Security News > 2021 > July > Microsoft Patches 3 Under-Attack Windows Zero-Days
Microsoft's embattled security response unit is urging Windows fleet administrators to prioritize fixes for three documented vulns that have already been exploited in live malware attacks.
In all, Microsoft documented 117 vulnerabilities in the Windows ecosystem, some dangerous enough to expose users to remote code execution attacks.
The security fixes cover problems in a range of products, including Microsoft Office, Microsoft Exchange Server, Bing, SharePoint Server, Internet Explorer, Visual Studio and OpenEnclave.
The massive patch bundle comes less than a week after Microsoft released an emergency patch to address the 'PrintNightmare' Windows Print Spooler zero-day.
Security experts have noted problems with Redmond's newest Print Spooler patch but Microsoft insists the fix works as intended.
Separately, Adobe issued multiple security advisories with patches for critical vulnerabilities in a wide range of software products, including the ever-present Adobe Acrobat and Reader application.
News URL
Related news
- Microsoft fixes actively exploited Windows Hyper-V zero-day flaws (source)
- Microsoft fixes Power Pages zero-day bug exploited in attacks (source)
- Microsoft may have scrapped Windows 11's dynamic wallpapers feature (source)
- Ivanti warns of new Connect Secure flaw used in zero-day attacks (source)
- Ivanti zero-day attacks infected devices with custom malware (source)
- Microsoft to force install new Outlook on Windows 10 PCs in February (source)
- Fortinet Warns of New Zero-Day Used in Attacks on Firewalls with Exposed Interfaces (source)
- Microsoft 365 apps crash on Windows Server after Office update (source)
- Hackers use FastHTTP in new high-speed Microsoft 365 password attacks (source)
- Microsoft January 2025 Patch Tuesday fixes 8 zero-days, 159 flaws (source)