This month’s Microsoft Patch Tuesday addresses 79 vulnerabilities with 22 of them labeled as Critical. Of the 22 Critical vulns, 18 are for scripting engines and browsers. The remaining 4 are remote code execution (RCE) in Remote Desktop, DHCP Server, GDI+, and Word.
This month’s Patch Tuesday addresses 74 vulnerabilities, with 16 labeled as Critical. Eight of the Critical vulns are for scripting engines and browser components, impacting Microsoft browsers and Office, along with another 5 Critical vulns in MSXML. Two Critical remote code execution (RCE) vulnerabilities are patched in GDI+ and IOleCvt.
Patching is the process of repairing system vulnerabilities discovered within the infrastructure or an enhancement to an existing application with addon features. The number of patches required on a consistent basis can be overwhelming. Therefore, it is necessary to devise a patch management process to ensure the proper preventive measures are taken against potential threats, and to assist in attaining new features.
This month’s Patch Tuesday addresses 65 vulnerabilities, with 18 of them labeled as Critical. Thirteen of the Critical vulns are for scripting engines and browser components, impacting Microsoft browsers and Office. Three remote code execution (RCE) vulnerabilities are patched in the Windows DHCP Client, as well as an RCE vuln in Windows Deployment Services TFTP Server and Privilege Escalation in Microsoft Dynamics 365. Adobe’s release is light, with only two CVEs patched in Photoshop CC and Digital Editions.
This month’s Patch Tuesday is very large, with 74 vulns being addressed of which 20 are labeled as critical. Fifteen of these critical vulns are in the Scripting Engine and browsers, with the remainder being GDI+, SharePoint, and DHCP. Microsoft also issued an Advisory for an Exchange 0-day, along with a patch for one of the two reported vulns.
This month’s Patch Tuesday is medium in size, with 47 vulnerabilities covered and only 7 labeled as Critical. Twenty-six of the vulns apply to Windows Servers and Workstation operating systems. Two of the Critical apply to Hyper-V and could lead to RCE on the host system.
To ease up the process of patch management, the Patch Management filter head, under View Definitions, lets you further refine a machine ID / machine group filter based on different patch status attributes/conditions, as seen below:
View filtering can be applied under allfunction pages by selecting a specific View from the drop-down list or Create New.
This month’s Patch Tuesday is medium in weight, with 54 CVEs containing 17 Critical. All but two of the Critical vulnerabilities are in Microsoft’s browsers or browser-related technologies. An additional speculative execution vulnerability announced in June was patched as well.