October 11, 2022—KB5018419 (OS Build 17763.3532) - EXPIRED

October 11, 2022—KB5018419 OS Build 17763.3532 - EXPIRED EXPIRATION NOTICEIMPORTANT - As of March 31, 2026, this update is no longer available from the Microsoft Update Catalog or other release channels. We recommend that you update your devices to the latest version of Windows. 10/11/22 REMINDER...

Microsoft Mitigates Azure Site Recovery Vulnerabilities

Summary Microsoft recently mitigated a set of vulnerabilities in Azure Site Recovery ASR and released fixes today, July 12, as part of our regular Update Tuesday cycle. These vulnerabilities affect all ASR on-premises customers using a VMware/Physical to Azure scenario and are fixed in the latest...

September 14, 2021—KB5005627 (Security-only update)

September 14, 2021—KB5005627 Security-only update Summary Learn more about this security update, including improvements and fixes, any known issues, and how to get the update. Important: Windows 8.1 and Windows Server 2012 R2 have reached the end of mainstream support and are now in extended...

April 2021 Update Tuesday packages now available

Today is Update Tuesday – our commitment to provide a predictable monthly schedule to release updates and provide the latest protection to our customers. Update Tuesday is a monthly cycle when Microsoft releases patches for vulnerabilities that we have found proactively or that have been disclose...

April 2021 Update Tuesday packages now available

Update August 25, 2021: Microsoft strongly recommends that you update your servers with the most recent security updates available. CVE-2021-34473 ProxyShell CVE-2021-34523 ProxyShell CVE-2021-33766 Today is Update Tuesday – our commitment to provide a predictable monthly schedule to release...

April 2021 Update Tuesday packages now available

Update August 25, 2021: Microsoft strongly recommends that you update your servers with the most recent security updates available. CVE-2021-34473 ProxyShell CVE-2021-34523 ProxyShell CVE-2021-33766 Today is Update Tuesday – our commitment to provide a predictable monthly schedule to release...

Type 1 Font Parsing Remote Code Execution Vulnerability

Microsoft has become aware of limited targeted Windows 7 based attacks that could leverage un-patched vulnerabilities in the Adobe Type Manager Library, and is providing the following guidance to help reduce customer risk until the security update is released. We appreciate the efforts of our...

April 2019 Security Update Release

Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Security Update Guide. Tags Security Advisory Securi...

Inside the MSRC– The Monthly Security Update Releases

For the second in this series of blog entries we want to look into which vulnerability reports make it into the monthly release cadence. It may help to start with some history. In September 2003 we made a change from a release anytime approach to a mostly predictable, monthly release cadence...

May 2015 Updates

Today, as part of Update Tuesday, we released 13 security bulletins. We encourage customers to apply all of these updates. For more information about this month’s security updates, including a detailed view of the Exploitability Index XI, visit the Microsoft Bulletin Summary webpage. If you are n...

April 2015 Updates

Today, as part of Update Tuesday, we released 11 security bulletins. We encourage customers to apply all of these updates. For more information about this month’s security updates, including the detailed view of the Exploitability Index XI, visit the Microsoft Bulletin Summary webpage. If you are...

January 2015 Updates

Today, as part of Update Tuesday, we released eight security updates– one rated Critical and seven rated Important in severity, to address eight unique Common Vulnerabilities and Exposures CVEs in Microsoft Windows. We encourage you to apply all of these updates. For more information about this...

December 2014 Updates

Today, as part of Update Tuesday, we released seven security updates – three rated Critical and four rated Important in severity, to address 24 unique Common Vulnerabilities and Exposures CVEs in Microsoft Windows, Internet Explorer IE, Office and Exchange. We encourage you to apply all of these...

November 2014 Updates

Today, as part of Update Tuesday, we released 14 security updates – four rated Critical, nine rated Important, and two rated Moderate, to address 33 Common Vulnerabilities and Exposures CVEs in Microsoft Windows, Internet Explorer IE, Office, .NET Framework, Internet Information Services IIS,...

October 2014 Updates

Today, as part of Update Tuesday, we released eight securityupdates – three rated Critical and five rated Important - to address 24 Common Vulnerabilities & Exposures CVEs in Windows, Office, .NET Framework, .ASP.NET, and Internet Explorer IE. We encourage you to apply all of these updates, but f...

August 2014 Security Updates

Today, as part of Update Tuesday, we released nine securityupdates – two rated Critical and seven rated Important – to address 37 Common Vulnerabilities & Exposures CVEs in SQL Server, OneNote, SharePoint, .NET, Windows and Internet Explorer IE. We encourage you to apply all of these updates, but...

ActiveX Control issue being addressed in Update Tuesday

Late last Friday, November 8, 2013, a vulnerability, CVE-2013-3918, affecting an Internet Explorer ActiveX Control was publically disclosed. We have confirmed that this vulnerability is an issue already scheduled to be addressed in “Bulletin 3”, which will be released as MS13-090, as listed in th...