All news with #patch release tag

🔧 Microsoft released an out-of-band hotpatch (KB5084897) to address a Bluetooth device visibility problem impacting hotpatch-enabled Windows 11 Enterprise systems. Connected Bluetooth peripherals may not appear in Settings or Quick Settings, and users might be unable to add new devices because available devices are not listed. The update targets Windows 11 25H2 and 24H2, installs automatically on eligible Enterprise clients, and requires no restart.

⚠️ CISA has added a medium-severity information-disclosure bug, CVE-2025-47813, affecting Wing FTP to its Known Exploited Vulnerabilities catalog after evidence of active exploitation. The flaw can leak the application's installation path when a long value is supplied in the UID session cookie and impacts versions up to 7.4.3. Vendor fixes were released in May with Wing FTP 7.4.4, which also addresses a separate critical RCE (CVE-2025-47812). Federal agencies are advised to apply updates by March 30, 2026.

⚠️ CISA warned federal agencies to secure Wing FTP Server instances after adding CVE-2025-47813 to its catalog of actively exploited vulnerabilities. The flaw allows low-privileged actors to trigger error messages that expose the full local installation path and can be chained with an already-exploited RCE (CVE-2025-47812). The vendor released fixes in Wing FTP Server v7.4.4 in May 2025; organizations should apply updates or vendor mitigations immediately.

🔧 Microsoft released an out-of-band hotpatch (KB5084597) for Windows 11 to address remote code execution flaws in the Routing and Remote Access Service (RRAS) management tool. The update patches CVE-2026-25172, CVE-2026-25173, and CVE-2026-26111 and aligns with fixes shipped in the March 2026 Patch Tuesday release. The hotpatch performs in-memory patching so eligible Enterprise devices enrolled in the hotpatch program via Windows Autopatch receive cumulative fixes without a restart. It applies to Windows 11 25H2, 24H2, and Enterprise LTSC 2024 systems used for remote server management.

⚠️Microsoft is investigating reports that some Samsung laptops running Windows 11 lose access to the C:\ drive after installing the February 2026 security updates. Affected users encounter the error 'C:\ is not accessible - Access denied' and cannot launch applications such as Outlook, Office apps, web browsers, and system utilities. Microsoft says it is working with Samsung and that the problem may be related to the Samsung Share application, but no official workaround has been provided.

🔔 Veeam has released updates to address multiple vulnerabilities in Veeam Backup & Replication, including three critical authenticated RCE flaws affecting builds up to 12.3.2.4165. The three RCE issues (CVE-2026-21666, CVE-2026-21667 and CVE-2026-21708) carry CVSS 9.9 scores and can permit authenticated users to execute code on backup servers; two additional high-severity bugs enable file manipulation and local privilege escalation. Veeam fixed the issues in build 12.3.2.4465 and urges organizations to patch immediately, emphasizing that backup infrastructure represents a highly privileged target for attackers.

🔒 Google released security updates for Chrome to address two high-severity zero-day vulnerabilities that have been exploited in the wild. The flaws—CVE-2026-3909 (Skia out-of-bounds write) and CVE-2026-3910 (V8 sandbox code execution)—are rated CVSS 8.8 and were reported on March 10, 2026. Users should update to versions 146.0.7680.75/76 for Windows and macOS or 146.0.7680.75 for Linux and apply vendor patches for other Chromium-based browsers.

🔒 Google released emergency updates to address two Chrome zero-day vulnerabilities exploited in the wild. The first, CVE-2026-3909, is an out-of-bounds write in the Skia rendering library that can cause crashes or enable code execution; the second, CVE-2026-3910, is an inappropriate implementation issue in the V8 JavaScript/WebAssembly engine. Updates for Chrome Stable are rolling on Windows, macOS, and Linux; users should update promptly. If automatic updates are enabled, the patch will install on next launch.

🔒 Veeam has released security updates addressing seven critical vulnerabilities in Veeam Backup & Replication that could enable remote code execution, file manipulation, or privilege escalation if exploited. Affected builds include 12.3.2.4165 and earlier 12.x releases; fixes are available in 12.3.2.4465 and select fixes in 13.0.1.2067. Notable issues include multiple CVEs with CVSS scores up to 9.9 that allow authenticated domain users, Backup Viewers, or Backup Administrators to execute code, alter files, or escalate privileges. Veeam warned attackers may reverse-engineer patches, and customers are urged to update promptly.

🛡️ Veeam has released updates for Veeam Backup & Replication that address multiple vulnerabilities, including four critical remote code execution (RCE) flaws that allow low-privileged users or Backup Viewer accounts to execute code on backup servers. The key issues (CVE-2026-21666, CVE-2026-21667, CVE-2026-21669, CVE-2026-21708) are fixed in 12.3.2.4465 and 13.0.1.2067. Administrators are urged to upgrade immediately, as ransomware actors have repeatedly targeted VBR to move laterally, steal data, and prevent recovery.

