Security News

Today is Microsoft's February 2023 Patch Tuesday, and security updates fix three actively exploited zero-day vulnerabilities and a total of 77 flaws. This month's Patch Tuesday fixes three actively exploited zero-day vulnerabilities used in attacks.

Patch Tuesday falls on Valentine's Day this year but will it be a special date? While there have been ongoing cyber-attacks of all kinds, it has been relatively quiet on the release of new patches from Microsoft. VMware released a patch back in 2021 which addressed CVE-2021-21974, a heap-overflow vulnerability, which can allow remote code execution.

Glaringly obvious at the very top of the list are the names in the Product column of the first nine entries, dealing with an elevation-of-privilege patch denoted CVE-2013-21773 for Windows 7, Windows 8.1, and Windows RT 8.1. Windows 8.1, which is remembered more as a sort-of "Bug-fix" release for the unlamented and long-dropped Windows 8 than as a real Windows version in its own right, never really caught on.

The first Patch Tuesday fixes shipped by Microsoft for 2023 have addressed a total of 98 security flaws, including one bug that the company said is being actively exploited in the wild.It's also worth noting that the U.S. Cybersecurity and Infrastructure Security Agency has added the vulnerability to its Known Exploited Vulnerabilities catalog, urging federal agencies to apply patches by January 31, 2023.

Patch Tuesday Microsoft fixed 98 security flaws in its first Patch Tuesday of 2023 including one that's already been exploited and another listed as publicly known. Microsoft explains how to trigger this upgrade in the alert as Childs notes: "Situations like this are why people who scream 'Just patch it!' show they have never actually had to patch an enterprise in the real world."

Today is Microsoft's January 2023 Patch Tuesday, and with it comes fixes for an actively exploited zero-day vulnerability and a total of 98 flaws. This is the first Patch Tuesday of 2023, and it fixes a whopping 98 vulnerabilities, with eleven of them classified as 'Critical.

If you procrastinated to deploy these updates the last two months, you are now running at high risk. January 2023 Patch Tuesday forecast There were no preview updates in December as usual due to the holidays, so the first release of the year is always interesting.

Microsoft has pushed out an emergency fix for a problem in Windows Server caused by patch updates that made it impossible for some organizations to create virtual machines on Hyper-V hosts. The issue arose after Windows Server 2019 and Windows Server 2022 users installed two updates that were part of this month's Patch Tuesday releases.

Some users running Windows 10 who installed the KB5021233 cumulative update this month are seeing their operating system crash with the Blue Screen of Death, Microsoft is warning. In an entry over the weekend in its Windows Health Dashboard, the company wrote that the update might cause "a mismatch between the file versions of hidparse.sys in c:/windows/system32 and c:/windows/system32/drivers, which might cause signature validation to fail when cleanup occurs."

Another month, another Microsoft Patch Tuesday, another 48 patches, another two zero-days. An astonishing tale about a bunch of rogue actors who tricked Microsoft itself into giving their malicious code an official digital seal of approval.