#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

Microsoft Patch Tuesday | Breaking Cybersecurity News | The Hacker News

Patch Tuesday: Microsoft Issues Fix for Actively Exploited 'Follina' Vulnerability

Patch Tuesday: Microsoft Issues Fix for Actively Exploited 'Follina' Vulnerability

Jun 15, 2022
Microsoft finally released fixes to address an actively exploited Windows zero-day vulnerability known as Follina as part of its Patch Tuesday updates. Also addressed by the tech giant are  55 other flaws , three of which are rated Critical, 51 are rated Important, and one is rated Moderate in severity. Separately, five more shortcomings were resolved in the Microsoft Edge browser. Tracked as  CVE-2022-30190  (CVSS score: 7.8), the  zero-day bug  relates to a remote code execution vulnerability affecting the Windows Support Diagnostic Tool (MSDT) when it's invoked using the "ms-msdt:" URI protocol scheme from an application such as Word. The vulnerability can be trivially exploited by means of a specially crafted Word document that downloads and loads a malicious HTML file through Word's remote template feature. The HTML file ultimately permits the attacker to load and execute PowerShell code within Windows. "An attacker who successfully exploits this vuln
Microsoft Releases September 2020 Security Patches For 129 Flaws

Microsoft Releases September 2020 Security Patches For 129 Flaws

Sep 08, 2020
As part of this month's Patch Tuesday, Microsoft today released a fresh batch of security updates to fix a total of 129 newly discovered security vulnerabilities affecting various versions of its Windows operating systems and related software. Of the 129 bugs spanning its various products — Microsoft Windows, Edge browser, Internet Explorer, ChakraCore, SQL Server, Exchange Server, Office, ASP.NET, OneDrive, Azure DevOps, Visual Studio, and Microsoft Dynamics — that received new patches, 23 are listed as critical, 105 are important, and one is moderate in severity. Unlike the past few months, none of the security vulnerabilities the tech giant patched in September are listed as being publicly known or under active attack at the time of release or at least not in knowledge of Microsoft. A memory corruption vulnerability ( CVE-2020-16875 ) in Microsoft Exchange software is worth highlighting all the critical flaws. The exploitation of this flaw could allow an attacker to run
How to Find and Fix Risky Sharing in Google Drive

How to Find and Fix Risky Sharing in Google Drive

Mar 06, 2024Data Security / Cloud Security
Every Google Workspace administrator knows how quickly Google Drive becomes a messy sprawl of loosely shared confidential information. This isn't anyone's fault; it's inevitable as your productivity suite is purposefully designed to enable real-time collaboration – both internally and externally.  For Security & Risk Management teams, the untenable risk of any Google Drive footprint lies in the toxic combinations of sensitive data, excessive permissions, and improper sharing. However, it can be challenging to differentiate between typical business practices and potential risks without fully understanding the context and intent.  Material Security, a company renowned for its innovative method of protecting sensitive data within employee mailboxes, has recently launched  Data Protection for Google Drive  to safeguard the sprawl of confidential information scattered throughout Google Drive with a powerful discovery and remediation toolkit. How Material Security helps organ
Microsoft Reveals New Innocent Ways Windows Users Can Get Hacked

Microsoft Reveals New Innocent Ways Windows Users Can Get Hacked

Aug 12, 2020
Microsoft earlier today released its August 2020 batch of software security updates for all supported versions of its Windows operating systems and other products. This month's Patch Tuesday updates address a total of 120 newly discovered software vulnerabilities, of which 17 are critical, and the rest are important in severity. In a nutshell, your Windows computer can be hacked if you: Play a video file — thanks to flaws in Microsoft Media Foundation and Windows Codecs Listen to audio — thanks to bugs affecting Windows Media Audio Codec Browser a website — thanks to 'all time buggy' Internet Explorer Edit an HTML page — thanks to an MSHTML Engine flaw Read a PDF — thanks to a loophole in Microsoft Edge PDF Reader Receive an email message — thanks to yet another bug in Microsoft Outlook But don't worry, you don't need to stop using your computer or without Windows OS on it. All you need to do is click on the Start Menu → open Settings → click Security
cyber security

Uncover Critical Gaps in 7 Core Areas of Your Cybersecurity Program

websiteArmor PointCyber Security / Assessment
Turn potential vulnerabilities into strengths. Start evaluating your defenses today. Download the Checklist.
17-Year-Old Critical 'Wormable' RCE Vulnerability Impacts Windows DNS Servers

