Microsoft has released 84 security patches for its July 2022 Patch Tuesday rollout. Four vulnerabilities are rated Critical in severity and the rest are classified as Important, with one (CVE-2022-22047) under active exploitation. In this blog, the CrowdStrike Falcon Spotlight™ team offers an analysis of this month’s vulnerabilities, as well as insights into the vulnerabilities … [Read more...] about July Patch Tuesday 2022: Updates and Analysis
Tuesday
March 2022 Patch Tuesday: Updates and Analysis
Microsoft has released 71 security patches for its March Patch Tuesday rollout. Of the 71 CVEs addressed, three are ranked as Important zero-days. This month the quantity of patches for Critical vulnerabilities remains low; however, the total number of updates is nearly double what was offered in February 2022. As vulnerabilities and patches continue to be released, and as … [Read more...] about March 2022 Patch Tuesday: Updates and Analysis
February 2022 Patch Tuesday: Updates and Analysis
Microsoft has released 48 security patches for its February Patch Tuesday rollout. None are considered Critical or known to have been actively exploited. CVE-2022-21989, a publicly known zero-day vulnerability in the Windows Kernel, should be closely monitored as the situation continues to unfold. Separate from the patches offered this month, Microsoft has strongly suggested an … [Read more...] about February 2022 Patch Tuesday: Updates and Analysis
January 2022 Patch Tuesday: Updates and Analysis
Kicking off the first Patch Tuesday of 2022, CrowdStrike continues to provide research and analysis regarding critically rated vulnerabilities and the subsequent patches offered by Microsoft. In this month’s updates we see the lion’s share of updates directed at Microsoft’s Windows and Extended Security Update (ESU) products, while other patches target lesser-known components … [Read more...] about January 2022 Patch Tuesday: Updates and Analysis
December 2021 Patch Tuesday: Updates and Analysis
It’s the last Patch Tuesday update of 2021, and as with many other updates this year, this month’s list includes important ones — among them a zero-day (CVE-2021-43890 in AppX installer), multiple critical vulnerabilities and a variety of attack types utilized in several Microsoft product families — highlighting once again that patching and prioritization are prominent programs … [Read more...] about December 2021 Patch Tuesday: Updates and Analysis
November 2021 Patch Tuesday: Updates and Analysis
As the year draws to a close, the active exploitation of Microsoft vulnerabilities continues unabated. Once again, a broad range of Microsoft products are included in this month’s Patch Tuesday update as the aging Microsoft ship is springing security leaks everywhere. Two vulnerabilities, CVE-2021-42292 and CVE-2021-42321, have seen in-the-wild exploitation, and four other … [Read more...] about November 2021 Patch Tuesday: Updates and Analysis