Largest Patch Tuesday since July includes two exploited in the wild, three critical vulnerabilities
The two vulnerabilities that Microsoft reports have been actively exploited in the wild and are publicly known are both rated as only being of “moderate” severity.
Four zero-days included in group of 79 vulnerabilities Microsoft discloses, including one with 9.8 severity score
September’s monthly round of patches from Microsoft included 79 vulnerabilities, seven of which are considered critical.
Talos discovers Microsoft kernel mode driver vulnerabilities that could lead to SYSTEM privileges; Seven other critical issues disclosed
The most serious of the issues included in August’s Patch Tuesday is CVE-2024-38063, a remote code execution vulnerability in Windows TCP/IP.
Largest Patch Tuesday in 3 months includes 5 critical vulnerabilities
This is the largest Patch Tuesday since April, when Microsoft patched 150 vulnerabilities.
Only one critical issue disclosed as part of Microsoft Patch Tuesday
The lone critical security issue is a remote code execution vulnerability due to a use-after-free issue in the HTTP handling function of Microsoft Message Queuing.
Only one critical vulnerability included in May’s Microsoft Patch Tuesday; One other zero-day in DWN Core
The lone critical security issue is CVE-2024-30044, a remote code execution vulnerability in SharePoint Server.
April’s Patch Tuesday includes 150 vulnerabilities, 60 which could lead to remote code execution
Though April’s monthly security update from Microsoft includes 150 vulnerabilities, only three of them are considered “critical."
Another Patch Tuesday with no zero-days, only two critical vulnerabilities disclosed by Microsoft
March’s Patch Tuesday is relatively light, containing 60 vulnerabilities — only two labeled “critical.”
First Microsoft Patch Tuesday zero-day of 2024 disclosed as part of group of 75 vulnerabilities
Although considered of moderate risk, one of the vulnerabilities is being actively exploited in the wild — CVE-2024-21351, a security feature bypass vulnerability in Windows SmartScreen.