17-Year-Old Critical 'Wormable' RCE Vulnerability Impacts Windows DNS Servers

Jul 14, 2020
Cybersecurity researchers today disclosed a new highly critical "wormable" vulnerability—carrying a severity score of 10 out of 10 on the CVSS scale—affecting Windows Server versions 2003 to 2019. The 17-year-old remote code execution flaw ( CVE-2020-1350 ), dubbed ' SigRed ' by Check Point, could allow an unauthenticated, remote attacker to gain domain administrator privileges over targeted servers and seize complete control of an organization's IT infrastructure. A threat actor can exploit SigRed vulnerability by sending crafted malicious DNS queries to a Windows DNS server and achieve arbitrary code execution, enabling the hacker to intercept and manipulate users' emails and network traffic, make services unavailable, harvest users' credentials and much more. In a detailed report shared with The Hacker News, Check Point researcher Sagi Tzadik confirmed that the flaw is wormable in nature, allowing attackers to launch an attack that can spread
SMBleed: A New Critical Vulnerability Affects Windows SMB Protocol

SMBleed: A New Critical Vulnerability Affects Windows SMB Protocol

Jun 09, 2020
Cybersecurity researchers today uncovered a new critical vulnerability affecting the Server Message Block (SMB) protocol that could allow attackers to leak kernel memory remotely, and when combined with a previously disclosed "wormable" bug, the flaw can be exploited to achieve remote code execution attacks. Dubbed " SMBleed " ( CVE-2020-1206 ) by cybersecurity firm ZecOps, the flaw resides in SMB's decompression function — the same function as with SMBGhost or EternalDarkness bug ( CVE-2020-0796 ), which came to light three months ago, potentially opening vulnerable Windows systems to malware attacks that can propagate across networks. The newly discovered vulnerability impacts Windows 10 versions 1903 and 1909, for which Microsoft today released security patches as part of its monthly Patch Tuesday updates for June . The development comes as the US Cybersecurity and Infrastructure Security Agency (CISA) issued an advisory last week warning Windows 10
Microsoft Releases June 2020 Security Patches For 129 Vulnerabilities

Microsoft Releases June 2020 Security Patches For 129 Vulnerabilities

Jun 09, 2020
Microsoft today released its June 2020 batch of software security updates that patches a total of 129 newly discovered vulnerabilities affecting various versions of Windows operating systems and related products. This is the third Patch Tuesday update since the beginning of the global Covid-19 outbreak, putting some extra pressure on security teams struggling to keep up with patch management while proceeding with caution that should not break anything during this lockdown season. The 129 bugs in the June 2020 bucket for sysadmins and billions of users include 11 critical vulnerabilities—all leading to remote code execution attacks—and 118 classified as important in severity, mostly leading to privilege escalation and spoofing attacks. According to the advisories Microsoft released today, hackers, fortunately, don't appear to be exploiting any of the zero-day vulnerabilities in the wild, and details for none of the flaws addressed this month was disclosed publicly before thi
Microsoft Issues Patches for 3 Bugs Exploited as Zero-Day in the Wild

Microsoft Issues Patches for 3 Bugs Exploited as Zero-Day in the Wild

Apr 14, 2020
It's April 2020 Patch Tuesday , and during these challenging times of coronavirus pandemic, this month's patch management process would not go easy for many organizations where most of the resources are working remotely. Microsoft today released the latest batch of software security updates for all supported versions of its Windows operating systems and other products that patch a total of 113 new security vulnerabilities, 17 of which are critical and 96 rated important in severity. Patches for 4 Zero-Days Exploited In the Wild Most importantly, two of the security flaws have been reported as being publicly known at the time of release, and the 3 are being actively exploited in the wild by hackers. One of the publicly disclosed flaws, which was also exploited as zero-day, resides in the Adobe Font Manager Library used by Windows, the existence of which Microsoft revealed last month within an early security warning for its millions of users. Tracked as CVE-2020-10
Microsoft Issues March 2020 Updates to Patch 115 Security Flaws

Microsoft Issues March 2020 Updates to Patch 115 Security Flaws

Mar 11, 2020
Microsoft today released security updates to fix a total of 115 new security vulnerabilities in various versions of its Windows operating system and related software—making March 2020 edition the biggest ever Patch Tuesday in the company's history. Of the 115 bugs spanning its various products — Microsoft Windows, Edge browser, Internet Explorer, Exchange Server, Office, Azure, Windows Defender, and Visual Studio — that received new patches, 26 have been rated as critical, 88 received a severity of important, and one is moderate in severity. However, unlike last month , none of the vulnerabilities the tech giant patched this month are listed as being publicly known or under active attack at the time of release. It's worth highlighting that the patch addresses critical flaws that could be potentially exploited by bad actors to execute malicious code by specially crafted LNK files and word documents. Titled "LNK Remote Code Execution Vulnerability" ( CVE-2020
Update Microsoft Windows Systems to Patch 99 New Security Flaws

