Tuesday

November 2024 Patch Tuesday: Updates and Analysis

Nov 13, 2024 by iHash Leave a Comment

Microsoft Discloses Vulnerability within Airlift.microsoft.com In an effort to provide additional transparency for Microsoft-hosted services, Microsoft has disclosed a Critical privilege escalation vulnerability within airlift.microsoft.com (CVE-2024-49056). This vulnerability has been fully mitigated by Microsoft and requires no customer interaction. Microsoft has stated … [Read more...] about November 2024 Patch Tuesday: Updates and Analysis

September 2024 Patch Tuesday: Updates and Analysis

Sep 23, 2024 by iHash Leave a Comment

Microsoft has released security updates for 79 vulnerabilities in its September 2024 Patch Tuesday rollout. These include four actively exploited zero-days (CVE-2024-38014, CVE-2024-38217, CVE-2024-38226, CVE-2024-43491). Seven of the vulnerabilities are rated Critical in severity, while the remaining 72 are rated Important or Moderate. September 2024 Risk Analysis This month’s … [Read more...] about September 2024 Patch Tuesday: Updates and Analysis

August 2024 Patch Tuesday: Updates and Analysis

Aug 16, 2024 by iHash Leave a Comment

Microsoft has released security updates for 85 vulnerabilities in its August 2024 Patch Tuesday rollout. These include six actively exploited zero-days (CVE-2024-38213, CVE-2024-38193, CVE-2024-38189, CVE-2024-38178, CVE-2024-38107, CVE-2024-38106). Among the updates is a fix for one of the vulnerabilities related to a ‘downgrade’ attack (CVE-2024-21302). Six of the … [Read more...] about August 2024 Patch Tuesday: Updates and Analysis

May 2024 Patch Tuesday: Updates and Analysis

May 18, 2024 by iHash Leave a Comment

Microsoft has released security updates for 61 vulnerabilities in its May 2024 Patch Tuesday rollout. There are two zero-day vulnerabilities patched, affecting Windows MSHTML (CVE-2024-30040) and Desktop Window Manager (DWM) Core Library (CVE-2024-30051), and one Critical vulnerability patched affecting Microsoft SharePoint Server (CVE-2024-30044). May 2024 Risk Analysis This … [Read more...] about May 2024 Patch Tuesday: Updates and Analysis

April 2024 Patch Tuesday: Updates and Analysis

Apr 25, 2024 by iHash Leave a Comment

Microsoft has released security updates for 150 vulnerabilities in its April 2024 Patch Tuesday rollout, a much larger amount than in recent months. There are three Critical remote code execution vulnerabilities (CVE-2024-21322, CVE-2024-21323 and CVE-2024-29053), all of which are related to Microsoft Defender for IoT, Microsoft’s security platform for IoT devices. April 2024 … [Read more...] about April 2024 Patch Tuesday: Updates and Analysis

March 2024 Patch Tuesday: Updates and Analysis

Mar 15, 2024 by iHash Leave a Comment

Microsoft has released security updates for 60 vulnerabilities in its March 2024 Patch Tuesday rollout. There are two Critical vulnerabilities patched (CVE-2024-21407 and CVE-2024-21408), both of which affect the Hyper-V hypervisor. March 2024 Risk Analysis This month’s leading risk type is elevation of privilege (40%) followed by remote code execution (30%) and a tie between … [Read more...] about March 2024 Patch Tuesday: Updates and Analysis

February 2024 Patch Tuesday: Updates and Analysis

Feb 17, 2024 by iHash Leave a Comment

Microsoft has released security updates for 73 vulnerabilities for its February 2024 Patch Tuesday rollout. These include two actively exploited zero-days (CVE-2024-21412 and CVE-2024-21351), both of which are security feature bypass flaws. Five of the vulnerabilities addressed today are rated Critical while the remaining 68 are rated Important or Moderate. February 2024 Risk … [Read more...] about February 2024 Patch Tuesday: Updates and Analysis

November Patch Tuesday 2023: Updates and Analysis

Nov 30, 2023 by iHash Leave a Comment

Microsoft has released security updates for 58 vulnerabilities, including five zero-days, three of which are being actively exploited. One of the zero-days (CVE-2023-36025) is a Windows SmartScreen Security Feature Bypass Vulnerability, the second (CVE-2023-36033) is a privilege escalation vulnerability in the Windows DWM Core Library, and the third (CVE-2023-36036) is another … [Read more...] about November Patch Tuesday 2023: Updates and Analysis

October 2023 Patch Tuesday: Updates and Analysis

Oct 27, 2023 by iHash Leave a Comment

This month marks the 20th anniversary of Patch Tuesday, and Microsoft has released security updates for 104 vulnerabilities, including three zero-days. One of the zero-days (CVE-2023-41763) is an elevation of privilege vulnerability in Microsoft Skype for Business. The second (CVE-2023-36563) is an information disclosure vulnerability in Microsoft WordPad, and the third … [Read more...] about October 2023 Patch Tuesday: Updates and Analysis

August 2023 Patch Tuesday: Updates and Analysis

Aug 22, 2023 by iHash Leave a Comment

Microsoft has released security updates for 76 vulnerabilities and two zero-days for its August 2023 Patch Tuesday rollout. One of the zero-days (CVE-2023-38180) is a denial-of-service vulnerability in .NET and Visual Studio. The other zero-day (CVE-2023-36884) received a Defense in Depth update to mitigate a flaw under active attack; however, it is not a patch. Six of the … [Read more...] about August 2023 Patch Tuesday: Updates and Analysis

JBL Flip 6 Portable Bluetooth Speaker (Open Box) for $74

Navee V25 300W Foldable e-Scooter for $299

Smart Tracker Includes Key Ring – Works with Apple Find My App (2-Pack) for $34

Harmony Premium Plan Lifetime Subscription for $99

Lenovo 11.6" 100e Chromebook 2nd Gen (2019) MediaTek MT8173C 4GB RAM 16GB eMMC (Refurbished) for $54