Microsoft is addressing 121 vulnerabilities this April 2025 Patch Tuesday, which is more than twice as many as last month. Microsoft has evidence of in-the-wild exploitation for just one of the vulnerabilities published today, which is already reflected in CISA KEV.
Once again, Microsoft has published zero-day vulnerabilities on Patch Tuesday without evaluating any of them as critical severity at time of publication, so that’s now a seven month unbroken streak. Today also sees the publication of 11 critical remote code execution (RCE) vulnerabilities. 13 browser vulnerabilities have already been published separately this month, and are not included in the total.
Read more…
Source: Rapid7
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Patch Ivanti Standalone Sentry and Ivanti Neurons for ITSM now
March 21, 2024
Ivanti has issued patches for two vulnerabilities. One was discovered in the Ivanti Standalone Sentry, which impacts all supported versions 9.17.0, 9.18.0, and 9.19.0. Older versions are also at risk. The other vulnerability impacts all supported versions of Ivanti Neurons for ITSM—2023.3, 2023.2 and 2023.1, as well as unsupported versions which will need an upgrade before ...
- A patched Windows attack surface is still exploitable
March 14, 2024
On August 8, 2023, Microsoft finally released a kernel patch for a class of vulnerabilities affecting Microsoft Windows since 2015. The vulnerabilities lead to elevation of privilege (EoP), which allows an account with user rights to gain SYSTEM privileges on a vulnerable host. The root cause of this attack surface, according to a 2015 blog, is ...
- Update now! JetBrains TeamCity vulnerability abused at scale
March 8, 2024
JetBrains issued a warning on March 4, 2024 about two serious vulnerabilities in TeamCity server. The flaws can be used by a remote, unauthenticated attacker with HTTP(S) access to a TeamCity on-premises server to bypass authentication checks and gain administrative control of the TeamCity server. TeamCity is a build management and continuous integration and deployment server ...
- Patch now! VMWare escape flaws are so serious even end-of-life software gets a fix
March 8, 2024
VMWare has issued secuity fixes for its VMware ESXi, Workstation, Fusion, and Cloud Foundation products. It has even taken the unusual step of issuing updates for versions of the affected software that have reached thier end-of-life, meaning they would normally no longer be supported. This flaws affect customers who have deployed VMware Workstation, VMware Fusion, and/or ...
- re: Zyxel VPN Series Pre-auth Remote Command Execution
February 21, 2024
On January 25, 2024, SSD Secure Disclosure posted a disclosure titled Zyxel VPN Series Pre-auth Remote Command Execution. The writeup describes an unauthenticated remote command injection vulnerability affecting Zyxel VPN firewalls. That caught VulnCheck researchers attention. The Zyxel VPN series has appeared on the CISA KEV four times now, and the original disclosure didn’t mention a ...
- SolarWinds Releases Critical Security Updates for Access Rights Manager
February 19, 2024
SolarWinds has released security updates addressing five remote code execution (RCE) vulnerabilities in Access Rights Manager (ARM). Path traversal vulnerabilities, CVE-2024-23476 and CVE-2024-23479, are both rated as critical with a CVSSv3 score of 9.6. An unauthenticated attacker could exploit these vulnerabilities, which could lead to RCE. Read more… Source: NHS Digital

