabilities affecting a range of products, including 10 th...

Patch Tuesday - June 2025

Microsoft is addressing 67 vulnerabilities this June 2025 Patch Tuesday. Microsoft has evidence of in-the-wild exploitation for just one of the vulnerabilities published today, and that is reflected in CISA KEV. Separately, Microsoft is aware of existing public disclosure for one other freshly...

May Microsoft Patch Tuesday

May Microsoft Patch Tuesday. A total of 93 vulnerabilities - about 1.5 times fewer than in April. Of these, 22 were added between the April and May MSPT. There are 5 vulnerabilities show signs of in-the-wild exploitation: EoP - Microsoft DWM Core Library CVE-2025-30400 EoP - Windows CLFS Driver...

Patch Tuesday - May 2025

Microsoft is addressing 77 vulnerabilities this May 2025 Patch Tuesday. Microsoft has evidence of in-the-wild exploitation for five of the vulnerabilities published today, and these are already reflected in CISA KEV. Separately, Microsoft is aware of existing public disclosure for two...

Microsoft Patch Tuesday for May 2025 — Snort rules and prominent vulnerabilities

Microsoft has released its monthly security update for May of 2025 which includes 78 vulnerabilities affecting a range of products, including 11 that Microsoft marked as "critical". Microsoft noted five vulnerabilities that have been observed to be exploited in the wild. CVE-2025-30397 is a remot...

About Spoofing – Windows NTLM (CVE-2025-24054) vulnerability

About Spoofing - Windows NTLM CVE-2025-24054 vulnerability. It was patched in the March Microsoft Patch Tuesday. VM vendors didn't mention this vulnerability in their reviews; it was only known to be exploited via user interaction with a malicious file. A month later, on April 16, Check Point...

A week in security (April 7 – April 13)

Last week on Malwarebytes Labs: The Pall Mall Pact and why it matters Child predators are lurking on dating apps, warns report Your 23andMe genetic data could be bought by China, senator warns WhatsApp for Windows vulnerable to attacks. Update now! Man accused of using keylogger to spy on...

April Microsoft Patch Tuesday

April Microsoft Patch Tuesday. A total of 153 vulnerabilities, 2 times more than in March. Of these, 32 were added between the March and April MSPTs. Three vulnerabilities show signs of exploitation in the wild: EoP - Windows Common Log File System Driver CVE-2025-29824. An attacker can gain SYST...

Patch Tuesday - April 2025

Microsoft is addressing 121 vulnerabilities this April 2025 Patch Tuesday, which is more than twice as many as last month. Microsoft has evidence of in-the-wild exploitation for just one of the vulnerabilities published today, which is already reflected in CISA KEV. Once again, Microsoft has...

Microsoft and Adobe Patch Tuesday, April 2025 Security Update Review

Microsoft's April 2025 Patch Tuesday has arrived, delivering critical security updates and fixes across the various products, features, and roles. Here's a quick breakdown of what you need to know. Microsoft Patch Tuesday for April 2025 In this month's Patch Tuesday, April 2025 edition, Microsoft...

Microsoft Patch Tuesday for April 2025 — Snort rules and prominent vulnerabilities

Microsoft has released its monthly security update for April of 2025 which includes 126 vulnerabilities affecting a range of products, including 11 that Microsoft marked as "critical". In this month's release, none of the included vulnerabilities have been observed by Microsoft to be exploited in...

About Elevation of Privilege – Windows Cloud Files Mini Filter Driver (CVE-2024-30085) vulnerability

About Elevation of Privilege - Windows Cloud Files Mini Filter Driver CVE-2024-30085 vulnerability. cldflt.sys is a Windows Cloud Files Mini Filter driver responsible for representing cloud-stored files and folders as if they were located on the local machine. The vulnerability in this driver,...

March 2025 Patch Tuesday: Microsoft Fixes 57 Vulnerabilities, 7 Zero-Days

Microsoft's March 2025 Patch Tuesday fixes six actively exploited zero-day vulnerabilities, including critical RCE and privilege escalation flaws. Learn how these vulnerabilities impact Windows systems and why immediate patching is essential...

March Microsoft Patch Tuesday

March Microsoft Patch Tuesday. 77 CVEs, 20 of which were added during the month. 7 vulnerabilities with signs of exploitation in the wild: RCE - Windows Fast FAT File System Driver CVE-2025-24985 RCE - Windows NTFS CVE-2025-24993 SFB - Microsoft Management Console CVE-2025-26633 EoP - Windows Win...

Patch Tuesday - March 2025

Microsoft is addressing 57 vulnerabilities this March 2025 Patch Tuesday, which is a similar volume to last month. However, Microsoft has evidence of in-the-wild exploitation for as many as six of the vulnerabilities published today, and CISA KEV already lists all of them. Microsoft is also aware...

Patch Tuesday - March 2025

Microsoft is addressing 57 vulnerabilities this March 2025 Patch Tuesday, which is a similar volume to last month. However, Microsoft has evidence of in-the-wild exploitation for as many as six of the vulnerabilities published today, and CISA KEV already lists all of them. Microsoft is also aware...

Microsoft and Adobe Patch Tuesday, March 2025 Security Update Review

March 2025 Patch Tuesday is here, and Microsoft has rolled out critical security updates that address multiple vulnerabilities across its product suite. Here’s a quick breakdown of what you need to know. Microsoft Patch Tuesday for March 2025 Microsoft Patch's Tuesday, March 2025 edition addresse...