Following the relatively light list from last month, November proved to be a much more eventful month for Microsoft users. The November Patch Tuesday holds more fixes with a total of 74 patches, 13 of which were classified as Critical patches for remote code execution (RCE) vulnerabilities. The remaining majority were rated as Important and included patches

byDanny BradburyAdobe patched a total of 82 vulnerabilities across a range of products on Tuesday, including 46 critical bugs.The lion’s share of the patches, which the company flagged on 11 October, came in a single advisory covering Acrobat and Acrobat Reader on the Windows and macOS platforms, extending back to the Classic 2015 versions.There were

October’s Patch Tuesday is relatively modest, with Microsoft releasing a total of 59 patches. However, this shorter list still warrants attention. Nine of the 59 were still identified as Critical, while the remaining 50 were labeled Important. Most of the critical bulletins were for various Internet Explorer and Microsoft Edge vulnerabilities, with one cover

Microsoft released the June 2017 Patch Tuesday to address more than 90 security flaws, including two critical RCE that have been exploited in attacks. Microsoft released June Patch Tuesday updates that address more than 90 vulnerabilities, including two critical remote code execution (RCE) vulnerabilities that have been exploited in attacks. The first vulner

Due to its highly critical nature, a zero-day vulnerability (CVE-2017-0290) that exploits Microsoft Malware Protection Engine (MsMpEng) was addressed by the company in an out-of-band security update just before May’s patch Tuesday. Discovered and disclosed to Microsoft by Google Project Zero’s Natalie Silvanovich and Tavis Ormandy, this vulnerability a

One of the major updates for this month’s Patch Tuesday addresses CVE-2017-0199, a zero-day remote code execution vulnerability that allowed attackers to exploit a flaw that exists in the Windows Object Linking and Embedding (OLE) interface of Microsoft Office. This flaw is currently being exploited by the notorious DRIDEX banking trojan. Threat actors lever

Today’s VERT Alert addresses 18 new Microsoft Security Bulletins. VERT is actively working on coverage for these bulletins and expects to ship ASPL-716 on Wednesday, March 15th.Ease of Use (published exploits) to Risk TableAutomated ExploitEasyModerateDifficultExtremely DifficultMS17-006MS17-007MS17-008MS17-013MS17-014MS17-017MS17-018 MS17-012No Known Exploi

Patch Tuesday for March is a hefty one, with essentially two months’ worth of updates after Microsoft quietly delayed its February patch release. Notable among the critical bulletins is MS17-012, which resolves several vulnerabilities including CVE-2017-0016, a zero-day vulnerability involving  Windows Server Message Block (SMB). This vulnerability potential

Microsoft begins its monthly set of bulletins for 2017 with relatively few bulletins released in January. Four security bulletins make up this month’s Patch Tuesday—one of which is rated Critical to address vulnerabilities seen in Adobe Flash Player while the other three are tagged as Important to patch vulnerabilities in Microsoft Office, Edge, and the Loca

Today’s VERT Alert addresses 4 new Microsoft Security Bulletins. VERT is actively working on coverage for these bulletins in order to meet our 24-hour SLA and expects to ship ASPL-706 on Wednesday, January 11th.Ease of Use (published exploits) to Risk TableAutomated ExploitEasy MS17-001ModerateDifficultExtremely Difficult MS17-004No Known Exploit  MS17-002 M

For the last Patch Tuesday of 2016, Microsoft adds 12 bulletins split evenly into six rated Critical and six rated Important. Among the critical updates was MS16-148, which patches several vulnerabilities in Microsoft Office. If exploited, the most severe of these vulnerabilities could allow attackers to run arbitrary code in the guise of the user. Other cri

Today’s VERT Alert addresses 12 new Microsoft Security Bulletins. VERT is actively working on coverage for these bulletins in order to meet our 24-hour SLA and expects to ship ASPL-703 on Wednesday, December 14th.Ease of Use (published exploits) to Risk TableAutomated ExploitEasyModerateDifficultExtremely Difficult  MS16-144 MS16-145   No Known ExploitMS16-1

November is the second-to-last Patch Tuesday of 2016, and it brings a slightly higher than typical number of bulletins: six Critical bulletins and eight Important bulletins. The 8th is the earliest date that Patch Tuesday can take place in a month; December’s Patch Tuesday (and the last of 2016) takes place in exactly five weeks. Among the items fixed

Today’s VERT Alert addresses 14 new Microsoft Security Bulletins. VERT is actively working on coverage for these bulletins in order to meet our 24-hour SLA and expects to ship ASPL-698 on Wednesday, November 9th.Ease of Use (published exploits) to Risk TableAutomated Exploit   MS16-132MS16-135Easy    Moderate    Difficult    Extremely DifficultMS16-129MS16-1

Today’s VERT Alert addresses 10 new Microsoft Security Bulletins. VERT is actively working on coverage for these bulletins in order to meet our 24-hour SLA and expects to ship ASPL-693 on Wednesday, October 12th.EASE OF USE (PUBLISHED EXPLOITS) TO RISK TABLEAutomated ExploitEasyModerateDifficult  MS16-118MS16-119MS16-120MS16-121   Extremely Difficult      No