Editor's note
IT administrators who use Microsoft products know the update process that comes with every Patch Tuesday, but they may have trouble keeping track of which updates to prioritize.
Microsoft releases patches to close common vulnerabilities and exposures in the company's software on the second Tuesday every month. Zero-day exploits and out-of-band patches often require administrators' attention outside of the designated Patch Tuesdays. In addition to the pressure of deploying Microsoft security patches, admins must issue updates with caution and test that nothing breaks due to the changes. A bad patch can disrupt functionality throughout the OS or in third-party applications.
1Follow 2019's Microsoft security patches
With insight from security analysts and IT pros on Microsoft security patches, administrators can feel confident in their approach to system patches and other security developments. This collection of monthly Patch Tuesday news stories will keep administrators on track to a more secure enterprise with detailed explanations of Microsoft security patches throughout 2019.
-
Article
Light January Patch Tuesday follows IE out-of-band security update
Microsoft rings in the new year of Patch Tuesdays with a light workload. An out-of-band patch for an Internet Explorer zero-day takes precedence before administrators apply updates for 47 vulnerabilities. The company also issued a fix for a publicly disclosed JET Database Engine remote code execution vulnerability. Read Now
-
Article
Microsoft zero-day vulnerability closed on Patch Tuesday
Multiple zero-days and public disclosures require administrators' attention amid more than 70 unique vulnerabilities. Microsoft initially addressed one zero-day in Exchange with an advisory before delivering a fix on Patch Tuesday. An industry expert also discussed the increase in CVEs (Common Vulnerabilities and Exposures) over the years. Read Now
-
Article
March Patch Tuesday shuts down 2 zero-day exploits
Administrators should prioritize Microsoft's fixes for active attacks on the Win32k component in desktop and server OSes. The rest of the 64 total unique vulnerabilities include 17 rated critical and four public disclosures. Read Now
-
Article
April Patch Tuesday closes 2 zero-day exploits
April Patch Tuesday may seem familiar to Windows administrators who addressed similar Win32k component vulnerabilities with the March security updates. In total, Microsoft fixed 74 unique vulnerabilities across its product portfolio. Read Now
-
Article
May Patch Tuesday fixes zero-day, new Intel CPU bugs
Microsoft released patches for several new Intel CPU bugs and a potential WannaCry successor amid updates for 79 total unique vulnerabilities. The company also delivered a fix for a zero-day escalation of privilege vulnerability that attackers could exploit on most supported Windows desktop and server operating systems. Read Now
-
Article
Microsoft plugs 4 zero-day exploits for June Patch Tuesday
Despite multiple warnings from Microsoft, the threat of the BlueKeep RDP vulnerability to unpatched Windows systems continues to loom following its May Patch Tuesday disclosure. Read Now
-
Article
Microsoft patches two Windows zero-days in July Patch Tuesday
Microsoft fixed two Windows zero-day flaws as part of the July 2019 Patch Tuesday release, which also saw the remediation of 75 other vulnerabilities across Microsoft products. Read Now
-
Article
August Patch Tuesday corrects new 'wormable' exploits
Administrators weighed down by news of the BlueKeep vulnerability will have to contend with a similar bug some are calling DejaBlue. Read Now
-
Article
September Patch Tuesday addresses 2 Windows zero-days
Microsoft issues fixes for 79 unique vulnerabilities, including three public disclosures, as part of its monthly security updates. Read Now