Patch Tuesday – Page 5 – Computer Security Articles

Security Sophos

Signed driver malware moves up the software trust chain

December 13, 2022 admin 2022-12, adv220005, burntcigar, byovd, cuba ransomware, driver signature enforcement, drivers, Featured, Patch Tuesday, sbom, security operations, signed drivers, sophos x-ops, supply chain compromise, threat research, whcp, whql, windows, x-ops

Credit to Author: Andrew Brandt| Date: Tue, 13 Dec 2022 18:00:15 +0000

The criminals signed their AV-killer malware, closely related to one known as BURNTCIGAR, with a legitimate WHCP certificate

Security Sophos

Microsoft patches 62 vulnerabilities, including Kerberos, and Mark of the Web, and Exchange…sort of

November 8, 2022 admin microsoft, Patch Tuesday, sophos x-ops, threat research

Credit to Author: Matt Wixey| Date: Tue, 08 Nov 2022 18:05:18 +0000

Still no fix for ProxyNotShell, but two MOTW bypasses get squashed

Security Sophos

You can’t always get what you want on Patch Tuesday

October 11, 2022 admin microsoft, Patch Tuesday, threat research

Credit to Author: Angela Gunn| Date: Tue, 11 Oct 2022 17:47:47 +0000

No joy for Exchange admins looking to seal off two widely reported Server vulns

Security Sophos

A lighter Patch Tuesday, but one heavy with remote code execution bugs

September 13, 2022 admin microsoft, Patch Tuesday, sophos x-ops, threat research

Credit to Author: Matt Wixey| Date: Tue, 13 Sep 2022 18:38:14 +0000

There are fewer bugs in September’s update than in previous months, with RCE vulns making up the bulk of the addressed CVEs

MalwareBytes Security

Update now! Microsoft fixes two zero-days in August’s Patch Tuesday

August 11, 2022 admin adobe, Android, Cisco, cve-2022-24477, cve-2022-24516, cve-2022-30133, cve-2022-30134, cve-2022-34713, cve-2022-34715, cve-2022-35743, dogwalk, Exchange, Exploits and vulnerabilities, google, microsoft, msdt, news, nfs, Patch Tuesday, ppp, SAP, VMware

Categories: Exploits and vulnerabilities

Categories: News

Tags: Microsoft

Tags: patch Tuesday

Tags: MSDT

Tags: NFS

Tags: PPP

Tags: Exchange

Tags: CVE-2022-34713

Tags: CVE-2022-35743

Tags: DogWalk

Tags: CVE-2022-30134

Tags: CVE-2022-24477

Tags: CVE-2022-24516

Tags: CVE-2022-30133

Tags: CVE-2022-34715

Tags: Adobe

Tags: Cisco

Tags: Google

Tags: Android

Tags: SAP

Tags: VMWare

Patch Tuesday for August 2022 has come around. We take a look at the most important vulnerabilities that Microsoft’s fixed and a brief look at what other vendors did.

(Read more…)

The post Update now! Microsoft fixes two zero-days in August’s Patch Tuesday appeared first on Malwarebytes Labs.

Security Sophos

Microsoft squares away 121-CVE Patch Tuesday for August

August 10, 2022 admin dogwalk, follina, microsoft, Patch Tuesday, threat research

Credit to Author: Angela Gunn| Date: Wed, 10 Aug 2022 12:31:41 +0000

Another tough month for Azure admins; meanwhile, Windows takes a long road to a Dogwalk

MalwareBytes Security

Update now—July Patch Tuesday patches include fix for exploited zero-day

July 13, 2022 admin adobe, azure site recovery, Cisco, Citrix, csrss, cve-2022-22029, cve-2022-22038, cve-2022-22039, cve-2022-22047, cve-2022-30221, Exploits and vulnerabilities, google android, Patch Tuesday, SAP, SQL Injection, VMware

Credit to Author: Pieter Arntz| Date: Wed, 13 Jul 2022 12:21:53 +0000

July’s Patch Tuesday gives us a lot of important security updates. Most prominently, a known to be exploited vulnerability in Windows CSRSS.

The post Update now—July Patch Tuesday patches include fix for exploited zero-day appeared first on Malwarebytes Labs.

Security Sophos

July Patch Tuesday is Rich in Azure, Windows Issues

July 12, 2022 admin 2022-07, Patch Tuesday, SophosLabs Uncut, threat research

Credit to Author: Angela Gunn| Date: Wed, 13 Jul 2022 03:20:43 +0000

Windows-facing issues make up the bulk of the 85 CVEs addressed, with one vulnerability under active exploit in the wild