🔒 Apple has released security updates that backport fixes for vulnerabilities exploited by the Coruna exploit kit to older iPhones and iPads that cannot run the latest iOS releases. The patches, issued as iOS/iPadOS 15.8.7 and 16.7.15 builds, remediate kernel and WebKit issues — including CVE-2023-41974, CVE-2024-23222, CVE-2023-43000 and CVE-2023-43010 — to prevent privilege escalation and remote code execution. Affected legacy devices include a range of iPhone 6s through iPhone X models, multiple iPad Air/Pro and mini models, and the 7th‑gen iPod touch.

⚠️ Siemens SIMATIC S7-1500 devices are affected by a high-severity vulnerability (CVE-2025-40943) that allows code injection when a user imports a specially crafted trace file via the device web interface. Siemens has released fixes (notably V4.1.2 and later) for many affected products and is preparing additional updates. Where patches are not yet available, Siemens and CISA advise disabling the web server if unused, restricting access to TCP ports 80/443, and only importing trusted trace files.

⚠️ Siemens has issued updates for Heliox EV chargers after identifying an improper access control vulnerability that could allow an attacker to reach unauthorized services via the charging cable. Affected models include the Heliox Flex 180 kW and Heliox Mobile DC 40 kW stations. Siemens recommends applying the provided over-the-air (OTA) updates and contacting customer support for patch rollout details. CVE-2025-27769 is rated CVSS v3.1 2.6 (Low) and categorized as CWE-923.

🔒 A deserialization vulnerability in Inductive Automation Ignition (CVE-2025-13913) allows a privileged, authenticated user to import a crafted file that executes embedded code during deserialization, potentially running with the OS application service account's permissions. The flaw affects Ignition versions prior to 8.3.0 and carries a CVSS v3.1 base score of 6.3; CISA reports it is not remotely exploitable and no public exploitation is known. Remediation is to upgrade to 8.3.0 or later. As interim mitigations, follow the Ignition Security Hardening Guide, restrict project imports to trusted sources, use dedicated low-privilege service accounts, and segment gateways from corporate networks.

⚠️ Siemens reports that SIDIS Prime versions prior to V4.0.800 include multiple vulnerabilities in third‑party components such as OpenSSL, SQLite, and a range of Node.js libraries. The advisory enumerates numerous CVEs covering memory corruption, DoS, XSS, path traversal, prototype pollution, and other weaknesses. Siemens and CISA recommend updating to V4.0.800 or later, restricting network exposure, and following vendor operational guidance before deployment. Affected systems are used worldwide in critical manufacturing environments and should be assessed promptly.

⚠️ CISA published an advisory for Trane Tracer SC, Tracer SC+, and Tracer Concierge reporting five vulnerabilities that could lead to information disclosure, arbitrary command execution, or denial-of-service. The issues (CVE-2026-28252 through CVE-2026-28256) include broken cryptography, excessive memory allocation, missing authorization, and hard-coded credentials/constants. Affected builds include Tracer SC < v4.4_SP7 and Tracer SC+/Concierge < v6.3.2310; Trane released Tracer SC+ v6.30.2313 to address these flaws. CISA advises isolating control networks, restricting remote access, applying vendor updates, and following ICS defensive best practices.

🔒 Apple has backported a WebKit memory-corruption fix, tracked as CVE-2023-43010, to older iOS and iPadOS releases after the flaw was observed in the Coruna exploit kit. The original mitigation shipped in iOS 17.2 on December 11, 2023; Apple’s recent updates — including iOS 15.8.7 and iOS 16.7.15 — extend protections to devices that cannot run the latest OS. Users with affected legacy devices are advised to install the available backports to mitigate exploitation risk.

🔔 CISA has ordered federal agencies to patch an actively exploited remote code execution flaw in n8n, tracked as CVE-2025-68613, which permits authenticated attackers to run arbitrary code with the n8n process's privileges. The n8n team released n8n v1.122.0 in December to address the issue and urges immediate upgrades; temporary mitigations include restricting workflow creation/editing, limiting OS privileges, and reducing network access. Shadowserver reports over 40,000 exposed instances globally, prompting a March 25 remediation deadline for federal civilian agencies under BOD 22-01.

🔒 SAP, Microsoft, Adobe and many other vendors released patches this month for multiple critical and high‑risk vulnerabilities, including remote code execution and authentication bypasses. SAP addressed two critical flaws — CVE-2019-17571 (Log4j 1.2.17, CVSS 9.8) and CVE-2026-27685 (insecure deserialization, CVSS 9.1) — while Microsoft and Adobe shipped fixes for dozens more. Hewlett Packard Enterprise patched an Aruba AOS‑CX authentication bypass (CVE-2026-23813, CVSS 9.8). Organizations should prioritize fixes for RCE, insecure deserialization, and authentication-bypass issues on Internet-facing and management interfaces.

🔒 Microsoft has released the Windows 10 KB5078885 extended security update for Enterprise LTSC and ESU devices. Install via Settings → Windows Update to move systems to build 19045.7058 (or 19044.7058 for LTSC 2021); the update consolidates March 2026 Patch Tuesday fixes that address 79 vulnerabilities, including two actively exploited zero-days. It also fixes a shutdown/hibernation bug and advances a controlled rollout of new Secure Boot certificates to maintain boot-time validation.