Update Microsoft Windows Systems to Patch 99 New Security Flaws

Feb 11, 2020
A few hours after Adobe today released security updates for five of its widely-distributed software, Microsoft also issued its February 2020 Patch Tuesday edition with patches for a total of 99 new vulnerabilities. According to the advisories, 12 of the total issues patched by the tech giant this month are critical in severity, and the remaining 87 have been listed as important. Five of the bugs are listed as publicly known at the time of release, four of which are important in severity and one critical ( CVE-2020-0674 ) that is also listed as under active attack. Microsoft warned about this zero-day vulnerability in Internet Explorer (IE) browser last month when it released an advisory without releasing a patch for millions of its affected users. As explained previously, this flaw could allow a remote attacker to execute arbitrary code on targeted computers and take full control over them just by convincing victims into opening a maliciously crafted web page on the vulner
Update Windows 10 Immediately to Patch a Flaw Discovered by the NSA

Update Windows 10 Immediately to Patch a Flaw Discovered by the NSA

Jan 14, 2020
After Adobe today releases its first Patch Tuesday updates for 2020, Microsoft has now also published its January security advisories warning billions of users of 49 new vulnerabilities in its various products. What's so special about the latest Patch Tuesday is that one of the updates fixes a serious flaw in the core cryptographic component of widely used Windows 10, Server 2016 and 2019 editions that was discovered and reported to the company by the National Security Agency (NSA) of the United States. What's more interesting is that this is the first security flaw in Windows OS that the NSA reported responsibly to Microsoft, unlike the  Eternalblue SMB flaw that the agency kept secret for at least five years and then was leaked to the public by a mysterious group, which caused WannaCry menace in 2017. CVE-2020-0601: Windows CryptoAPI Spoofing Vulnerability According to an advisory released by Microsoft, the flaw, dubbed ' NSACrypt ' and tracked as CVE-20
Latest Microsoft Update Patches New Windows 0-Day Under Active Attack

Latest Microsoft Update Patches New Windows 0-Day Under Active Attack

Dec 11, 2019
With its latest and last Patch Tuesday for 2019, Microsoft is warning billions of its users of a new Windows zero-day vulnerability that attackers are actively exploiting in the wild in combination with a Chrome exploit to take remote control over vulnerable computers. Microsoft's December security updates include patches for a total of 36 vulnerabilities, where 7 are critical, 27 important, 1 moderate, and one is low in severity—brief information on which you can find later in this article. Tracked as CVE-2019-1458 and rated as Important, the newly patched zero-day Win32k privilege escalation vulnerability, reported by Kaspersky, was used in Operation WizardOpium attacks to gain higher privileges on targeted systems by escaping the Chrome sandbox. Although Google addressed the flaw in Chrome 78.0.3904.87 with the release of an emergency update last month after Kaspersky disclosed it to the tech giant, hackers are still targeting users who are using vulnerable versions of th
Microsoft Releases October 2019 Patch Tuesday Updates

Microsoft Releases October 2019 Patch Tuesday Updates

Oct 08, 2019
Microsoft today rolling out its October 2019 Patch Tuesday security updates to fix a total of 59 vulnerabilities in Windows operating systems and related software, 9 of which are rated as critical, 49 are important, and one is moderate in severity. What's good about this month's patch update is that after a very long time, none of the security vulnerabilities patched by the tech giant this month is being listed as publicly known or under active attack. Moreover, there is no roll-up patch for Adobe Flash Player bundled in Windows update for this month. Besides this, Microsoft has also put up a notice as a reminder for Windows 7 and Windows Server 2008 R2 users, warning them that the extended support for these two operating systems is about to end in the next two months and that they will no longer receive updates as of January 14, 2020. Two of the critical vulnerabilities patched this month are remote code execution flaws in the VBScript engine, and both exist in the way VBS
Microsoft Releases Emergency Patches for IE 0-Day and Windows Defender Flaw

