Microsoft’s November 2022 Patch Tuesday Addresses 62 CVEs (CV
Microsoft’s November 2022 Patch Tuesday Addresses 62 CVEs (CVE-2022-41073) Microsoft patched 62 CVEs in the November 2022 Patch Tuesday update, including nine rated as critical, and 53 rated as important. Four of the vulnerabilities patched this month have been observed exploited in the wild as zero days. Microsoft also released patches for the two zero-day vulnerabilities in Microsoft Exchange Server (CVE-2022-41040 and CVE-2022-41082) disclosed at the end of September. CVE-2022-41049 is a security feature bypass vulnerability affecting Windows Mark of the Web that has been exploited in the wild and for which exploit code is publicly available. Microsoft also patched CVE-2022-41073, an elevation of privilege vulnerability affecting the Windows Print Spooler service. The vulnerability carries a CVSSv3 score of 7.8 and discovery was credited to Microsoft Threat Intelligence Center. For more information about this month's Patch Tuesday release, including Tenable product coverage, please visit our blog.Microsoft’s June 2020 Patch Tuesday Addresses 129 CVEs...
Microsoft’s June 2020 Patch Tuesday Addresses 129 CVEs Including Newly Disclosed SMBv3 Vulnerability (CVE-2020-1206) Microsoft continues its streak of patching over 100 CVEs, addressing 129 CVEs in June, including a fix for a new SMBv3 vulnerability dubbed SMBleed. For the fourth month in a row, Microsoft has patched over 100 CVEs, addressing 129 in the June 2020 Patch Tuesday release. The updates this month include patches for Microsoft Windows, Microsoft Edge, ChakraCore, Internet Explorer, Microsoft Office, Microsoft Office Services and Web Apps, Windows Defender, Microsoft Dynamics, Visual Studio, Azure DevOps and Adobe Flash Player. For more information, including a list of some of the most notable CVEs this month, please check out our blog.