#microsoft-patch-tuesday

[ follow ]
#privilege-escalation #zero-day-exploits #windows-security #cve-2026-20805 #zero-day-vulnerabilities
#zero-day-exploits
more#zero-day-exploits
Information security
fromComputerWeekly.com
2 days ago

February Patch Tuesday: Microsoft drops six zero-days | Computer Weekly

Six newly classified Microsoft zero-day vulnerabilities are actively exploited, three publicly disclosed, within over 50 patched flaws across Microsoft products.
Information security
fromZero Day Initiative
2 days ago

Zero Day Initiative - The February 2026 Security Update Review

Adobe released nine bulletins fixing 44 CVEs; After Effects and Substance 3D Stager received the most Critical fixes, with no publicly known exploits.
Information security
fromThe Hacker News
4 weeks ago

Microsoft Fixes 114 Windows Flaws in January 2026 Patch, One Actively Exploited

Microsoft released January 2026 security updates addressing 114 vulnerabilities, including an actively exploited Desktop Window Manager information-disclosure flaw CVE-2026-20805.
Information security
fromThe Hacker News
2 months ago

Microsoft Issues Security Fixes for 56 Flaws, Including Active Exploit and Two Zero-Days

Microsoft released patches for 56 Windows security flaws at the end of 2025, including an actively exploited use-after-free in the Cloud Files Mini Filter Driver.
Information security
fromTheregister
2 months ago

Patch Tuesday: Microsoft EoP, NotePad++, Ivanti, Fortinet

Patch the exploited Windows Cloud Files Mini Filter Driver zero-day (CVE-2025-62221) immediately; also prioritize Ivanti, Fortinet, Notepad++, and the two publicly known Microsoft RCE flaws.
fromThe Hacker News
3 months ago

Two New Windows Zero-Days Exploited in the Wild - One Affects Every Version Ever Shipped

Of the 183 vulnerabilities, eight of them are non-Microsoft issued CVEs. As many as 165 flaws have been rated as Important in severity, followed by 17 as Critical and one as Moderate. The vast majority of them relate to elevation of privilege vulnerabilities (84), with remote code execution (33), information disclosure (28), spoofing (14), denial-of-service (11), and security feature bypass (11) issues accounting for the rest of them.
Information security
fromTheregister
3 months ago

Microsoft frightful Patch Tuesday: 175+ CVEs, 3 under attack

Spooky season is in full swing, and this extends to Microsoft's October Patch Tuesday with security updates for a frightful 175 Microsoft vulnerabilities, plus an additional 21 non-Microsoft CVEs. And even scarier than the sheer number of bugs: three are listed as under attack, with three others publicly known, and 17 deemed critical security holes. Let's start with the flaws that attackers already found and exploited before Redmond pushed patches.
Information security
Information security
fromThe Hacker News
5 months ago

Microsoft Fixes 80 Flaws - Including SMB PrivEsc and Azure CVSS 10.0 Bugs

Microsoft patched 80 vulnerabilities, including eight Critical; nearly half were privilege escalation flaws and one SMB elevation (CVE-2025-55234) was publicly known.
fromComputerWeekly.com
7 months ago

July Patch Tuesday brings over 130 new flaws to address | Computer Weekly

An attacker could map out database structures, identify injection points, and gather information to support more targeted intrusions. By accessing uninitialised memory, they might recover fragments of authentication credentials, potentially enabling further attacks against the database or related systems.
Information security
[ Load more ]