Office Archives - Securezoo

Microsoft October 2022 Security Updates addresses 84 vulnerabilities (13 rated Critical, 2 zero-days)

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / October 12, 2022 / Active Directory, Azure, CVE-2022-22035, CVE-2022-24504, CVE-2022-30198, CVE-2022-33634, CVE-2022-34689, CVE-2022-37968, CVE-2022-37976, CVE-2022-37979, CVE-2022-38000, CVE-2022-38047, CVE-2022-38048, CVE-2022-41033, CVE-2022-41034, CVE-2022-41038, CVE-2022-41081, EoP, Hyper-V, Kubernetes, Office, Point-to-Point, PPT, RCE, SharePoint, Vulnerabilities

The Microsoft October 2022 Security Updates includes patches and advisories for 84 vulnerabilities, including 2 zero-day and 13 Critical severity issues. However, the ProxyNotShell vulnerabilities were not addressed.

Microsoft October 2022 Security Updates addresses 84 vulnerabilities (13 rated Critical, 2 zero-days) Read More »

Microsoft November 2021 Security Updates includes fixes for 2 zero-days under active exploit

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / November 10, 2021 / CVE-2021-26443, CVE-2021-3711, CVE-2021-38666, CVE-2021-42279, CVE-2021-42292, CVE-2021-42298, CVE-2021-42316, CVE-2021-42321, Excel, Exchange, Office

Microsoft has released the November 2021 Security Updates that includes patches for 55 vulnerabilities, 6 of those rated Critical. The updates also address 2 zero-day bugs being actively exploited in the wild.

Microsoft November 2021 Security Updates includes fixes for 2 zero-days under active exploit Read More »

Microsoft September 2021 Security Updates includes fix for an RCE bug in MSHTML under active attack

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / September 15, 2021 / Azure, CVE-2021-26435, CVE-2021-36965, CVE-2021-40444, Office, OMI, Windows

Microsoft has released the September 2021 Security updates that includes patches for 66 vulnerabilities, 3 of those rated Critical. The updates also include a fix for one zero-day bug in MSHTML (CVE-2021-40444) exploited in the wild.

Microsoft September 2021 Security Updates includes fix for an RCE bug in MSHTML under active attack Read More »

Top 30 most commonly exploited vulnerabilities over 2020 and 2021

Cybersecurity Attacks, Vulnerabilities & Exploits / Frank Crast / July 29, 2021 / Atlassian, BIG-IP, Citrix, CVE 2018-13379, CVE 2019-11510, CVE 2019-18935, CVE 2020-15505, CVE 2020-5902, CVE-2017-11882, CVE-2018-13379, CVE-2018-7600, CVE-2019-0604, CVE-2019-11580, CVE-2019-19781, CVE-2019-5591, CVE-2020-0787, CVE-2020-12812, CVE-2020-1472, CVE-2021-21985, CVE-2021-22894, CVE-2021-22899, CVE-2021-27101, CVE-2021-27102, CVE-2021-27103, CVE-2021-27104, Drupal, F5, Fortinet, MobileIron, Netlogon, Office, Pulse, Zerologon

Cybersecurity experts from Australia, U.K., and U.S. governments have released a list of the most commonly exploited vulnerabilities over 2020 and 2021.

Top 30 most commonly exploited vulnerabilities over 2020 and 2021 Read More »

Zloader trojan bypasses Microsoft Office malware-protection defenses

Cybersecurity Attacks, Malware / Frank Crast / July 10, 2021 / Excel, infection chain, malware, McAfee, Microsoft, obfuscation, Office, sLoad, VBA, Zloader

Researchers have discovered a new malware campaign that bypasses Microsoft Office malware-protections to deliver a new variant of the Zloader trojan.

Zloader trojan bypasses Microsoft Office malware-protection defenses Read More »

Microsoft March 2021 Security Updates, fixes for 14 Critical bugs

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / March 10, 2021 / Azure, CVE-2021-26411, CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-26897, CVE-2021-27065, DNS, DNS Server, Exchange, Git, HEVC, Hyper-V, Office, OpenType, Visual Studio, Windows

Microsoft has released the March 2021 Security updates that includes patches for 89 vulnerabilities, 14 of those rated Critical. The fixes follow just after the tech giant released emergency patched for Exchange flaws being exploited in the wild.

Microsoft March 2021 Security Updates, fixes for 14 Critical bugs Read More »

Microsoft December 2020 Security Updates

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / December 9, 2020 / Azure, ChakraCore, CVE-2020-17095, CVE-2020-17117, CVE-2020-17118, CVE-2020-17131, CVE-2020-17132, CVE-2020-17152, Dynamics, Edge, Exchange, Office, Visual Studio, Windows

Microsoft has released the December 2020 Security updates that includes patches for 58 vulnerabilities, 9 of them rated Critical.

Microsoft December 2020 Security Updates Read More »

Microsoft August 2020 Security and Adobe Updates

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / August 12, 2020 / .NET Frame, .NET Framework, Acrobat, ASP.NET, ChakraCore, codecs, CVE-2020-1380, Edge, Internet Explorer, Microsoft, Office, SQL Server, Windows

Microsoft has released August 2020 Security updates, that includes a patch for an actively attacked memory corruption vulnerability (CVE-2020-1380) in the Scripting Engine. Adobe also released updates for Adobe Acrobat and Reader, as well as Lightroom.

Microsoft August 2020 Security and Adobe Updates Read More »

Microsoft June 2020 Security Updates (and a Critical Adobe Flash patch)

Uncategorized / Frank Crast / June 10, 2020 / ChakraCore, CVE-2020-1073, CVE-2020-1181, CVE-2020-1213, CVE-2020-1216, CVE-2020-1219, CVE-2020-1248, CVE-2020-1260, CVE-2020-1281, CVE-2020-1286, CVE-2020-1299, CVE-2020-1300, Edge, Flash, HoloLens, Office, Visual Studio, Windows

Microsoft released the June 2020 Security Updates that includes 128 unique vulnerability fixes, 11 of those rated critical. In addition, Adobe patched a Critical vulnerability in Adobe Flash.

Microsoft June 2020 Security Updates (and a Critical Adobe Flash patch) Read More »

Microsoft October 2019 Security Updates

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / October 9, 2019 / ChakraCore, Edge, Internet Explorer, Microsoft, Office, Windows

Microsoft issued the October 2019 Security Updates that include 59 unique vulnerability fixes, 10 of those rated critical. In addition, Adobe has not published any new patches.

Microsoft October 2019 Security Updates Read More »