July Patch Tuesday: DNS Server, Exchange Server Vulnerabilities Cause Problems

After two relatively quiet months, July has proven to be another busy month for Microsoft security bulletins. A total of 117 bulletins were issued for various security vulnerabilities fixed in the July Patch Tuesday cycle...

Vulristics: Microsoft Patch Tuesdays Q2 2021

Hello everyone! Lets now talk about Microsoft Patch Tuesday vulnerabilities for the second quarter of 2021. April, May and June. Not the most exciting topic, I agree. I am surprised that someone is reading or watching this. For me personally, this is a kind of tradition. Plus this is an opportuni...

Microsoft Issues Emergency Patch for Windows Flaw

Microsoft on Tuesday issued an emergency software update to quash a security bug thats been dubbed "PrintNightmare," a critical vulnerability in all supported versions of Windows that is actively being exploited. The fix comes a week ahead of Microsofts normal monthly Patch Tuesday release, and...

Microsoft Urges Azure Users to Update PowerShell to Patch RCE Flaw

Microsoft is urging Azure users to update the PowerShell command-line tool as soon as possible to protect against a critical remote code execution vulnerability impacting .NET Core. The issue, tracked as CVE-2021-26701 CVSS score: 8.1, affects PowerShell versions 7.0 and 7.1 and have been...

Researchers Leak PoC Exploit for a Critical Windows RCE Vulnerability

A proof-of-concept PoC exploit related to a remote code execution vulnerability affecting Windows Print Spooler and patched by Microsoft earlier this month was briefly published online before being taken down. Identified as CVE-2021-1675, the security issue could grant remote attackers full contr...

InsightVM Release Announcement: Global Dashboard Filters

InsightVM users have been able to create dashboards, add different visualizations in the form of cards and apply filters to these cards. Rapid7 also provided dashboard templates which enabled users to create views focusing on scenarios such as Microsoft’s Patch Tuesday, identifying and assessing...

Microsoft Patch Tuesday Fixes 6 In-The-Wild Exploits

Microsoft jumped on 50 vulnerabilities in this month’s Patch Tuesday update, issuing fixes for CVEs in Microsoft Windows, .NET Core and Visual Studio, Microsoft Office, Microsoft Edge Chromium-based and EdgeHTML, SharePoint Server, Hyper-V, Visual Studio Code – Kubernetes Tools, Windows HTML...

Microsoft & Adobe Patch Tuesday (June 2021) – Microsoft 50 Vulnerabilities with 5 Critical, Adobe 21 Critical Vulnerabilities

Microsoft Patch Tuesday – June 2021 Microsoft patched 50 CVEs in their June 2021 Patch Tuesday release, and five of them are rated as critical severity. Six have applicable exploits. Critical Microsoft Vulnerabilities Patched CVE-2021-31985 – Microsoft Defender Remote Code Execution Vulnerability...

Microsoft Patches Six Zero-Day Security Holes

Microsoft today released another round of security updates for Windows operating systems and supported software, including fixes for six zero-day bugs that malicious hackers already are exploiting in active attacks. Junes Patch Tuesday addresses just 49 security holes -- about half the normal...

Microsoft Patch Tuesday for June 2021 — Snort rules and prominent vulnerabilities

By Jon Munshaw, with contributions from Edmund Brumaghin. Microsoft released its monthly security update Tuesday, disclosing 51 vulnerabilities across its suite of products, breaking last month’s 16-month record of the fewest vulnerabilities disclosed in a month by the company. There... This is...

New UAF Vulnerability Affecting Microsoft Office to be Patched Today

Four security vulnerabilities discovered in the Microsoft Office suite, including Excel and Office online, could be potentially abused by bad actors to deliver attack code via Word and Excel documents. "Rooted from legacy code, the vulnerabilities could have granted an attacker the ability to...

Patch Tuesday - June 2021

It is another low volume Patch Tuesday this month as Microsoft releases fixes for 50 vulnerabilities. This should not diminish the importance of speedily applying the updates. 6 of the vulnerabilities being patched this month are 0-days under active exploitation CVE-2021-31955, CVE-2021-31956,...

June Patch Tuesday: Internet Explorer Finally Laid to Rest

The June 2021 Patch Tuesday cycle offers good news to both IT and website administrators...

A week in security (May 10 – 16)

Last week on Malwarebytes Labs, we watched and reported on the Colonial Pipeline ransomware attack as developments of its story unfolded. This attack triggered the White House to refine a planned Executive Order on cybersecurity. We also profiled DarkSide, the ransomware responsible for the...

This Week in Security News May 14, 2021

May Patch Tuesday Offers Relative Respite and What We Know About DarkSide Ransomware and the US Pipeline Attack...

Latest Microsoft Windows Updates Patch Dozens of Security Flaws

Microsoft on Tuesday rolled out its scheduled monthly security update with patches for 55 security flaws affecting Windows, Exchange Server, Internet Explorer, Office, Hyper-V, Visual Studio, and Skype for Business. Of these 55 bugs, four are rated as Critical, 50 are rated as Important, and one ...

Alert: Hackers Exploit Adobe Reader 0-Day Vulnerability in the Wild

Adobe has released Patch Tuesday updates for the month of May with fixes for multiple vulnerabilities spanning 12 different products, including a zero-day flaw affecting Adobe Reader that's actively exploited in the wild. The list of updated applications includes Adobe Experience Manager, Adobe...

Patch Tuesday - May 2021

Here we are again with another installment of Patch Tuesday. When compared to the past few months this one feels a bit light both in severity and number of vulnerabilities addressed. Microsoft has only released patches for 55 CVEs this month, less than half of the usual volume, with only 4 of the...

Microsoft & Adobe Patch Tuesday (May 2021) – Qualys covers 85 Vulnerabilities, 26 Critical

Microsoft Patch Tuesday – May 2021 Microsoft patched 55 CVEs in their May 2021 Patch Tuesday release, of which 4 are rated as critical severity. Three 0-day vulnerability patches were included in the release. As of this publication date, none have been exploited. Qualys released 12 QIDs on the sa...

Patch Tuesday Dashboard Template Release

We know that many security teams rely on Microsoft’s patch cycle to remediate vulnerabilities in their environments. However, every month , Patch Tuesday introduces numerous vulnerabilities and their solutions that apply to many, if not nearly all, devices. Keeping up with the deployment of these...