Tuesday

December 2024 Patch Tuesday: Updates and Analysis

Dec 11, 2024 by iHash Leave a Comment

Zero-Day Vulnerability (CVE-2024-49138) Exploit Observed in the Wild CVE-2024-49138 is a privilege escalation vulnerability within the Microsoft Windows Common Log File System (CLFS) driver, categorized as Important in severity. CrowdStrike Counter Adversary Operations discovered and privately reported this vulnerability to Microsoft, which subsequently acknowledged, … [Read more...] about December 2024 Patch Tuesday: Updates and Analysis

November 2024 Patch Tuesday: Updates and Analysis

Nov 13, 2024 by iHash Leave a Comment

Microsoft Discloses Vulnerability within Airlift.microsoft.com In an effort to provide additional transparency for Microsoft-hosted services, Microsoft has disclosed a Critical privilege escalation vulnerability within airlift.microsoft.com (CVE-2024-49056). This vulnerability has been fully mitigated by Microsoft and requires no customer interaction. Microsoft has stated … [Read more...] about November 2024 Patch Tuesday: Updates and Analysis

September 2024 Patch Tuesday: Updates and Analysis

Sep 23, 2024 by iHash Leave a Comment

Microsoft has released security updates for 79 vulnerabilities in its September 2024 Patch Tuesday rollout. These include four actively exploited zero-days (CVE-2024-38014, CVE-2024-38217, CVE-2024-38226, CVE-2024-43491). Seven of the vulnerabilities are rated Critical in severity, while the remaining 72 are rated Important or Moderate. September 2024 Risk Analysis This month’s … [Read more...] about September 2024 Patch Tuesday: Updates and Analysis

August 2024 Patch Tuesday: Updates and Analysis

Aug 16, 2024 by iHash Leave a Comment

Microsoft has released security updates for 85 vulnerabilities in its August 2024 Patch Tuesday rollout. These include six actively exploited zero-days (CVE-2024-38213, CVE-2024-38193, CVE-2024-38189, CVE-2024-38178, CVE-2024-38107, CVE-2024-38106). Among the updates is a fix for one of the vulnerabilities related to a ‘downgrade’ attack (CVE-2024-21302). Six of the … [Read more...] about August 2024 Patch Tuesday: Updates and Analysis

May 2024 Patch Tuesday: Updates and Analysis

May 18, 2024 by iHash Leave a Comment

Microsoft has released security updates for 61 vulnerabilities in its May 2024 Patch Tuesday rollout. There are two zero-day vulnerabilities patched, affecting Windows MSHTML (CVE-2024-30040) and Desktop Window Manager (DWM) Core Library (CVE-2024-30051), and one Critical vulnerability patched affecting Microsoft SharePoint Server (CVE-2024-30044). May 2024 Risk Analysis This … [Read more...] about May 2024 Patch Tuesday: Updates and Analysis

April 2024 Patch Tuesday: Updates and Analysis

Apr 25, 2024 by iHash Leave a Comment

Microsoft has released security updates for 150 vulnerabilities in its April 2024 Patch Tuesday rollout, a much larger amount than in recent months. There are three Critical remote code execution vulnerabilities (CVE-2024-21322, CVE-2024-21323 and CVE-2024-29053), all of which are related to Microsoft Defender for IoT, Microsoft’s security platform for IoT devices. April 2024 … [Read more...] about April 2024 Patch Tuesday: Updates and Analysis

March 2024 Patch Tuesday: Updates and Analysis

Mar 15, 2024 by iHash Leave a Comment

Microsoft has released security updates for 60 vulnerabilities in its March 2024 Patch Tuesday rollout. There are two Critical vulnerabilities patched (CVE-2024-21407 and CVE-2024-21408), both of which affect the Hyper-V hypervisor. March 2024 Risk Analysis This month’s leading risk type is elevation of privilege (40%) followed by remote code execution (30%) and a tie between … [Read more...] about March 2024 Patch Tuesday: Updates and Analysis

February 2024 Patch Tuesday: Updates and Analysis

Feb 17, 2024 by iHash Leave a Comment

Microsoft has released security updates for 73 vulnerabilities for its February 2024 Patch Tuesday rollout. These include two actively exploited zero-days (CVE-2024-21412 and CVE-2024-21351), both of which are security feature bypass flaws. Five of the vulnerabilities addressed today are rated Critical while the remaining 68 are rated Important or Moderate. February 2024 Risk … [Read more...] about February 2024 Patch Tuesday: Updates and Analysis

November Patch Tuesday 2023: Updates and Analysis

Nov 30, 2023 by iHash Leave a Comment

Microsoft has released security updates for 58 vulnerabilities, including five zero-days, three of which are being actively exploited. One of the zero-days (CVE-2023-36025) is a Windows SmartScreen Security Feature Bypass Vulnerability, the second (CVE-2023-36033) is a privilege escalation vulnerability in the Windows DWM Core Library, and the third (CVE-2023-36036) is another … [Read more...] about November Patch Tuesday 2023: Updates and Analysis

October 2023 Patch Tuesday: Updates and Analysis

Oct 27, 2023 by iHash Leave a Comment

This month marks the 20th anniversary of Patch Tuesday, and Microsoft has released security updates for 104 vulnerabilities, including three zero-days. One of the zero-days (CVE-2023-41763) is an elevation of privilege vulnerability in Microsoft Skype for Business. The second (CVE-2023-36563) is an information disclosure vulnerability in Microsoft WordPad, and the third … [Read more...] about October 2023 Patch Tuesday: Updates and Analysis

JBL Flip 6 Portable Bluetooth Speaker (Open Box) for $74

Navee V25 300W Foldable e-Scooter for $299

Smart Tracker Includes Key Ring – Works with Apple Find My App (2-Pack) for $34

Harmony Premium Plan Lifetime Subscription for $99

Lenovo 11.6" 100e Chromebook 2nd Gen (2019) MediaTek MT8173C 4GB RAM 16GB eMMC (Refurbished) for $54