Security News > 2022 > November > Exchange 0-days fixed (at last) – plus 4 brand new Patch Tuesday 0-days!
Unlike ProxyShell, the new bugs weren't directly exploitable by anyone with an internet connection and a misguided sense of cybersecurity adventure.
We therefore assumed, probably in common with most Naked Security readers, that the patches would arrive calmly and unhurriedly as part of the October 2022 Patch Tuesday, still more than two weeks away.
Patch Tuesday in brief - one 0-day fixed, but no patches for Exchange!
We're guessing that these fixes weren't part of the regular Patch Tuesday mechanism because they aren't what Microsoft refer to as CUs, short for cumulative updates.
Those old Exchange bugs weren't the only zero-days patched on Patch Tuesday.
The regular Windows Patch Tuesday updates deal with a further 62 security holes, four of which are bugs that unknown attackers found first, and are already exploiting for undisclosed purposes, or zero-days for short.
News URL
Related news
- November 2024 Patch Tuesday forecast: New servers arrive early (source)
- Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 91 flaws (source)
- Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 89 flaws (source)
- Microsoft slips Task Manager and processor count fixes into Patch Tuesday (source)
- Patch Tuesday: Four Critical Vulnerabilities Paved Over (source)
- December 2024 Patch Tuesday forecast: The secure future initiative impact (source)
- Week in review: Veeam Service Provider Console flaws fixed, Patch Tuesday forecast (source)
- Microsoft December 2024 Patch Tuesday fixes 1 exploited zero-day, 71 flaws (source)
- Microsoft holds last Patch Tuesday of the year with 72 gifts for admins (source)
- Patch Tuesday: Microsoft Patches One Actively Exploited Vulnerability, Among Others (source)