< ciso
brief />
Tag Banner

All news with #patch release tag

439 articles · page 12 of 22

Microsoft releases Windows 10 KB5075912 ESU update

🔒 Microsoft released the Windows 10 KB5075912 extended security update for ESU-enrolled systems and Enterprise LTSC installations to address February 2026 Patch Tuesday fixes, including six actively exploited zero-day vulnerabilities. After installation, affected systems are updated to build 19045.6937 (or 19044.6937 for LTSC 2021). The update also continues a phased rollout of replacement Secure Boot certificates and resolves a Secure Launch-related shutdown/hibernation issue.
read more →

Windows 11 KB5077181 and KB5075941 February 2026 Updates

🔒 Microsoft released Windows 11 cumulative updates KB5077181 (for 25H2/24H2) and KB5075941 (for 23H2) delivering the February 2026 Patch Tuesday security fixes, bug fixes, and feature improvements. The updates move systems to 26200.7840 (25H2), 26100.7840 (24H2), and 226x1.6050 (23H2). Notable additions include Cross‑Device Resume expansion, an inbox Windows MIDI Services implementation, enhanced Windows Hello peripheral fingerprint support, and a user toggle for Smart App Control. Install via Settings > Windows Update or download from the Microsoft Update Catalog.
read more →

Microsoft updates Secure Boot certs before June 2026

🔐 Microsoft has begun rolling out updated Secure Boot certificates through regular monthly Windows updates to replace the original 2011 certificates that will expire in late June 2026. The automatic refresh targets devices with Microsoft-managed updates; many PCs shipped since 2024 and most built in 2025 already include the new certificates. Some systems may still require separate OEM firmware updates before the new certs can be installed. Administrators can also deploy the new certificates via registry keys, Group Policy, or the Windows Configuration System to ensure Windows Boot Manager and Secure Boot protections remain in place.
read more →

BeyondTrust Patches Critical Pre-Auth RCE in RS and PRA

🔒 BeyondTrust has released updates to address a critical pre-authentication remote code execution vulnerability affecting Remote Support and older Privileged Remote Access versions. The flaw, tracked as CVE-2026-1731, is an operating-system command injection rated 9.9 on the CVSS scale and allows unauthenticated attackers to execute OS commands in the context of the site user. Patches (BT26-02-RS and BT26-02-PRA) or upgrades to the fixed releases should be applied immediately, and self-hosted customers without automatic updates must apply the fix manually.
read more →

CISA: SmarterMail RCE Flaw Actively Exploited by Ransomware

⚠️ CISA warns that ransomware actors are actively exploiting CVE-2026-24423, a critical unauthenticated remote code execution vulnerability in SmarterTools SmarterMail via the ConnectToHub API. SmarterTools released a fix on January 15 (Build 9511) and issued further updates through Build 9526 on January 30. Agencies must apply updates or stop using the product by February 26, 2026, under KEV and BOD 22-01 guidance.
read more →

CISA Flags Actively Exploited SolarWinds WHD Flaw Issue

⚠ CISA has added a critical SolarWinds Web Help Desk vulnerability, CVE-2025-40551, to its Known Exploited Vulnerabilities catalog and flagged it as actively exploited. The flaw is an untrusted data deserialization vulnerability that can enable remote code execution without authentication, allowing attackers to run commands on affected hosts. SolarWinds released patches in WHD version 2026.1 that also address several related high-severity CVEs. Federal Civilian Executive Branch agencies are required to remediate this flaw under BOD 22-01, with a February 6, 2026, deadline.
read more →

Mitsubishi FREQSHIP-mini for Windows: Incorrect Permissions

⚠️ A high-severity vulnerability (CVE-2025-10314) affects Mitsubishi Electric FREQSHIP-mini for Windows versions 8.0.0 through 8.0.2 due to incorrect default permissions. A local attacker with write access to the installation directory could replace service executables or DLLs and execute code with SYSTEM privileges, potentially modifying or destroying data or causing denial of service. Mitsubishi released version 8.1.0 to address the issue; administrators should install the update and apply vendor mitigations, limit remote access, and maintain endpoint protections.
read more →

