Microsoft released the June 2017 Patch Tuesday to address more than 90 security flaws, including two critical RCE that have been exploited in attacks. Microsoft released June Patch Tuesday updates that address more than 90 vulnerabilities, including two critical remote code execution (RCE) vulnerabilities that have been exploited in attacks. The first vulner

Due to its highly critical nature, a zero-day vulnerability (CVE-2017-0290) that exploits Microsoft Malware Protection Engine (MsMpEng) was addressed by the company in an out-of-band security update just before May’s patch Tuesday. Discovered and disclosed to Microsoft by Google Project Zero’s Natalie Silvanovich and Tavis Ormandy, this vulnerability a

One of the major updates for this month’s Patch Tuesday addresses CVE-2017-0199, a zero-day remote code execution vulnerability that allowed attackers to exploit a flaw that exists in the Windows Object Linking and Embedding (OLE) interface of Microsoft Office. This flaw is currently being exploited by the notorious DRIDEX banking trojan. Threat actors lever

Today’s VERT Alert addresses 18 new Microsoft Security Bulletins. VERT is actively working on coverage for these bulletins and expects to ship ASPL-716 on Wednesday, March 15th.Ease of Use (published exploits) to Risk TableAutomated ExploitEasyModerateDifficultExtremely DifficultMS17-006MS17-007MS17-008MS17-013MS17-014MS17-017MS17-018 MS17-012No Known Exploi

Patch Tuesday for March is a hefty one, with essentially two months’ worth of updates after Microsoft quietly delayed its February patch release. Notable among the critical bulletins is MS17-012, which resolves several vulnerabilities including CVE-2017-0016, a zero-day vulnerability involving  Windows Server Message Block (SMB). This vulnerability potential

Microsoft begins its monthly set of bulletins for 2017 with relatively few bulletins released in January. Four security bulletins make up this month’s Patch Tuesday—one of which is rated Critical to address vulnerabilities seen in Adobe Flash Player while the other three are tagged as Important to patch vulnerabilities in Microsoft Office, Edge, and the Loca

Today’s VERT Alert addresses 4 new Microsoft Security Bulletins. VERT is actively working on coverage for these bulletins in order to meet our 24-hour SLA and expects to ship ASPL-706 on Wednesday, January 11th.Ease of Use (published exploits) to Risk TableAutomated ExploitEasy MS17-001ModerateDifficultExtremely Difficult MS17-004No Known Exploit  MS17-002 M

For the last Patch Tuesday of 2016, Microsoft adds 12 bulletins split evenly into six rated Critical and six rated Important. Among the critical updates was MS16-148, which patches several vulnerabilities in Microsoft Office. If exploited, the most severe of these vulnerabilities could allow attackers to run arbitrary code in the guise of the user. Other cri

Today’s VERT Alert addresses 12 new Microsoft Security Bulletins. VERT is actively working on coverage for these bulletins in order to meet our 24-hour SLA and expects to ship ASPL-703 on Wednesday, December 14th.Ease of Use (published exploits) to Risk TableAutomated ExploitEasyModerateDifficultExtremely Difficult  MS16-144 MS16-145   No Known ExploitMS16-1

November is the second-to-last Patch Tuesday of 2016, and it brings a slightly higher than typical number of bulletins: six Critical bulletins and eight Important bulletins. The 8th is the earliest date that Patch Tuesday can take place in a month; December’s Patch Tuesday (and the last of 2016) takes place in exactly five weeks. Among the items fixed

Today’s VERT Alert addresses 14 new Microsoft Security Bulletins. VERT is actively working on coverage for these bulletins in order to meet our 24-hour SLA and expects to ship ASPL-698 on Wednesday, November 9th.Ease of Use (published exploits) to Risk TableAutomated Exploit   MS16-132MS16-135Easy    Moderate    Difficult    Extremely DifficultMS16-129MS16-1

Today’s VERT Alert addresses 10 new Microsoft Security Bulletins. VERT is actively working on coverage for these bulletins in order to meet our 24-hour SLA and expects to ship ASPL-693 on Wednesday, October 12th.EASE OF USE (PUBLISHED EXPLOITS) TO RISK TABLEAutomated ExploitEasyModerateDifficult  MS16-118MS16-119MS16-120MS16-121   Extremely Difficult      No

Today’s VERT Alert addresses 14 new Microsoft Security Bulletins. VERT is actively working on coverage for these bulletins in order to meet our 24-hour SLA and expects to ship ASPL-689 on Wednesday, September 14th.Ease of Use (published exploits) to Risk TableAutomated ExploitEasyModerateDifficultExtremely DifficultNo Known ExploitMS16-113MS16-115MS16-104MS1

Today’s VERT Alert addresses 9 new Microsoft Security Bulletins. VERT is actively working on coverage for these bulletins in order to meet our 24-hour SLA and expects to ship ASPL-684 on Wednesday, August 10th.EASE OF USE (PUBLISHED EXPLOITS) TO RISK TABLEAutomated ExploitEasyModerateDifficultExtremely DifficultNo Known ExploitMS16-100MS16-103 MS16-095MS16-0

For more than two decades, Microsoft Windows has provided the means for clever attackers to surreptitiously install malware of their choice on computers that connect to booby-trapped printers, or other devices masquerading as printers, on a local area network. Microsoft finally addressed the bug on Tuesday during its monthly patch cycle.The vulnerability res