Security News > 2020 > February > Microsoft Addresses Active Attacks, Air-Gap Danger with 99 Patches
Microsoft has issued one of its largest Patch Tuesday updates for the shortest month of the year, addressing 99 security vulnerabilities across a range of products.
The update includes a patch for the zero-day memory-corruption vulnerability disclosed in late January that's under active attack.
There were 41 vulnerabilities fixed in the Chromium-based Edge version that were technically not part of Patch Tuesday - which brings the total number of bugs fixed by Microsoft this week to 140.
Two critical remote code-execution vulnerabilities in Remote Desktop were patched, and are likely to be exploited, according to Microsoft.
"The normal updates still apply. OS, browsers, and Office will resolve most of your vulnerabilities from the Microsoft side. SQL and Exchange Admins do get a bit of extra work this month as both of those products are included in the updates released[but with] a couple of patches per system you can take the teeth out of the majority of the risk this month."
News URL
https://threatpost.com/microsoft-active-attacks-air-gap-99-patches/152807/
Related news
- Microsoft fixes 6 zero-days under active attack (source)
- Microsoft says it broke some Windows 10 patching – as it fixes flaws under attack (source)
- Microsoft Identifies Storm-0501 as Major Threat in Hybrid Cloud Ransomware Attacks (source)
- DOJ, Microsoft seize 107 domains used in Russia's Star Blizzard phishing attacks (source)
- Microsoft and DOJ disrupt Russian FSB hackers' attack infrastructure (source)