Microsoft to Disable NTLM Authentication by Default in Windows

🔒 Microsoft has moved the long-planned phase-out of NTLM into a default-disable posture for Windows 11 and Windows Server. Introduced in the 1990s and largely superseded by Kerberos since Windows 2000, NTLM still appears in many legacy enterprise systems and enables attacks such as NTLM relay. Administrators have been preparing for years, but Microsoft now considers NTLM deprecated and has published a timetable for deactivation to help organizations plan.
read more →

Amazon RDS for MySQL: New Minor Versions 8.0.45 & 8.4.8

🔒 Amazon RDS for MySQL now supports the MySQL community minor releases 8.0.45 and 8.4.8. AWS recommends upgrading to these minors to remediate known security vulnerabilities present in earlier releases and to benefit from bug fixes, performance improvements, and incremental features. You can enable automatic minor version upgrades to apply eligible updates during scheduled maintenance windows to reduce manual effort. For lower-risk updates and faster cutover, consider Amazon RDS Managed Blue/Green deployments and follow the Amazon RDS User Guide for upgrade instructions, regional availability, and pricing details.
read more →

Microsoft fixes Windows 11 bug hiding password icon

🔒 Microsoft has resolved a Windows 11 sign-in issue that caused the password icon to disappear from lock screen options after installing August 2025 updates and later. Affected users with multiple sign-in methods could still sign in by hovering over the placeholder to reveal the hidden button. The fix is included in the optional January 2025 KB5074105 preview update released January 29; install via Settings > Windows Update or the Microsoft Update Catalog.
read more →

Microsoft Fixes Outlook Bug Blocking Encrypted Emails

✅ Microsoft has issued a fix for a known issue that prevented Microsoft 365 customers from opening Encrypt Only messages in classic Outlook after a December update. Impacted users saw a message_v2.rpmsg attachment instead of readable content and a 'restricted permission' notice in the Reading Pane. Microsoft says the repair is available in the Beta Channel now and will roll to Current Channel and Current Channel Preview in February. Temporary workarounds are provided for users who cannot upgrade immediately.
read more →

Windows 11 KB5074105 Preview Fixes Boot and Sign-In

🔧 Microsoft released the optional January 2026 preview cumulative update KB5074105 for Windows 11, delivering 32 non-security quality fixes administrators can validate before Patch Tuesday. The preview moves 25H2 devices to build 26200.7705 and 24H2 devices to 26100.7705 and can be installed via Settings > Windows Update or the Microsoft Update Catalog. Key fixes address sign-in and boot failures, activation problems during license migrations, expanded Cross-Device Resume for Android-to-PC activity continuation (examples include resuming Spotify, Office work, or browsing sessions), and broader Windows Hello Enhanced Sign-in Security support for peripheral fingerprint sensors. Additional reliability fixes target UAC elevation hangs, graphics-related system errors (dxgmms2.sys, KERNEL_SECURITY_CHECK_FAILURE), Windows Sandbox startup failures (0x800705b4), startup/login hangs and iSCSI boot issues. Administrators are advised to test the update in lab environments before wide deployment.
read more →

SmarterMail Patches Critical Unauthenticated RCE, NTLM Fix

⚠️ SmarterTools released builds addressing critical vulnerabilities in SmarterMail, including an unauthenticated remote code execution flaw (CVE-2026-24423) rated CVSS 9.3. The flaw in the ConnectToHub API allowed an attacker to direct SmarterMail to a malicious HTTP server that serves OS commands, which the application could execute; this was fixed in Build 9511 on January 15, 2026. A separate NTLM-related path coercion issue (CVE-2026-25067, CVSS 6.9) that could force outbound SMB authentication and enable NTLM relay was patched in Build 9518 (January 22, 2026). Administrators should update immediately.
read more →

