Microsoft today issued security updates to fix at least 56 vulnerabilities in its Windows operating systems and supported software, including two zero-day flaws that are being actively exploited. All supported Windows operating systems will receive an update this month for a buffer overflow vulnerability that carries the catchy name CVE-2025-21418. This patch should be a…
Category: Rapid7
Adam Barnett, Bitlocker, Bob Hopkins, CVE-2024-49142, CVE-2025-21186, CVE-2025-21210, CVE-2025-21298, CVE-2025-21311, CVE-2025-21333, CVE-2025-21334, CVE-2025-21335, CVE-2025-21366, CVE-2025-21395, Exploits, Global Security News, Kev Breen, Latest Warnings, Microsoft Access, Microsoft Patch Tuesday January 2025, Rapid7, Satnam Narang, The Coming Storm, Time to Patch, unpatched.ai, windows 11, Windows Hyper-V, Windows NTLMv1
Microsoft: Happy 2025. Here’s 161 Security Updates
Microsoft today unleashed updates to plug a whopping 161 security vulnerabilities in Windows and related software, including three “zero-day” weaknesses that are already under active attack. Redmond’s inaugural Patch Tuesday of 2025 bundles more fixes than the company has shipped in one go since 2017. Rapid7‘s Adam Barnett says January marks the fourth consecutive month…
APAC, Artificial Intelligence, Australia, Cybersecurity apac, cybersecurity threats apac 2025, cybersecurity vulnerabilities apac 2025, Exploits, Global Security News, Rapid7, Security
APAC: Ransomware to Cause ‘Bumpy’ Security Ride in 2025
Cashed-up ransomware criminals may exploit more zero days while potential blanket ransomware payment bans hang over defenders like a shadow.
Adam Barnett, CVE-2024-49112, CVE-2024-49138, Fortra, Global Security News, Immersive Labs, LDAP, Lightweight Directory Access Protocol, Microsoft Patch Tuesday December 2024, Other, Rapid7, Rob Reeves, Tenable, Tyler Reguly, Windows Common Log File System (CLFS) driver
Patch Tuesday, December 2024 Edition
Microsoft today released updates to plug at least 70 security holes in Windows and Windows software, including one vulnerability that is already being exploited in active attacks. The zero-day seeing exploitation involves CVE-2024-49138, a security weakness in the Windows Common Log File System (CLFS) driver — used by applications to write transaction logs — that…