rapid7 – Page 3 – PossibleThreat Articles

Microsoft Patch Tuesday, March 2022 Edition

March 9, 2022 0 Comments cve-2022-21967, cve-2022-21990, cve-2022-23277, cve-2022-23285, cve-2022-24459, cve-2022-24503, cve-2022-24508, cve-2022-24512, dustin childs, greg wiseman, immersive labs, kevin breen, microsoft exchange server, microsoft patch tuesday march 2022, rapid7, remote desktop, Time to Patch, trend micro zero day initiative, windows smbv3

Credit to Author: BrianKrebs| Date: Wed, 09 Mar 2022 16:22:12 +0000

Microsoft on Tuesday released software updates to plug at least 70 security holes in its Windows operating systems and related software. For the second month running, there are no scary zero-day threats looming for Windows users (that we know of), and relatively few “critical” fixes. And yet we know from experience that attackers are already trying to work out how to turn these patches into a roadmap for exploiting the flaws they fix. Here’s a look at the security weaknesses Microsoft says are most likely to be targeted first.

Independent Krebs Security

Microsoft Patch Tuesday, February 2022 Edition

February 8, 2022 0 Comments allan liska, andrew cunningham, ars technica, cve-2022-21989, cve-2022-21996, cve-2022-22005, greg wiseman, immersive labs, kevin breen, print spooler, rapid7, recorded future, Time to Patch, win32k

Credit to Author: BrianKrebs| Date: Tue, 08 Feb 2022 22:38:16 +0000

Microsoft today released software updates to plug security holes in its Windows operating systems and related software. This month’s relatively light patch batch is refreshingly bereft of any zero-day threats, or even scary critical vulnerabilities. But it does fix four dozen flaws, including several that Microsoft says will likely soon be exploited by malware or malcontents.

Independent Krebs Security

‘Wormable’ Flaw Leads January 2022 Patch Tuesday

February 2, 2022 0 Comments cve-2021-22947, cve-2021-36976, cve-2022-21846, cve-2022-21907, dustin childs, exchange server, http protocol stack, Latest Warnings, microsoft patch tuesday january 2022, National Security Agency, rapid7, satnam narang, tenable, The Coming Storm, Time to Patch, trend micro, zero day initiative

Credit to Author: BrianKrebs| Date: Tue, 11 Jan 2022 22:18:55 +0000

Microsoft today released updates to plug nearly 120 security holes in Windows and supported software. Six of the vulnerabilities were publicly detailed already, potentially giving attackers a head start in figuring out how to exploit them in unpatched systems. More concerning, Microsoft warns that one of the flaws fixed this month is “wormable,” meaning no human interaction would be required for an attack to spread from one vulnerable Windows box to another.