Cisco Talos Blog

December 10, 2024 15:52

Microsoft Patch Tuesday for December 2024 contains four critical vulnerabilities

The Patch Tuesday for December of 2024 includes 72 vulnerabilities, including four that Microsoft marked as “critical.” The remaining vulnerabilities listed are classified as “important.”

November 12, 2024 18:11

November Patch Tuesday release contains three critical remote code execution vulnerabilities

The Patch Tuesday for November of 2024 includes 91 vulnerabilities, including two that Microsoft marked as “critical.” The remaining 89 vulnerabilities listed are classified as “important.”

October 8, 2024 15:04

Largest Patch Tuesday since July includes two exploited in the wild, three critical vulnerabilities

The two vulnerabilities that Microsoft reports have been actively exploited in the wild and are publicly known are both rated as only being of “moderate” severity.

September 10, 2024 15:30

Four zero-days included in group of 79 vulnerabilities Microsoft discloses, including one with 9.8 severity score

September’s monthly round of patches from Microsoft included 79 vulnerabilities, seven of which are considered critical.

August 13, 2024 15:12

Talos discovers Microsoft kernel mode driver vulnerabilities that could lead to SYSTEM privileges; Seven other critical issues disclosed

The most serious of the issues included in August’s Patch Tuesday is CVE-2024-38063, a remote code execution vulnerability in Windows TCP/IP.

July 9, 2024 14:01

Largest Patch Tuesday in 3 months includes 5 critical vulnerabilities

This is the largest Patch Tuesday since April, when Microsoft patched 150 vulnerabilities.

June 11, 2024 13:46

Only one critical issue disclosed as part of Microsoft Patch Tuesday

The lone critical security issue is a remote code execution vulnerability due to a use-after-free issue in the HTTP handling function of Microsoft Message Queuing.

May 14, 2024 13:57

Only one critical vulnerability included in May’s Microsoft Patch Tuesday; One other zero-day in DWN Core

The lone critical security issue is CVE-2024-30044, a remote code execution vulnerability in SharePoint Server.

April 9, 2024 14:23

April’s Patch Tuesday includes 150 vulnerabilities, 60 which could lead to remote code execution

Though April’s monthly security update from Microsoft includes 150 vulnerabilities, only three of them are considered “critical."