Microsoft released the April 2020 Security Updates that includes 113 unique vulnerability fixes, 18 of those rated critical. The updates also include patches for two Adobe Font Manager zero day vulnerabilities disclosed in March.
Microsoft issued the February 2020 Security Updates that include 101 unique vulnerability fixes, 13 of those rated critical. The update also includes a patch for an IE zero-day scripting engine vulnerability CVE-2020-0674 disclosed in January.
Microsoft issued the December 2019 Security Updates that include 36 unique vulnerability fixes, 7 of those rated critical and 29 rated important. One of the patches addresses a Win32k vulnerability under active attack in the wild.
Microsoft issued the November 2019 Security Updates that include 74 unique vulnerability fixes, 13 of those rated critical. In addition, Microsoft provided guidance for a vulnerability CVE-2019-16863 in Trusted Platform Module (TPM).
Organizations should prioritize getting rid of end-of-support (EOS) software. To assist in that effort, the Multi-State Information Sharing and Analysis Center (MS-ISAC) has released an EOS software report list.
Apple has issued security updates for macOS Catalina, iCloud and iTunes.
Microsoft issued the October 2019 Security Updates that include 59 unique vulnerability fixes, 10 of those rated critical. In addition, Adobe has not published any new patches.
Microsoft has re-released security and software updates that include the patch for Critical IE CVE-2019-1367 recently exploited in the wild. The latest update addresses a known printing issue reported by customers after the last patch was released on September 23, 2019.
Microsoft issued the August 2019 Security Updates on Tuesday that include 93 unique vulnerability fixes, 29 of those rated critical. In addition, two of the patches address two critical Remote Code Execution (RCE) "wormable" vulnerabilities (CVE-2019-1181 and CVE-2019-1182) in Remote Desktop Services.
Microsoft has released updates to address a feature bypass vulnerability in PowerShell Core versions 6.1 and 6.2. Users should upgrade to the latest PowerShell versions to prevent an attacker from taking over affected systems.