Microsoft issues security advisory and workaround for Critical IE vulnerability (CVE-2020-0674)

Microsoft issued a new security advisory for a Critical Internet Explorer (IE) vulnerability. Attackers could exploit the scripting engine memory corruption vulnerability CVE-2020-0674 in IE and execute arbitrary code.

Continue Reading Microsoft issues security advisory and workaround for Critical IE vulnerability (CVE-2020-0674)

Microsoft January 2020 Security Updates (includes fix for Windows CryptoAPI vulnerability)

Microsoft issued the January 2020 Security Updates that include 49 unique vulnerability fixes, 8 of those rated critical and 29 rated important. One of the patches addresses a CryptoAPI Spoofing vulnerability CVE-2020-0601. DHS CISA also issued an emergency directive with recommendations to patch this Windows CryptoAPI, Windows Remote Desktop Gateway (RD Gateway), and Windows Remote Desktop Client.

Continue Reading Microsoft January 2020 Security Updates (includes fix for Windows CryptoAPI vulnerability)

Microsoft December 2019 Security Updates (includes fix for one active exploit)

Microsoft issued the December 2019 Security Updates that include 36 unique vulnerability fixes, 7 of those rated critical and 29 rated important. One of the patches addresses a Win32k vulnerability under active attack in the wild.

Continue Reading Microsoft December 2019 Security Updates (includes fix for one active exploit)

Microsoft re-releases patch for Critical IE CVE-2019-1367 (exploited in wild)

Microsoft has re-released security and software updates that include the patch for Critical IE CVE-2019-1367 recently exploited in the wild. The latest update addresses a known printing issue reported by customers after the last patch was released on September 23, 2019.

Continue Reading Microsoft re-releases patch for Critical IE CVE-2019-1367 (exploited in wild)

Microsoft August 2019 Security Updates

Microsoft issued the August 2019 Security Updates on Tuesday that include 93 unique vulnerability fixes, 29 of those rated critical. In addition, two of the patches address two critical Remote Code Execution (RCE) "wormable" vulnerabilities (CVE-2019-1181 and CVE-2019-1182) in Remote Desktop Services.

Continue Reading Microsoft August 2019 Security Updates