Tag Archives: PatchTuesday

March Microsoft Patch Tuesday

Leave a reply

March Microsoft Patch Tuesday

March Microsoft Patch Tuesday. A total of 79 vulnerabilities, about one and a half times more than in February. What’s truly unusual is that this time there were no vulnerabilities with signs of exploitation in the wild or a public exploit! 🤔 At least not yet. 😏

The following vulnerabilities can be highlighted:

🔹 RCE – Print Spooler (CVE-2026-23669), Office (CVE-2026-26110, CVE-2026-26113), Excel (CVE-2026-26107, CVE-2026-26108, CVE-2026-26109, CVE-2026-26112), SharePoint Server (CVE-2026-26106, CVE-2026-26114)
🔹 EoP – SQL Server (CVE-2026-21262, CVE-2026-26115, CVE-2026-26116), Windows Kernel (CVE-2026-24287, CVE-2026-24289, CVE-2026-26132), Windows Win32k (CVE-2026-24285), SMB Server (CVE-2026-24294, CVE-2026-26128), Windows Graphics Component (CVE-2026-23668), .NET (CVE-2026-26131)
🔹 DoS – .NET (CVE-2026-26127)

🗒 Full Vulristics report

На русском

February Microsoft Patch Tuesday

Leave a reply

February Microsoft Patch Tuesday

February Microsoft Patch Tuesday. A total of 55 vulnerabilities, half as many as in January. There are as many as six (❗️) vulnerabilities being exploited in the wild:

🔻 SFB/RCE – Windows Shell (CVE-2026-21510)
🔻 SFB/RCE – Microsoft Word (CVE-2026-21514)
🔻 SFB – MSHTML Framework (CVE-2026-21513)
🔻 EoP – Windows Remote Desktop Services (CVE-2026-21533)
🔻 EoP – Desktop Window Manager (CVE-2026-21519)
🔻 DoS – Windows Remote Access Connection Manager (CVE-2026-21525)

There is also one vulnerability with a public exploit:

🔸 DoS – libjpeg (CVE-2023-2804)

Notable remaining vulnerabilities:

🔹 RCE – Windows Notepad (CVE-2026-20841)
🔹 Spoofing – Outlook (CVE-2026-21511)
🔹 EoP – Windows Kernel (CVE-2026-21231, CVE-2026-21239, CVE-2026-21245), Windows AFD.sys (CVE-2026-21236, CVE-2026-21238, CVE-2026-21241)

🗒 Full Vulristics report

На русском

January Microsoft Patch Tuesday

Leave a reply

January Microsoft Patch Tuesday

January Microsoft Patch Tuesday. A total of 114 vulnerabilities, twice as many as in December. There is one vulnerability with evidence of in-the-wild exploitation:

🔻 InfDisc – Desktop Window Manager (CVE-2026-20805)

There are also two vulnerabilities with public exploits:

🔸 RCE – Windows Deployment Services (CVE-2026-0386)
🔸 EoP – Windows Agere Soft Modem Driver (CVE-2023-31096)

Other notable vulnerabilities include:

🔹 RCE – Microsoft Office (CVE-2026-20952, CVE-2026-20953), Windows NTFS (CVE-2026-20840, CVE-2026-20922)
🔹 EoP – Desktop Windows Manager (CVE-2026-20871), Windows Virtualization-Based Security (VBS) Enclave (CVE-2026-20876)
🔹 SFB – Secure Boot Certificate Expiration (CVE-2026-21265)

Also noteworthy, reported by Positive Technologies:

🟥 EoP – Windows Telephony Service (CVE-2026-20931)

🗒 Full Vulristics report

На русском

December Microsoft Patch Tuesday

Leave a reply

December Microsoft Patch Tuesday

December Microsoft Patch Tuesday. A total of 56 vulnerabilities were fixed – 9 fewer than in November. There is one vulnerability with confirmed in-the-wild exploitation:

🔻 EoP – Windows Cloud Files Mini Filter Driver (CVE-2025-62221)

There are currently no vulnerabilities with publicly available exploits. Among the remaining vulnerabilities, the following stand out:

