Patch Tuesday - The Stack (Page 3)

Patch Tuesday: MSFT key storage bug exploited, gives SYSTEM

Six MSFT vulns being actively exploited. Get patchin'

Edward Targett November 09, 2022

This Azure bug is a perfect CVSS 10, gives you control over K8s clusters

This Azure bug is a perfect CVSS 10, gives you control over K8s clusters

A critical vulnerability in an Azure tool that lets users manage Kubernetes clusters can be exploited remotely without authentication to gain administrative control over Kubernetes clusters, as well as Azure edge devices. The vulnerability, allocated a maximum possible CVSS (severity rating) score of 10 has been allocated CVE-2022-37968. It is...

The Stack October 12, 2022

Patch Tuesday: Critical Windows TCP/IP vuln allows bad packets to gain pre-auth RCE, plus 0day

Patch Tuesday: Critical Windows TCP/IP vuln allows bad packets to gain pre-auth RCE, plus 0day

More than half the release involves RCE - time to get patching.

Eliot Beer September 14, 2022

Windows zero day under attack was first reported in 2019

Windows zero day under attack was first reported in 2019

More Microsoft Windows Support Diagnostic Tool goodness...

The Stack August 09, 2022

Patch Tuesday: Exploited Windows 0day, zero-click pre-auth RCE vuln in RPC

Cybersecurity

Read This

vulnerabilities

Patch Tuesday: Exploited Windows 0day, zero-click pre-auth RCE vuln in RPC

Those 700,000 folks with RPC exposed to the internet should probably...

The Stack July 13, 2022

A million Microsoft machines exposed to a zero click, CVSS 9.8 bug

A million Microsoft machines exposed to a zero click, CVSS 9.8 bug

Over a million Microsoft machines appear potentially exposed to a wormable critical new vulnerability, CVE-2022-26809 in Microsoft's ubiquitous remote procedure call (RPC) runtime library. (RPC is as an inter-process communication mechanism for data exchange and functionality invocation in a different process -- a process which can be on...

Edward Targett April 14, 2022