Security News > 2021 > July > Microsoft Patches 3 Under-Attack Windows Zero-Days
Microsoft's embattled security response unit is urging Windows fleet administrators to prioritize fixes for three documented vulns that have already been exploited in live malware attacks.
In all, Microsoft documented 117 vulnerabilities in the Windows ecosystem, some dangerous enough to expose users to remote code execution attacks.
The security fixes cover problems in a range of products, including Microsoft Office, Microsoft Exchange Server, Bing, SharePoint Server, Internet Explorer, Visual Studio and OpenEnclave.
The massive patch bundle comes less than a week after Microsoft released an emergency patch to address the 'PrintNightmare' Windows Print Spooler zero-day.
Security experts have noted problems with Redmond's newest Print Spooler patch but Microsoft insists the fix works as intended.
Separately, Adobe issued multiple security advisories with patches for critical vulnerabilities in a wide range of software products, including the ever-present Adobe Acrobat and Reader application.
News URL
Related news
- Microsoft patches Windows zero-day exploited in attacks on Ukraine (source)
- Microsoft warns of Windows 11 24H2 gaming performance issues (source)
- Microsoft blocks Windows 11 24H2 on some Intel PCs over BSOD issues (source)
- Microsoft Office 2024 now available for Windows and macOS users (source)
- DOJ, Microsoft seize 107 domains used in Russia's Star Blizzard phishing attacks (source)
- Microsoft and DOJ disrupt Russian FSB hackers' attack infrastructure (source)
- Qualcomm patches high-severity zero-day exploited in attacks (source)
- Ivanti warns of three more CSA zero-days exploited in attacks (source)
- Microsoft October 2024 Patch Tuesday fixes 5 zero-days, 118 flaws (source)
- Microsoft fixes Remote Desktop issues caused by Windows Server update (source)