Microsoft Releases Emergency Patches for IE 0-Day and Windows Defender Flaw

Sep 24, 2019
It's not a Patch Tuesday, but Microsoft is rolling out emergency out-of-band security patches for two new vulnerabilities, one of which is a critical Internet Explorer zero-day that cyber criminals are actively exploiting in the wild. Discovered by Clément Lecigne of Google's Threat Analysis Group and tracked as CVE-2019-1367, the IE zero-day is a remote code execution vulnerability in the way Microsoft's scripting engine handles objects in memory in Internet Explorer. The vulnerability is a memory-corruption issue that could allow a remote attacker to hijack a Windows PC just by convincing the user into viewing a specially crafted, booby-trapped web-page hosted online, when using Internet Explorer. "An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affec
Latest Microsoft Updates Patch 4 Critical Flaws In Windows RDP Client

Latest Microsoft Updates Patch 4 Critical Flaws In Windows RDP Client

Sep 10, 2019
Get your update caps on. Microsoft today released its monthly Patch Tuesday update for September 2019, patching a total of 79 security vulnerabilities in its software, of which 17 are rated critical, 61 as important, and one moderate in severity. Two of the security vulnerabilities patched by the tech giant this month are listed as "publicly known" at the time of release, one of which is an elevation of privilege vulnerability (CVE-2019-1235) in Windows Text Service Framework (TSF), more likely related to a 20-year-old flaw Google security researcher disclosed last month . Two other vulnerabilities patched this month are reported as being actively exploited in the wild by hackers, both are privilege elevation flaws—one resides in the Windows operating system and the other in Windows Common Log File System Driver. Besides these, Microsoft has released patches for four critical RCE vulnerabilities in Windows built-in Remote Desktop Client application that could enabl
Microsoft Releases July 2019 Security Updates, 2 Flaws Under Active Attack

Microsoft Releases July 2019 Security Updates, 2 Flaws Under Active Attack

Jul 09, 2019
Microsoft today released its monthly batch of software security updates for the July month to patch a total of 77 vulnerabilities, 14 are rated Critical, 62 are Important, and 1 is rated Moderate in severity. The July 2019 security updates include patches for various supported versions of Windows operating systems and other Microsoft products, including Internet Explorer, Edge, Office, Azure DevOps, Open Source Software, .NET Framework, Azure, SQL Server, ASP.NET, Visual Studio, and Exchange Server. Details of 6 security vulnerabilities, all rated important, were made public before a patch was released, none of which were found being exploited in the wild. However, two new privilege escalation vulnerabilities, one affects all supported versions of the Windows operating system, and the other affects Windows 7 and Server 2008, have been reported as being actively exploited in the wild. Both actively exploited vulnerabilities lead to elevation of privilege, one (CVE-2019-1132)
Microsoft Releases June 2019 Security Updates to Patch 88 Vulnerabilities

Microsoft Releases June 2019 Security Updates to Patch 88 Vulnerabilities

Jun 11, 2019
After Adobe , the technology giant Microsoft today—on June 2019 Patch Tuesday—also released its monthly batch of software security updates for various supported versions of Windows operating systems and other Microsoft products. This month's security updates include patches for a total of 88 vulnerabilities, 21 are rated Critical, 66 are Important, and one is rated Moderate in severity. The June 2019 updates include patches Windows OS, Internet Explorer, Microsoft Edge browser, Microsoft Office and Services, ChakraCore, Skype for Business, Microsoft Lync, Microsoft Exchange Server, and Azure. Four of the security vulnerabilities, all rated important and could allow attackers to escalate privileges, patched by the tech giant this month were disclosed publicly, of which none were found exploited in the wild. Unpatched Issue Reported by Google Researcher However, Microsoft failed to patch a minor flaw in SymCrypt , a core cryptographic function library currently used by
Nearly 1 Million Computers Still Vulnerable to "Wormable" BlueKeep RDP Flaw

Nearly 1 Million Computers Still Vulnerable to "Wormable" BlueKeep RDP Flaw

May 28, 2019
Nearly 1 million Windows systems are still unpatched and have been found vulnerable to a recently disclosed critical, wormable, remote code execution vulnerability in the Windows Remote Desktop Protocol (RDP)—two weeks after Microsoft releases the security patch. If exploited, the vulnerability could allow an attacker to easily cause havoc around the world, potentially much worse than what WannaCry and NotPetya like wormable attacks did in 2017. Dubbed BlueKeep and tracked as CVE-2019-0708, the vulnerability affects Windows 2003, XP, Windows 7, Windows Server 2008 and 2008 R2 editions and could spread automatically on unprotected systems. The vulnerability could allow an unauthenticated, remote attacker to execute arbitrary code and take control of a targeted computer just by sending specially crafted requests to the device's Remote Desktop Service (RDS) via the RDP—without requiring any interaction from a user. Describing the BlueKeep vulnerability as being Wormable
Cybersecurity Resources