< ciso
brief />
Tag Banner

All news with #patch release tag

439 articles · page 14 of 22

Microsoft Updates WinSqlite3.dll After False Positives

🔔 Microsoft has released updates to WinSqlite3.dll after third-party security tools began flagging the Windows core DLL as vulnerable to CVE-2025-6965. The company said the false positive affected Windows 10, Windows 11, and server editions through Windows Server 2025. Microsoft resolved the detection in updates released January 13, 2026 and later and urges users to install the latest patches. It also clarified WinSqlite3.dll is distinct from sqlite3.dll.
read more →

Pax8 Email Error Exposes MSP and Microsoft Licensing Data

⚠️ Pax8 confirmed it mistakenly emailed a CSV attachment on January 13 that contained internal pricing and Microsoft licensing data to fewer than 40 UK-based partners. Recipients reported the file listed about 56,000 entries covering roughly 1,800 partners, with fields including partner and customer IDs, SKUs, license counts, renewal dates, and booking details. Pax8 asked recipients to delete the message, required deletion confirmations, and said it launched an internal review. The company maintains the file did not contain personally identifiable information and that marketplace availability and security controls were not affected.
read more →

Fortinet Fixes Critical FortiSIEM Remote Code Flaw

🔒 Fortinet issued patches for a critical FortiSIEM vulnerability (CVE-2025-64155, CVSS 9.4) that permits unauthenticated OS command injection and remote code execution via the phMonitor service on TCP port 7900. The flaw enables argument injection leading to arbitrary file writes as admin and a cron-triggered escalation to root. Affected releases span 6.7–7.4 with fixed builds; 7.5 and FortiSIEM Cloud are not impacted. Apply vendor updates or restrict access to port 7900 as a temporary mitigation.
read more →

Microsoft January 2026 Patch: 114 Windows Flaws Fixed

🔒 Microsoft released its first security update of 2026 addressing 114 vulnerabilities across Windows, including one actively exploited in the wild. The set includes eight Critical and 106 Important flaws, spanning privilege escalation, information disclosure, and remote code execution issues. Administrators are urged to prioritize the exploited CVE-2026-20805 and VBS-related fixes, and to follow guidance for Secure Boot certificate updates to avoid disruption.
read more →

Critical Node.js bug can crash apps via async_hooks

⚠️ Node.js has released critical updates to address a bug that can force the runtime to exit rather than throw a catchable error when a stack overflow occurs with async_hooks enabled. The defect causes Node.js to terminate with exit code 7, creating a potential Denial-of-Service vector for applications whose recursion is controlled by unsanitized input. A fix is available in Node.js 20.20.0, 22.22.0, 24.13.0, and 25.3.0; older, EOL releases remain vulnerable. Users and maintainers are urged to update promptly.
read more →

January 2026 Patch Tuesday: Microsoft critical fixes

🛡️ Microsoft’s January 2026 Patch Tuesday addresses eight critical vulnerabilities and an actively exploited zero-day, with many high‑score flaws affecting Office and SharePoint. The Desktop Window Manager information-disclosure bug (CVE-2026-20805) is already being exploited and can leak memory to enable follow-on attacks. Other priorities include an RRAS heap overflow (CVE-2026-20868), Secure Boot certificate updates (CVE-2026-21265), and multiple NTFS and WinSock elevation issues. Administrators should accelerate patching, restrict local access, and monitor for suspicious activity.
read more →

Microsoft Jan 2026 Patch Tuesday: 113 Flaws, Zero-Day

🔒 Microsoft released January 2026 security updates addressing 113 vulnerabilities across Windows and supported products, including eight rated Critical. The company confirmed active exploitation of a Desktop Window Manager information disclosure flaw, CVE-2026-20805, which researchers say can be chained to code execution bugs. Other prominent fixes include two Office RCEs exploitable via the Preview Pane, a critical Secure Boot bypass, and removal of legacy modem drivers. Experts urge rapid, risk-based patching and careful BIOS/bootloader preparation.
read more →