Ivanti EPMM Zero-Days Allow Unauthenticated RCE, Patch Issued

⚠️ Ivanti has released security updates addressing two critical zero-day code-injection flaws in Endpoint Manager Mobile (EPMM) — CVE-2026-1281 and CVE-2026-1340 (both CVSS 9.8) — which enable unauthenticated remote code execution and have been observed in limited attacks. One of the defects, CVE-2026-1281, was added to CISA’s KEV catalog, imposing a Federal remediation deadline of February 1, 2026. A temporary RPM patch is available for affected 12.x releases but does not persist through upgrades; Ivanti plans a permanent fix in EPMM 12.8.0.0 due Q1 2026. Customers are urged to check Apache access logs using the provided regex, inspect administrative and configuration changes, and restore or rebuild compromised appliances if indicators of attack are found.
read more →

Microsoft January 2026 Out-of-Band Office Update Patch

⚠️ Microsoft released three out-of-band updates in January 2026, including a security update addressing CVE-2026-21509 in Microsoft Office, which has been reportedly exploited in the wild. The vulnerability is rated Important with a CVSS 3.1 score of 7.8 and is considered local, requiring a user to open a malicious Office document or for an attacker to have system access. Microsoft notes the issue cannot be triggered via the Preview Pane and has published mitigation guidance. Talos published Snort and ClamAV detections and advises customers to apply the latest rules and SRU updates.
read more →

OpenSSL patches 12 vulnerabilities discovered by AISLE

🔒 A coordinated security update addressed 12 previously unknown vulnerabilities in OpenSSL, disclosed by AISLE through a coordinated process with project maintainers. The issues span multiple subsystems — from legacy CMS parsing to QUIC and post-quantum signature handling — and include a high-severity stack buffer overflow in CMS AuthEnvelopedData that could enable remote code execution under specific conditions. Remediation included fixes merged into releases and six additional issues resolved before reaching users.
read more →

SolarWinds Patches Critical Web Help Desk RCE and Bypass

🔒 SolarWinds released updates for Web Help Desk to address critical authentication bypass and remote code execution vulnerabilities, including CVE-2025-40551, CVE-2025-40552 and CVE-2025-40553. Reported by researchers at watchTowr and Horizon3.ai, the flaws allow unauthenticated attackers to bypass authentication and execute commands via deserialization and other vectors. Administrators should upgrade to Web Help Desk 2026.1 immediately to mitigate risk.
read more →

Microsoft issues second out-of-band Windows fix in a week

🔧 Microsoft has issued emergency out-of-band updates after users reported that the January 13 Patch Tuesday releases caused some applications, notably Outlook, to hang or behave unexpectedly when accessing files stored on cloud services such as OneDrive and Dropbox. The company released cumulative fixes — including KB5078127 for Windows 11, KB5078129 for Windows 10 and server updates KB5078131/KB5078136/KB5078135 — to address PST-file issues that could cause hangs, missing sent items or repeated redownloads. Administrators should review the KB notes, test in their environments and deploy the patches to restore normal email and cloud-file workflows.
read more →

Microsoft issues emergency OOB updates to fix Outlook

🔧 Microsoft has released out-of-band updates for Windows 10, Windows 11, and Windows Server to address an issue that caused Outlook to freeze when opening PST files stored in cloud-backed storage such as OneDrive or Dropbox. The problem emerged after the January 13, 2026 Patch Tuesday updates and mainly affected classic Outlook configurations used in enterprises. Affected instances could become unresponsive until the process was terminated or the system restarted, and users reported missing Sent Items and duplicate downloads. The fixes are available via Windows Update or the Microsoft Download Catalog and include several KB updates for specific Windows and Server versions.
read more →

Critical Telnetd Auth Bypass in GNU InetUtils Exploited

⚠️ A coordinated campaign is exploiting a critical authentication-bypass flaw in the GNU InetUtils telnetd server, tracked as CVE-2026-24061. The bug, present since 2015, lets attackers set the USER environment variable (for example USER=-f root) to bypass /usr/bin/login and obtain a root shell. Patches are in InetUtils 2.8; mitigations include disabling telnetd or blocking TCP port 23. GreyNoise observed limited, mostly automated exploitation activity and recommends immediate patching and hardening.
read more →