Security Update
Windows Server emergency patches fix WSUS bug with PoC exploit
Microsoft has released out-of-band (OOB) security updates to patch a critical-severity Windows Server Update Service (WSUS) vulnerability with publicly available proof-of-concept exploit code. WSUS is a Microsoft product that enables IT administrators to manage and deliver Windows updates to computers within their network. Tracked as CVE-2025-59287, this remote code execution (RCE) security flaw affects only Windows […]
Microsoft September 2025 Patch Tuesday fixes 81 flaws, two zero-days
Today is Microsoft’s September 2025 Patch Tuesday, which includes security updates for 81 flaws, including two publicly disclosed zero-day vulnerabilities. This Patch Tuesday also fixes nine “Critical” vulnerabilities, five of which are remote code execution vulnerabilities, 1 is information disclosure, and 2 are elevation of privileges. The number of bugs in each vulnerability category is listed […]
Windows 10 KB5065429 update includes 14 changes and fixes
Microsoft has released the KB5065429 cumulative update for Windows 10 22H2 and Windows 10 21H2, with fourteen fixes or changes, including fixes for unexpected UAC prompts and severe lag and stuttering issues with NDI streaming software. The Windows 10 KB5065429 update is mandatory as it contains Microsoft’s September 2025 Patch Tuesday security updates, which fix two publicly disclosed zero-day […]
Microsoft: August Windows updates cause severe streaming issues
Microsoft has confirmed that the August 2025 security updates are causing severe lag and stuttering issues with NDI streaming software on some Windows 10 and Windows 11 systems. This comes after widespread reports from users experiencing a wide range of performance problems when using various streaming apps, including OBS (Open Broadcast Software), “Severe stuttering, lag, and choppy audio/video might occur when […]
Microsoft August 2025 Patch Tuesday fixes one zero-day, 107 flaws
Today is Microsoft’s August 2025 Patch Tuesday, which includes security updates for 107 flaws, including one publicly disclosed zero-day vulnerability in Windows Kerberos. This Patch Tuesday also fixes thirteen “Critical” vulnerabilities, nine of which are remote code execution vulnerabilities, three are information disclosure, and one is elevation of privileges. The number of bugs in each […]
Windows 10 KB5063709 update fixes extended security updates enrollment
Microsoft has released the KB5063709 cumulative update for Windows 10 22H2 and Windows 10 21H2, with seven fixes or changes, including a fix for a bug that prevented enrollment in extended security updates. The Windows 10 KB5063709 update is mandatory as it contains Microsoft’s July 2025 Patch Tuesday security updates, which fix one zero-day vulnerability and 136 other flaws. […]
Microsoft releases emergency patches for SharePoint RCE flaws exploited in attacks
Microsoft has released emergency SharePoint security updates for two zero-day vulnerabilities tracked as CVE-2025-53770 and CVE-2025-53771 that have compromised services worldwide in “ToolShell” attacks. In May, during the Berlin Pwn2Own hacking contest, researchers exploited a zero-day vulnerability chain called “ToolShell,” which enabled them to achieve remote code execution in Microsoft SharePoint. These flaws were fixed as part […]
Microsoft July 2025 Patch Tuesday fixes one zero-day, 137 flaws
Today is Microsoft’s July 2025 Patch Tuesday, which includes security updates for 137 flaws, including one publicly disclosed zero-day vulnerability in Microsoft SQL Server. This Patch Tuesday also fixes fourteen “Critical” vulnerabilities, ten of which are remote code execution vulnerabilities, one is an information disclosure, and two are AMD side channel attack flaws. The number […]
Grafana releases critical security update for Image Renderer plugin
Grafana Labs has addressed four Chromium vulnerabilities in critical security updates for the Grafana Image Renderer plugin and Synthetic Monitoring Agent. Although the issues impact Chromium and were fixed by the open-source project two weeks ago, Grafana received a bug bounty submission from security researcher Alex Chapman proving their exploitability in the Grafana components. Grafana […]
Microsoft warns of Windows update delays due to wrong timestamp
Microsoft has confirmed a new known issue causing delivery delays for June 2025 Windows security updates due to an incorrect metadata timestamp. As Redmond explains in recent advisory updates, this bug affects Windows 10 and Windows 11 systems in environments with quality update deferral policies that enable admins to delay update installation on managed devices. […]