Security News

Today is Microsoft's January 2023 Patch Tuesday, and with it comes fixes for an actively exploited zero-day vulnerability and a total of 98 flaws. This is the first Patch Tuesday of 2023, and it fixes a whopping 98 vulnerabilities, with eleven of them classified as 'Critical.

If you procrastinated to deploy these updates the last two months, you are now running at high risk. January 2023 Patch Tuesday forecast There were no preview updates in December as usual due to the holidays, so the first release of the year is always interesting.

Microsoft has pushed out an emergency fix for a problem in Windows Server caused by patch updates that made it impossible for some organizations to create virtual machines on Hyper-V hosts. The issue arose after Windows Server 2019 and Windows Server 2022 users installed two updates that were part of this month's Patch Tuesday releases.

Some users running Windows 10 who installed the KB5021233 cumulative update this month are seeing their operating system crash with the Blue Screen of Death, Microsoft is warning. In an entry over the weekend in its Windows Health Dashboard, the company wrote that the update might cause "a mismatch between the file versions of hidparse.sys in c:/windows/system32 and c:/windows/system32/drivers, which might cause signature validation to fail when cleanup occurs."

Another month, another Microsoft Patch Tuesday, another 48 patches, another two zero-days. An astonishing tale about a bunch of rogue actors who tricked Microsoft itself into giving their malicious code an official digital seal of approval.

Updates to Windows Server that were included in Microsoft's Patch Tuesday batch of fixes this week could trip up users who want to spin up new virtual machines in some Hyper-V hosts. The software giant is warning the problem can arise after installing the KB5021249 or KB5021237 updates on Windows Server or Azure Stack HCI hosts that are managed by System Center Virtual Machine Manager and are in software-defined networking-enabled environments with a network controller.

Tech giant Microsoft released its last set of monthly security updates for 2022 with fixes for 49 vulnerabilities across its software products. The updates are in addition to 24 vulnerabilities that have been addressed in the Chromium-based Edge browser since the start of the month.

Today is Microsoft's December 2022 Patch Tuesday, and with it comes fixes for two zero-day vulnerabilities, including an actively exploited bug, and a total of 49 flaws. Six of the 49 vulnerabilities fixed in today's update are classified as 'Critical' as they allow remote code execution, one of the most severe types of vulnerabilities.

Rackspace Hosted Exchange outage was caused by ransomwareRackspace has finally confirmed the cause of the security incident that resulted in an ongoing outage of its Hosted Exchange service: it's ransomware. Kali Linux 2022.4 released: Kali NetHunter Pro, desktop updates and new toolsOffensive Security has released Kali Linux 2022.4, the latest version of its popular penetration testing and digital forensics platform.

Microsoft wrapped up a lot of 'loose ends' last month with their November set of updates, but there is still some work to do before the end-of-year holiday season. Let's hope that Microsoft provides some comprehensive updates this month that can fine tune all these nagging stability and connectivity issues.