Microsoft is publishing 114 vulnerabilities this January 2026 Patch Tuesday. Today’s menu includes just one vulnerability marked as exploited in the wild, as well as two vulnerabilities where Microsoft is aware of public disclosure. There are no critical remote code execution or elevation of privilege vulnerabilities.
So far this month, Microsoft has already provided patches to address one browser vulnerability and around a dozen vulnerabilities in open source products, which are not included in the Patch Tuesday count above.
Read more…
Source: Rapid7
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- 10 new vulnerabilities disclosed by Talos, including use-after-free issue in Google Chrome
September 27, 2023
Cisco Talos disclosed 10 vulnerabilities over the past two weeks affecting a range of software, including the popular Google Chrome web browser. Attackers could exploit these vulnerabilities to carry out a variety of attacks, in some cases gaining the ability to execute remote code on the targeted machine. Read more… Source: Cisco Talos
- CISA Releases Six Industrial Control Systems Advisories
September 26, 2023
CISA released six Industrial Control Systems (ICS) advisories on September 26, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-269-01 Suprema BioStar 2 ICSA-23-269-02 Hitachi Energy Asset Suite 9 ICSA-23-269-03 Mitsubishi Electric FA Engineering Software Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency Related: CISA Adds Three Known Exploited Vulnerabilities to Catalog
- Emergency update: Apple patches three zero-days
September 22, 2023
Apple has released security updates for several products to address a handful of zero-day vulnerabilities that may already have been used by criminals. Updates are available for: iOS 16.7 and iPadOS 16.7 iOS 17.0.1 and iPadOS 17.0.1 watchOS 9.6.3 watchOS 10.0.1 macOS Ventura 13.6 macOS Monterey 12.7 Safari 16.6.1 The updates may already have reached you in your regular update routines, but it ...
- CISA Releases Six Industrial Control Systems Advisories
September 21, 2023
CISA released six Industrial Control Systems (ICS) advisories on September 21, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-264-01 Real Time Automation 460 Series ICSA-23-264-02 Siemens Spectrum Power 7 ICSA-23-264-03 Delta Electronics DIAScreen Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency Related: ISC Releases Security Advisories for BIND 9
- Africa among regions with highest number of industrial systems under attack in the first half of 2023
September 21, 2023
In the first half of 2023 Africa had the highest percentage of ICS computers on which spyware was blocked (9,8%) JOHANNESBURG, South Africa – Malicious objects of all types were detected and blocked on 34% of Industrial Control System (ICS) computers in the first half of 2023, according to the ICS CERT landscape report (https://apo-opa.info/3LwG719) by ...
- CISA Releases Four Industrial Control Systems Advisories
September 19, 2023
CISA released four Industrial Control Systems (ICS) advisories on September 19, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-262-01 Siemens SIMATIC PCS neo Administration Console ICSA-23-262-03 Omron Engineering Software Zip-Slip Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency Related: CISA Adds One Known Exploited Vulnerability to Catalog