Microsoft Patch Tuesday for May 2023 — Fewest vulnerabilities disclosed in a month in three-plus years

Microsoft disclosed 40 vulnerabilities across its suite of products and software Tuesday, the fewest the companys included in a Patch Tuesday since December 2019. However, two of the vulnerabilities is being actively exploited in the wild, according to Microsoft, the fourth month in a row in whic...

Microsoft Patch Tuesday April 2023: CLFS EoP, Word RCE, MSMQ QueueJumper RCE, PCL6, DNS, DHCP

Microsoft Patch Tuesday April 2023: CLFS EoP, Word RCE, MSMQ QueueJumper RCE, PCL6, DNS, DHCP. Hello everyone! This episode will be about Microsoft Patch Tuesday for April 2023, including vulnerabilities that were added between March and April Patch Tuesdays. Alternative video link for Russia:...

Exploit for Untrusted Pointer Dereference in Microsoft

CVE-2023-21768 – AFD-for-WinSock-EoP-exploit Analysis articl...

Oracle Patch Tuesday April 2023 Security Update Review

Oracle has released the second quarterly edition of Critical Patch Update, which contains a group of patches for 433 security vulnerabilities. Some of the vulnerabilities addressed this month impact various products. These patches address vulnerabilities in Oracle code and third-party components...

Akamai’s Perspective on April’s Patch Tuesday 2023

...

Microsoft April 2023 Patch Tuesday Highlights: everything you need to know

Detect and mitigate CVE-2023-28252, EoP vulnerability exploited in the wild, and CVE-2023-21554, a critical RCE vulnerability. Organizations should patch urgently...

Threat Source newsletter (April 13, 2023) — Dark web forum whac-a-mole

Welcome to this weeks edition of the Threat Source newsletter. Law enforcement organizations across the globe notched a series of wins over the past few weeks against online forums for cybercriminals. On March 23, the FBI announced it disrupted the online cybercriminal marketplace BreachForums,...

Microsoft Addresses Zero-Day and Wormable Vulnerabilities

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Microsofts April 2023 Patch Tuesday and security updates address one actively exploited the zero-day vulnerability and a total of 97 flaws, consisting of 7 critical and 90 important vulnerabilitie...

Update now! April’s Patch Tuesday includes a fix for one zero-day

Its Patch Tuesday again. Microsoft and other vendors have released their monthly updates. Among a total of 97 patched vulnerabilities there is one actively exploited zero-day. Microsoft classifies a vulnerability as a zero-day if it is publicly disclosed or actively exploited with no official fix...

Microsoft and Adobe Patch Tuesday April 2023 Security Update Review

Microsoft released security updates to address 114 vulnerabilities in the April Patch Tuesday edition. The security advisories cover various vulnerabilities in different products, features, and roles. Lets know more about this months Patch Tuesday details. Microsoft Patch Tuesday for April 2023...

Patch Tuesday - April 2023

Microsoft is offering fixes for 114 vulnerabilities for April 2023 Patch Tuesday. This month’s haul includes a single zero-day vulnerability, as well as seven critical Remote Code Execution RCE vulnerabilities. There is a strong focus on fixes for Windows OS this month. Zero-day vulnerability: CL...

Microsoft Patch Tuesday for April 2023 — Snort rules and prominent vulnerabilities

Microsoft released its monthly round of security updates and patches today, continuing its trend of fixing zero-day vulnerabilities on Patch Tuesday. Aprils security update includes one vulnerability thats actively being exploited in the wild. There are also eight critical vulnerabilities and the...

Nokoyawa ransomware attacks with Windows zero-day

Updated April 20, 2023 In February 2023, Kaspersky technologies detected a number of attempts to execute similar elevation-of-privilege exploits on Microsoft Windows servers belonging to small and medium-sized businesses in the Middle East, in North America, and previously in Asia regions. These...

Microsoft Patch Tuesday March 2023: Outlook EoP, MOTW Bypass, Excel DoS, HTTP/3 RCE, ICMP RCE, RPC RCE

Hello everyone! This episode will be about Microsoft Patch Tuesday for March 2023, including vulnerabilities that were added between February and March Patch Tuesdays. Alternative video link for Russia: As usual, I use my open source Vulristics project to analyse and prioritize vulnerabilities. I...

Microsoft Warns of Stealthy Outlook Vulnerability Exploited by Russian Hackers

Microsoft on Friday shared guidance to help customers discover indicators of compromise IoCs associated with a recently patched Outlook vulnerability. Tracked as CVE-2023-23397 CVSS score: 9.8, the critical flaw relates to a case of privilege escalation that could be exploited to steal NT LAN...

Akamai’s Perspective on March’s Patch Tuesday 2023

...

CVE-2023-23397: The Notification Sound You Don’t Want to Hear

CVE-2023-23397: The Notification Sound You Don’t Want to Hear By Mark Bereza · March 17, 2023 This story was also written by John Dunlap. Overview During the March "Patch Tuesday" security update, a new Outlook security vulnerability was revealed as being exploited in the wild. This is a serious...

Microsoft fixed 83 vulnerabilities including two zero-day vulnerabilities

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Microsoft has released its March 2023 Patch Tuesday update, addressing a total of 83 vulnerabilities, including 9 critical, 70 important, 1 moderate, and 3 other vulnerabilities...

Microsoft Rolls Out Patches for 80 New Security Flaws — Two Under Active Attack

Microsoft's Patch Tuesday update for March 2023 is rolling out with remediations for a set of 80 security flaws, two of which have come under active exploitation in the wild. Eight of the 80 bugs are rated Critical, 71 are rated Important, and one is rated Moderate in severity. The updates are in...

Microsoft Rolls Out Patches for 80 New Security Flaws — Two Under Active Attack

Microsoft's Patch Tuesday update for March 2023 is rolling out with remediations for a set of 80 security flaws, two of which have come under active exploitation in the wild. Eight of the 80 bugs are rated Critical, 71 are rated Important, and one is rated Moderate in severity. The updates are in...