Security News > 2024 > March > March Patch Tuesday sees Hyper-V join the guest-host escape club

Patch Tuesday Microsoft's monthly patch drop has arrived, delivering a mere 61 CVE-tagged vulnerabilities - none listed as under active attack or already known to the public.
"This vulnerability would require an authenticated attacker on a guest VM to send specially crafted file operation requests on the VM to hardware resources on the VM which could result in remote code execution on the host server," according to the security update.
Adobe's monthly patch-a-thon saw the outfit release six fixes addressing 56 vulnerabilities in Experience Manager, Premiere Pro, ColdFusion, Bridge, Lightroom and Animate.
The patch for Premiere Pro fixes two critical-severity bugs, and the ColdFusion update also addresses a critical vulnerability that could be abused for code execution.
Both Adobe Bridge and Adobe Animate shore up four critical and important CVEs, while the Lightroom patch fixes one critical vulnerability.
Hot News Note #3425274 fixes a 9.4-rated code injection vulnerability in applications built with SAP Build Apps.
News URL
https://go.theregister.com/feed/www.theregister.com/2024/03/13/patch_tuesday_march_2024/
Related news
- February 2025 Patch Tuesday forecast: New directions for AI development (source)
- Microsoft February 2025 Patch Tuesday fixes 4 zero-days, 55 flaws (source)
- February's Patch Tuesday sees Microsoft offer just 63 fixes (source)
- Microsoft’s Patch Tuesday Fixes 63 Flaws, Including Two Under Active Exploitation (source)
- Patch Tuesday: Microsoft Patches Two Actively Exploited Zero-Day Flaws (source)
- March 2025 Patch Tuesday forecast: A return to normalcy (source)
- Microsoft March 2025 Patch Tuesday fixes 7 zero-days, 57 flaws (source)
- Choose your own Patch Tuesday adventure: Start with six zero day fixes, or six critical flaws (source)
- Patch Tuesday: Microsoft Fixes 57 Security Flaws – Including Active Zero-Days (source)
- April 2025 Patch Tuesday forecast: More AI security introduced by Microsoft (source)