Quick Cookie Notification

This site uses cookies, including for analytics, personalization, and advertising purposes. For more information or to change your cookie settings, click here.

If you continue to browse this site without changing your cookie settings, you agree to this use.


View Cookie Policy for full details

Rapid7 Blog

Greg Wiseman  

AUTHOR STATS:

35

Patch Tuesday - May 2019

Hot on the heels of several Apple security advisories on Monday, May's Patch Tuesday sees Microsoft fix nearly 80 vulnerabilities across their product line, some of them very serious indeed, and Adobe address over 80 in Acrobat Reader alone. A fix for a critical remote…

Patch Tuesday - April 2019

Today's Microsoft updates resolve over 70 vulnerabilities, most of which affect the Windows operating system itself. Two of the vulnerabilities are already being exploited in the wild. Both CVE-2019-0803 and CVE-2019-0859 can result in unauthorized elevation of privilege, and affect all supported versions of Windows.…

Patch Tuesday - March 2019

Today Microsoft released updates that resolve over 60 different vulnerabilities. As usual, Windows, web browsers, and SharePoint Server are all affected. Office gets off relatively lightly with only a single vulnerability fixed (CVE-2019-0748, a remote code execution (RCE) vulnerability in the Access Connectivity Engine of…

Patch Tuesday - February 2019

Microsoft got back in the swing of things today after a couple of relatively light months, with over 70 separate CVEs being addressed. The usual suspects got patches, including Windows, Office, Browsers (including Adobe Flash), .NET Framework, SharePoint, Exchange, and another slew of JET Database…

Patch Tuesday - January 2019

Microsoft's first updates of the year address 49 separate vulnerabilities, which is on the low side relatively speaking. We're also getting rare respite from Flash vulnerabilities (although Adobe published a "security bulletin" for Flash today, the new version does not actually contain any…

HaXmas Review: 12 Patch Tuesdays a-Patching

Another year, another 701 patched Microsoft vulnerabilities: just a 2% increase from 2017's count of 686.…

Patch Tuesday - December 2018

It's the last Patch Tuesday of 2018! As is often the case in December, it's a relatively light one with "only" 38 CVEs. (Every other month in 2018 clocked in with at least 50 patched vulnerabilities.) This is in addition to the two…

Patch Tuesday - November 2018

Microsoft's patches this month address over 60 vulnerabilities. Just like last month, another zero-day privilege escalation vulnerability in Win32k has been patched. CVE-2018-8589 has been seen exploited in the wild, and allows a logged-in attacker to execute arbitrary code in the security context of a…

Patch Tuesday - October 2018

This month's patches from Microsoft include fixes for 50 distinct vulnerabilities.…

Patch Tuesday - September 2018

More than 60 vulnerabilities were addressed by this month's patches, including CVE-2018-15967 (a privilege escalation/information disclosure vulnerability in Adobe Flash Player).…

Patch Tuesday - August 2018

Microsoft's updates this month address over 60 vulnerabilities, 20 of which are classified as Critical. As usual, most of this month's fixes are browser-related, and nearly half of the flaws could lead to remote code execution (RCE). Patches for Exchange, SQL Server, and Microsoft Office…

Patch Tuesday - July 2018

This month's security updates from Microsoft address 50 separate vulnerabilities, including two fixes for Adobe Flash Player (APSB18-24). There are no 0-days this month, although three vulnerabilities had been publicly disclosed prior to the release: two privilege escalation vulnerabilities in Windows and a spoofing vulnerability…

Patch Tuesday - June 2018

This month's Patch Tuesday is rather run-of-the-mill, with a total of 50 vulnerabilities being addressed by Microsoft. However, a bit of excitement came earlier this month, with an out-of-band patch for Adobe Flash Player released last Thursday to fix four security issues. Two of these…

Patch Tuesday - May 2018

Microsoft has released patches that resolve over 60 separate vulnerabilities including an update for Flash Player that addresses a critical Remote Code Execution (RCE) vulnerability (CVE-2018-4944). As usual, the majority of fixes are browser-related, but Microsoft Office is also seeing its fair share this month.…

Patch Tuesday - April 2018

Over 70 vulnerabilities have been fixed this month, including 6 in Adobe Flash (APSB18-08). At a high level, there's nothing too out of the ordinary. Unfortunately, that means the majority of the patched vulnerabilities are once again of the worst variety: Remote Code Execution (RCE)…