Microsoft issues replacement Secure Boot certificates

🔒 Microsoft has begun automatically replacing expiring Secure Boot certificates on eligible Windows 11 24H2 and 25H2 systems via Windows Update. The rollout uses high-confidence device targeting and phased signals to ensure only devices with sufficient successful update telemetry receive the new certificates, while administrators can also deploy them using registry keys, WinCS, or Group Policy. Organizations are urged to inventory fleets, verify Secure Boot status, apply firmware updates as needed, and install the certificate updates before existing credentials expire to preserve Secure Boot and pre-boot patching.
read more →

Microsoft Releases Windows 10 KB5073724 ESU Update

🔒 Microsoft released the KB5073724 Extended Security Update for Windows 10, available to Windows 10 Enterprise LTSC and systems enrolled in the ESU program. Install via Settings → Windows Update by performing a manual “Check for Updates”; installs update and raises builds to 19045.6809 (Windows 10) and 19044.6809 (Enterprise LTSC 2021). The update contains only security and bug fixes — including patches for three zero-days, an actively exploited elevation-of-privilege fix in Agere modem drivers, an updated WinSqlite3.dll, and targeted handling for expiring Secure Boot certificates.
read more →

Windows 11 KB5074109 & KB5073455 January 2026 Updates

🛡️ Microsoft released Windows 11 cumulative updates KB5074109 and KB5073455 as the January 2026 Patch Tuesday rollups for 25H2/24H2 and 23H2. The updates are mandatory and advance affected systems to new builds (25H2: 26200.7623 / 24H2: 26100.7462 / 23H2: 226x1.6050), addressing security vulnerabilities, stability fixes, and feature changes. Key fixes include removal of specific legacy modem drivers that will disable dependent hardware, networking repairs for WSL and Azure Virtual Desktop RemoteApp, an NPU idle power fix, an update to WinSqlite3.dll, and a new phased Secure Boot certificate targeting mechanism; Microsoft notes only a minor bug that can hide the password visibility button.
read more →

Microsoft January 2026 Patch Tuesday: 114 Flaws Fixed

🔒Microsoft released its January 2026 Patch Tuesday updates addressing 114 vulnerabilities, including three zero-day flaws and one actively exploited issue. The bulletin patches an actively exploited Desktop Window Manager information disclosure (CVE-2026-20805), renews expiring Secure Boot certificates, and removes legacy Agere modem drivers (agrsm64.sys, agrsm.sys). Eight vulnerabilities are rated Critical, including six remote code execution flaws. Administrators should prioritize these cumulative updates and apply them promptly to reduce exposure.
read more →

Microsoft Patch Tuesday Jan 2026: 112 Fixes and Snort rules

🔒 Microsoft released its January 2026 security updates addressing 112 vulnerabilities across Windows and Office, including eight marked critical. One important issue, CVE-2026-20805, was observed exploited in the wild. Critical flaws include RCEs in LSASS, Word, Excel and Office, plus EoP in the Windows Graphics component and VBS Enclave. Cisco Talos published Snort rules to detect exploitation attempts (Snort 2: 65498, 65499, 65663–65676; Snort 3: 301344, 301368–301374).
read more →

Amazon RDS for PostgreSQL Adds Extended Support Releases

🔔 Amazon RDS for PostgreSQL now offers Extended Support minor releases 12.22-rds.20251114 and 11.22-rds.20251114, which include critical security and bug fixes addressing vulnerabilities present in earlier versions. We recommend upgrading to these releases to reduce exposure and maintain supportability after community maintenance ends. Extended Support provides up to three additional years of critical fixes after a major version’s standard support expiry, giving teams more time to plan major upgrades. These updates are available in all commercial and government regions and can be applied automatically via automatic minor version upgrades during scheduled maintenance windows.
read more →

