Azure

Microsoft February 2022 Security Updates (fixes for 16 RCEs, 1 zero-day) 

It was a relatively light Patch Tuesday for Microsoft this month. The Microsoft February 2022 Security Updates includes patches and advisories for 50 vulnerabilities, 16 of those remote code execution flaws and one zero-day (CVE-2022-21989). None are rated Critical.

Microsoft September 2021 Security Updates includes fix for an RCE bug in MSHTML under active attack

Microsoft has released the September 2021 Security updates that includes patches for 66 vulnerabilities, 3 of those rated Critical. The updates also include a fix for one zero-day bug in MSHTML (CVE-2021-40444) exploited in the wild.

“BadAlloc” vulnerabilities impact broad range of IoT and OT devices

Security researchers from Microsoft have discovered a collection of vulnerabilities dubbed “BadAlloc” that affect a broad range of IoT and OT devices in industrial, medical and consumer sectors.

Microsoft April 2021 Security Updates, includes fixes for Critical Exchange Server vulnerabilities

Microsoft has released the April 2021 Security updates that includes patches for 114 vulnerabilities, 19 of those rated Critical. The updates also include fixes for multiple Microsoft Exchange flaws that have a higher likelihood of being exploited.

CHIRP tool scans for signs of APT compromise associated with SolarWinds and Azure/M365 cyberattacks

The DHS CISA cybersecurity team just released a new tool dubbed CHIRP, a forensics collection tool designed to help network defenders scan for indicators of compromise (IOCs) associated with the SolarWinds Orion and Active Directory/M365 compromise and cyberattacks.

Microsoft March 2021 Security Updates, fixes for 14 Critical bugs

Microsoft has released the March 2021 Security updates that includes patches for 89 vulnerabilities, 14 of those rated Critical. The fixes follow just after the tech giant released emergency patched for Exchange flaws being exploited in the wild.

Microsoft February 2021 Security Updates, warns of Win32k Privilege Escalation vulnerability exploited in wild (updated)

Microsoft has released the February 2021 Security updates that includes patches for 56 vulnerabilities, 11 of those rated Critical. Moreover, the tech giant warned of a Win32k Privilege Escalation vulnerability CVE-2021-1732 exploited in wild.

Microsoft January 2021 Security Updates (to include zero-day RCE patch)

Microsoft has released the January 2021 Security updates that includes patches for 83 vulnerabilities, 10 of those rated Critical and 1 zero-day RCE vulnerability CVE-2021-1647 in Microsoft Defender.