Microsoft is publishing 167 vulnerabilities on April 2026 Patch Tuesday. Microsoft is aware of exploitation in the wild for one of today’s vulnerabilities, and public disclosure for one other. Microsoft evaluates 19 of the vulnerabilities published today as more likely to see future exploitation.
So far this month, Microsoft has provided patches to address 80 browser vulnerabilities, which are not included in the Patch Tuesday count above. Regular Patch Tuesday watchers will know that these vulnerability totals are significantly higher than usual, especially the browser numbers. Late last week, Microsoft published patches to resolve more than 60 browser vulnerabilities in a single day, which is a new record in that very specific category.
Read more…
Source: Rapid7
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Ploutus.D Malware Variant Used in U.S.-based ATM Jackpotting Attacks
January 29, 2018
The United States Secret Service issued a warning on Friday to financial institutions citing “credible information” about “planned” attacks against U.S. cash machines using malware that can quickly drain ATM machines dry of cash. The warning came a day after ATM maker Diebold Nixdorf also warned its customers of “potential” ATM Jackpotting attacks moving from Mexico to the U.S. But journalist Brian ...
- Electron critical vulnerability strikes app developers
January 24, 2018
A critical vulnerability affecting Electron desktop apps has been disclosed. Electron is a node.js, V8, and Chromium framework created for the development of cross-platform desktop apps with JavaScript, HTML, and CSS. Compatible with Mac, Linux, and Windows operating systems, the recently-discovered bug impacts Windows alone. The critical vulnerability affects Electron apps which use custom protocol handlers. Assigned the identifier CVE-2018-1000006, the vulnerability ...
- Now Meltdown patches are making industrial control systems lurch
January 15, 2018
Patches for the Meltdown vulnerability are causing stability issues in industrial control systems. SCADA vendor Wonderware admitted that Redmond’s Meltdown patch made its Historian product wobble. “Microsoft update KB4056896 (or parallel patches for other Operating System) causes instability for Wonderware Historian and the inability to access DA/OI Servers through the SMC,” an advisory on Wonderware’s support site explains. Read ...
- CPU bug patch saga: Antivirus tools caught with their hands in the Windows cookie jar
January 9, 2018
Microsoft’s workaround to protect Windows computers from the Intel processor security flaw dubbed Meltdown has revealed the rootkit-like nature of modern security tools. Some anti-malware packages are incompatible with Redmond’s Meltdown patch, released last week, because the tools make, according to Microsoft, “unsupported calls into Windows kernel memory,” crashing the system with a blue screen of death. In extreme ...
- Triple Meltdown: How So Many Researchers Found A 20-Year-Old Chip Flaw At The Same Time.
January 7, 2018
On a cold Sunday early last month in the small Austrian city of Graz, three young researchers sat down in front of the computers in their homes and tried to break their most fundamental security protections. Two days earlier, in their lab at Graz’s University of Technology, Moritz Lipp, Daniel Gruss, and Michael Schwarz had determined to ...
- Rush to fix ‘serious’ computer chip flaws
January 4, 2018
Tech firms are working to fix two bugs that could allow hackers to steal personal data from computer systems. Google researchers said one of the “serious security flaws”, dubbed “Spectre”, was found in chips made by Intel, AMD and ARM. The other, known as “Meltdown” affects Intel-made chips alone. The industry has been aware of the problem for ...