January 2026 Patch Tuesday: 114 CVEs Including Zero-Days

🔔 Microsoft released its January 2026 Patch Tuesday addressing 114 vulnerabilities, including three zero-days and several Critical flaws. Notable fixes include an actively exploited information-disclosure issue in Windows Desktop Window Manager (CVE-2026-20805) and publicly disclosed zero-days in Agere Soft Modem and Secure Boot. The release also remediates multiple Critical RCE and elevation-of-privilege issues across Windows and Microsoft Office. Organizations should prioritize testing and deployment and apply compensating controls where immediate patching is impractical.
read more →

CISA Flags Critical RCE in HPE OneView Under Attack

⚠️ CISA has added a max-severity remote code execution flaw in HPE OneView (CVE-2025-37164) to its Known Exploited Vulnerabilities catalog after HPE published an advisory and a patch. The vulnerability allows unauthenticated attackers to execute arbitrary commands via a publicly reachable REST API endpoint and carries a CVSS score of 10.0. Organizations face a narrow window to carefully patch management-plane deployments to avoid both exploitation and unintended operational disruption.
read more →

Trend Micro fixes critical RCE in Apex Central console

🔒Trend Micro has released a patch for a critical remote code execution vulnerability (CVE-2025-69258) affecting Apex Central on-premises consoles. A LoadLibraryEX weakness could allow unauthenticated attackers to inject malicious DLLs into MsgReceiver.exe (listening on TCP port 20001) and execute code as SYSTEM without user interaction. Tenable reported the flaw, published technical details and proof-of-concept code, and Trend Micro issued Critical Patch Build 7190 — which also addresses two related DoS flaws — urging customers to apply updates and review remote access and perimeter security.
read more →

Trend Micro Apex Central RCE CVE-2025-69258 Scores 9.8

🔒 Trend Micro has released patches for on-prem Apex Central for Windows to fix multiple flaws, including a critical remote code execution (CVE-2025-69258, CVSS 9.8) that can allow an attacker to load a malicious DLL via LoadLibraryEX. Two additional denial-of-service issues (CVE-2025-69259 and CVE-2025-69260, both CVSS 7.5) were also addressed. Tenable reported the vulnerabilities and notes MsgReceiver.exe (listening on TCP port 20001) is implicated. Customers should apply updates and review remote access controls and perimeter defenses.
read more →

Critical RCE in Hitachi Energy Asset Suite (Jasper)

⚠️ Hitachi Energy has disclosed a critical remote code execution vulnerability in Asset Suite, caused by a Java deserialization flaw in the Jaspersoft library (CVE-2025-10492). The issue affects Asset Suite versions 9.7 and earlier and carries a CVSS v3.1 base score of 9.8 — allowing attackers to execute arbitrary code on vulnerable systems. Hitachi Energy advises upgrading to version 9.8 to remediate the defect. Until patched, administrators should restrict loading of external custom reports, segment networks, and deny internet exposure for control system devices.
read more →

CISA Retires Ten Emergency Directives, Strengthening Security

🛡️ CISA announced the retirement of ten Emergency Directives issued between 2019 and 2024 after required mitigations were implemented or their coverage was incorporated into BOD 22‑01 and CISA’s Known Exploited Vulnerabilities catalog. The closures include directives tied to specific CVEs and high‑profile incidents such as SolarWinds and Exchange. CISA said the action reflects strengthened federal remediation, operational collaboration, and continued emphasis on Secure by Design principles.
read more →

Critical jsPDF Flaw Allows Arbitrary File Read in Node.js

🔒 A critical vulnerability in jsPDF (CVE-2025-68428) affected Node.js deployments and allowed untrusted input passed to file-handling APIs to produce arbitrary file reads and local file inclusion. Endor Labs found that methods like addImage, html, and addFont relied on an insecure loadFile() call, enabling attackers to embed sensitive files into generated PDFs. Maintainers released jsPDF 4.0.0 to restrict filesystem access via Node.js permission mode, but researchers warn upgrading alone may not fully mitigate risk in environments without properly configured runtime permissions.
read more →