Content Paint
Search
Sign in
Membership

Patch Tuesday

Security  | Feb 15, 2023
Microsoft’s Valentine’s Day gift: Patches for 3 CVEs being exploited
Microsoft’s Valentine’s Day gift: Patches for 3 CVEs being exploited

February’s Patch Tuesday brings the post-Valentine’s Day hangover of 75 bug fixes from Microsoft including three for CVEs known to be exploited in the wild: CVE-2023-21715,   CVE-2023-23376 , and CVE-2023-21823. Strikingly, more than half of the bugs fixed this month are remote code execution (RCE) vulnerabilities. (A record 26,

Security  | Jan 10, 2023
Gird your loins: Patch Tuesday’s back
Gird your loins: Patch Tuesday’s back

It’s that time of the month again: Microsoft has pushed out 98 security patches for January’s Patch Tuesday: 11 are critical, one CVE-2023-21674  is being actively exploited and another gives unauthenticated remote access to your SharePoint Server – and requires not just the patch but a “SharePoint upgrade action”

Security  | Dec 14, 2022
2022's last Patch Tuesday brings Citrix, VMware, MSFT zero days
2022's last Patch Tuesday brings Citrix, VMware, MSFT zero days

Critical Citrix, VMware, Microsoft vulnerabilities all need patching

Security  | Nov 09, 2022
Patch Tuesday: MSFT key storage bug exploited, gives SYSTEM
Patch Tuesday: MSFT key storage bug exploited, gives SYSTEM

Six MSFT vulns being actively exploited. Get patchin'

Security  | Oct 12, 2022
This Azure bug is a perfect CVSS 10, gives you control over K8s clusters
This Azure bug is a perfect CVSS 10, gives you control over K8s clusters

A critical vulnerability in an Azure tool that lets users manage Kubernetes clusters can be exploited remotely without authentication to gain administrative control over Kubernetes clusters, as well as Azure edge devices. The vulnerability, allocated a maximum possible CVSS (severity rating) score of 10 has been allocated CVE-2022-37968. It is

Security  | Sep 14, 2022
Patch Tuesday: Critical Windows TCP/IP vuln allows bad packets to gain pre-auth RCE, plus 0day
Patch Tuesday: Critical Windows TCP/IP vuln allows bad packets to gain pre-auth RCE, plus 0day

More than half the release involves RCE - time to get patching.

Security  | Aug 09, 2022
Windows zero day under attack was first reported in 2019
Windows zero day under attack was first reported in 2019

More Microsoft Windows Support Diagnostic Tool goodness...

Security  | Jul 13, 2022
Patch Tuesday: Exploited Windows 0day, zero-click pre-auth RCE vuln in RPC
Patch Tuesday: Exploited Windows 0day, zero-click pre-auth RCE vuln in RPC

Those 700,000 folks with RPC exposed to the internet should probably...

Security  | Apr 14, 2022
A million Microsoft machines exposed to a zero click, CVSS 9.8 bug
A million Microsoft machines exposed to a zero click, CVSS 9.8 bug

Over a million Microsoft machines appear potentially exposed to a wormable critical new vulnerability, CVE-2022-26809 in Microsoft's ubiquitous remote procedure call (RPC) runtime library. (RPC is as an inter-process communication mechanism for data exchange and functionality invocation in a different process -- a process which can be on

Interviews, insight, intelligence, and exclusive events for digital leaders.

© 2025 The Stack
©  2025 The Stack

Search the site
Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Great! You've successfully signed up.
Great! You've successfully signed up.
Welcome back! You've successfully signed in.
Success! You now have access to additional content.