serisec

Category: Rapid7

  • Patch Tuesday, May 2026 Edition

    Patch Tuesday, May 2026 Edition Artificial intelligence platforms may be just as susceptible to social engineering as human beings, but they are proving remarkably good at finding security vulnerabilities in human-made computer code. That reality is on full display this month with some of the more widely-used software makers — including Apple, Google, Microsoft, Mozilla…

  • How AI Assistants are Moving the Security Goalposts

    How AI Assistants are Moving the Security Goalposts AI-based assistants or “agents” — autonomous programs that have access to the user’s computer, files, online services and can automate virtually any task — are growing in popularity with developers and IT workers. But as so many eyebrow-raising headlines over the past few weeks have shown, these…

  • Patch Tuesday, January 2026 Edition

    Patch Tuesday, January 2026 Edition Microsoft today issued patches to plug at least 113 security holes in its various Windows operating systems and supported software. Eight of the vulnerabilities earned Microsoft’s most-dire “critical” rating, and the company warns that attackers are already exploiting one of the bugs fixed today. January’s Microsoft zero-day flaw — CVE-2026-20805…

  • Microsoft Patch Tuesday, December 2025 Edition

    Microsoft Patch Tuesday, December 2025 Edition Microsoft today pushed updates to fix at least 56 security flaws in its Windows operating systems and supported software. This final Patch Tuesday of 2025 tackles one zero-day bug that is already being exploited, as well as two publicly disclosed vulnerabilities. Despite releasing a lower-than-normal number of security updates…

  • Microsoft Fix Targets Attacks on SharePoint Zero-Day

    Microsoft Fix Targets Attacks on SharePoint Zero-Day On Sunday, July 20, Microsoft Corp. issued an emergency security update for a vulnerability in SharePoint Server that is actively being exploited to compromise vulnerable organizations. The patch comes amid reports that malicious hackers have used the SharePoint flaw to breach U.S. federal and state agencies, universities, and…

  • Microsoft Patch Tuesday, July 2025 Edition

    Microsoft Patch Tuesday, July 2025 Edition Microsoft today released updates to fix at least 137 security vulnerabilities in its Windows operating systems and supported software. None of the weaknesses addressed this month are known to be actively exploited, but 14 of the flaws earned Microsoft’s most-dire “critical” rating, meaning they could be exploited to seize…

  • Patch Tuesday, June 2025 Edition

    Patch Tuesday, June 2025 Edition Microsoft today released security updates to fix at least 67 vulnerabilities in its Windows operating systems and software. Redmond warns that one of the flaws is already under active attack, and that software blueprints showing how to exploit a pervasive Windows bug patched this month are now public. The sole…

  • Patch Tuesday, May 2025 Edition

    Patch Tuesday, May 2025 Edition Microsoft on Tuesday released software updates to fix at least 70 vulnerabilities in Windows and related products, including five zero-day flaws that are already seeing active exploitation. Adding to the sense of urgency with this month’s patch batch from Redmond are fixes for two other weaknesses that now have public…

  • Microsoft: 6 Zero-Days in March 2025 Patch Tuesday

    Microsoft: 6 Zero-Days in March 2025 Patch Tuesday Microsoft today issued more than 50 security updates for its various Windows operating systems, including fixes for a whopping six zero-day vulnerabilities that are already seeing active exploitation. Two of the zero-day flaws include CVE-2025-24991 and CVE-2025-24993, both vulnerabilities in NTFS, the default file system for Windows…

  • Microsoft Patch Tuesday, February 2025 Edition

    Microsoft Patch Tuesday, February 2025 Edition Microsoft today issued security updates to fix at least 56 vulnerabilities in its Windows operating systems and supported software, including two zero-day flaws that are being actively exploited. All supported Windows operating systems will receive an update this month for a buffer overflow vulnerability that carries the catchy name…

  • Microsoft: Happy 2025. Here’s 161 Security Updates

    Microsoft: Happy 2025. Here’s 161 Security Updates Microsoft today unleashed updates to plug a whopping 161 security vulnerabilities in Windows and related software, including three “zero-day” weaknesses that are already under active attack. Redmond’s inaugural Patch Tuesday of 2025 bundles more fixes than the company has shipped in one go since 2017. Rapid7‘s Adam Barnett…

  • Patch Tuesday, December 2024 Edition

    Patch Tuesday, December 2024 Edition Microsoft today released updates to plug at least 70 security holes in Windows and Windows software, including one vulnerability that is already being exploited in active attacks. The zero-day seeing exploitation involves CVE-2024-49138, a security weakness in the Windows Common Log File System (CLFS) driver — used by applications to…