Microsoft’s September Patch Tuesday resolves 63 vulnerabilities with one actively exploited zero-day

In the security patch bundle released this Tuesday by Microsoft, fixes for 63 vulnerabilities and exposures were provided. Five of the vulnerabilities are considered “Critical,” 57 of them are “Important,” and one is rated “Moderate.” Specifically, the flaws are composed of one Security Feature Bypass Vulnerabilities, seven Information Disclosure Vulnerabilities, seven Denial of Service Vulnerabilities, 18 Elevation of Privilege Vulnerabilities, and 30 Remote Code Execution Vulnerabilities. If the vulnerabilities patched in Microsoft Edge before this Patch Tuesday are added, the total number of CVEs rises to 79. Two of those vulnerabilities were publicly disclosed zero-day vulnerabilities, with one of them (tracked as “CVE-2022-37969 – Windows Common Log File System Driver

Microsoft releases Patch Tuesday update for Windows 7 and 8.1

Microsoft has released Patch Tuesday updates for all its supported versions of Windows, including Windows 11, Windows 10, Windows 8.1, and Windows 7. And as is the case with previous Patch Tuesday updates, Microsoft introduces no new features with it for Windows 7 (KB5016679) and 8.1 (KB5016683) users, but you get a plethora of improvements and fixes that will make the overall experience better. You can read the complete official changelog to learn more about these improvements. Patch Tuesday for Windows 7 (KB5016679) changelog KB5016679 also brings with it some known issues, but you don’t have to worry, as Microsoft has already posted workarounds so that you can fix those

Patch Tuesday: Microsoft releases KB5013943 for Windows 11 to fix some security issues and more

It’s Patch Tuesday today, and as expected, Microsoft has released KB5013943 for Windows 11 users taking the OS Build to 22000.675. But more than that, the update also adds fixes for some critical security vulnerabilities that can put your data at risk. The update fixes the issue that caused the screen to flicker when the Windows 11 device is in Safe Mode. It also fixed the .Net Framework 3.5 bugs that were preventing Windows 11 apps from opening. For a detailed understanding of what you get in this update, check out the complete official changelog below. Changelog The update also includes the following known issues: You can download the update

Patch Tuesday: Microsoft releases KB5013942 for Windows 10 users to fix security issues

Microsoft has released a new Patch Tuesday update for Windows 10 versions 20H2, 21H1, and 21H2, taking OS Builds to 19042.1706, 19043.1706, and 19044.1706. Patch Tuesday updates mostly fix security vulnerabilities within the operating system, and this update is no different. Microsoft has claimed to have fixed “security issues for your Windows operating system.” The update includes no additional new features other than the security fixes. You can read the complete official changelog below. Changelog The update also includes some known issues that you might want to look at. Also, as you can see below, Microsoft posted about the workarounds so that you can fix those known issues all by

The January Windows 10 Patch Tuesday is causing “Can’t connect to VPN. The L2TP connection attempt failed” error

Microsoft’s first Patch Tuesday of 2022 appears to be cursed with issues. Users are reporting that KB5009543 for Windows 10 2004, 20H1, and 21H1 is causing issues connecting to VPN for a number of clients and servers over the L2TP VPN protocol. Users are reporting running into the “Can’t connect to VPN. The L2TP connection attempt failed because the security layer encountered a processing error during initial negotiations with the remote computer,” error, and is mainly affecting the built-in Windows VPN client when connecting to Ubiquiti Client-to-Site VPN, SonicWall, Cisco Meraki, and WatchGuard Firewalls. The main workaround is to uninstall KB5009543 by going to Control Panel> Programs -> View installed

It’s June Patch Tuesday, here’s what’s new for Windows 10

It’s the second Tuesday in June, which means Microsoft has a slew of fixes and improvements for all supported versions of Windows 10. For consumers that is Windows 10 2004, 20H2, and 21H1, and for the first time all three versions of the operating system are on the same code base, meaning Microsoft is releasing the same cumulative update for all versions. That Cumulative Update is KB5003637 which elevates Windows 10 2004, 20H2, and 21H1 to builds 19041.1052, 19042.1052, and 19043.1052, respectively. The highlights of KB5003637 are: Updates to improve security when using input devices such as a mouse, keyboard, or pen. Updates to improve Windows OLE (compound documents) security.

It’s Patch Tuesday: Here’s what’s new and fixed for your version of Windows 10

It’s once again Patch Tuesday, and Microsoft has released a new set of updates and fixes for all supported versions of Windows 10. For Windows 10 1909 (the November 2019 update) this will be the last update, and users still on that version of the OS should take the opportunity to explore an update to a supported version of Windows 10 over the next few weeks. 1 Windows 10 2004 2 Windows 10 20H2 3 Windows 10 1909 Windows 10 2004 For Windows 10 2004, Microsoft is releasing KB5003173, which takes the OS to build 19041.985. The update features the following highlights: Updates to improve security when Windows performs basic

Microsoft December 2020 Patch Tuesday fixes 58 vulnerabilities

Today is Microsoft’s December 2020 Patch Tuesday, and Windows administrators will be scrambling to put out fires, so be kind to them. With the December 2020 Patch Tuesday security updates release, Microsoft has released fixes for 58 vulnerabilities and one advisory for Microsoft products. Of the 58 vulnerabilities fixed today, nine are classified as Critical, 48 as Important, and two as Moderate. There are no zero-day or previously disclosed vulnerabilities fixed in the December 2020 updates. For information about the non-security Windows updates, you can read about today’s Windows 10 KB4592449 & KB4592438 cumulative updates. Guidance on disclosed DNS cache poisoning Included in today’s Patch Tuesday updates is an advisory

Yesterday’s Windows 10 Patch Tuesday fixes a critical “Ping of Death” security flaw

With all the excitement of the iPhone 12 launch yesterday’s October Patch Tuesday went mostly unnoticed, but the update delivered a very important fix. Security blog DarkReadings reports that the update fixed 87 vulnerabilities, including 21 remote code execution flaws. None of the flaws was being exploited in the wild, but 6 were publicly known and could therefore be easily developed. The most critical remote code execution flaw was CVE-2020-16898, which exploited a flaw in the Windows TCP/IP stack when it improperly handles ICMPv6 Router Advertisement packets. As Microsoft writes: A remote code execution vulnerability exists when the Windows TCP/IP stack improperly handles ICMPv6 Router Advertisement packets. An attacker who