🔹 RCE – Microsoft Office (CVE-2025-62554, CVE-2025-62557), Microsoft PowerShell (CVE-2025-54100), Microsoft Outlook (CVE-2025-62562), GitHub Copilot for JetBrains (CVE-2025-64671)
🔹 EoP – Windows Win32k (CVE-2025-62458), Windows Cloud Files Mini Filter Driver (CVE-2025-62454, CVE-2025-62457), Windows Common Log File System Driver (CVE-2025-62470), Windows Remote Access Connection Manager (CVE-2025-62472), Windows Storage (CVE-2025-59516)

🗒 Full Vulristics report

На русском

November Microsoft Patch Tuesday

Leave a reply

November Microsoft Patch Tuesday

November Microsoft Patch Tuesday. A total of 65 vulnerabilities. I’m not comparing this with the October report because I’ve decided to cover only MSPT-day vulnerabilities. The thing is, Microsoft has started massively adding Linux-product vulnerabilities to their official website, and these clutter the “extended” MSPT reports. 🤷‍♂️

There is one vulnerability with evidence of in-the-wild exploitation:

🔻 EoP – Windows Kernel (CVE-2025-62215)

No vulnerabilities have publicly available exploits yet. Notable ones include:

🔹 RCE – GDI+ (CVE-2025-60724), Microsoft Office (CVE-2025-62199), Microsoft Office (CVE-2025-62205, CVE-2025-62216), Agentic AI and Visual Studio Code (CVE-2025-62222), Visual Studio (CVE-2025-62214)
🔹 EoP – Windows Client-Side Caching (CVE-2025-60705), Windows Ancillary Function Driver for WinSock (CVE-2025-60719, CVE-2025-62213, CVE-2025-62217), Microsoft SQL Server (CVE-2025-59499)

🗒 Full Vulristics report

На русском

October Microsoft Patch Tuesday

2 Replies

October Microsoft Patch Tuesday

October Microsoft Patch Tuesday. A total of 213 vulnerabilities – twice as many as in September. Of these, 41 vulnerabilities were added between the September and October MSPT. There are four vulnerabilities with evidence of exploitation in the wild:

🔻 SFB – IGEL OS (CVE-2025-47827) – public exploit available
🔻 EoP – Windows Agere Modem Driver (CVE-2025-24990)
🔻 EoP – Windows Remote Access Connection Manager (CVE-2025-59230)
🔻 MemCor – Chromium (CVE-2025-10585)

Another vulnerability with a public PoC exploit:

🔸 RCE – Unity Runtime (CVE-2025-59489)

Among the remaining vulnerabilities with no public exploits or signs of exploitation in the wild, the following stand out:

🔹 RCE – WSUS (CVE-2025-59287), Microsoft Office (CVE-2025-59227, CVE-2025-59234)
🔹 EoP – Windows Agere Modem Driver (CVE-2025-24052), Windows Cloud Files Mini Filter Driver (CVE-2025-55680)

🗒 Full Vulristics Report

На русском

September Microsoft Patch Tuesday

Leave a reply

September Microsoft Patch Tuesday

September Microsoft Patch Tuesday. A total of 103 vulnerabilities, 29 fewer than in August. Of these, 25 vulnerabilities were added between the August and September MSPT. So far, no vulnerabilities are known to be exploited in the wild. Two have public PoC exploits:

🔸 DoS – Newtonsoft.Json (CVE-2024-21907)
🔸 EoP – Azure Networking (CVE-2025-54914)

Notable among the other vulnerabilities without public exploits:

🔹 RCE – Microsoft Office (CVE-2025-54910), Windows Graphics Component (CVE-2025-55228), NTFS (CVE-2025-54916), SharePoint (CVE-2025-54897), Microsoft HPC Pack (CVE-2025-55232), Hyper-V (CVE-2025-55224), Graphics Kernel (CVE-2025-55226, CVE-2025-55236)
🔹 EoP – Windows NTLM (CVE-2025-54918), Windows Kernel (CVE-2025-54110), Windows SMB (CVE-2025-55234), Windows TCP/IP Driver (CVE-2025-54093), Hyper-V (CVE-2025-54091, CVE-2025-54092, CVE-2025-54098, CVE-2025-54115)

🗒 Full Vulristics report

На русском