RCE

Microsoft October 2022 Security Updates addresses 84 vulnerabilities (13 rated Critical, 2 zero-days)

The Microsoft October 2022 Security Updates includes patches and advisories for 84 vulnerabilities, including 2 zero-day and 13 Critical severity issues. However, the ProxyNotShell vulnerabilities were not addressed.

CISA adds Critical Microsoft diagnostics tool vulnerability to Catalog of exploited vulnerabilities

The Cybersecurity and Infrastructure Security Agency (CISA) has added one Microsoft Support Diagnostic Tool (MSDT) vulnerability CVE-2022-30190 (aka “Follina”) to its Known Exploited Vulnerabilities Catalog.

Microsoft February 2022 Security Updates (fixes for 16 RCEs, 1 zero-day) 

It was a relatively light Patch Tuesday for Microsoft this month. The Microsoft February 2022 Security Updates includes patches and advisories for 50 vulnerabilities, 16 of those remote code execution flaws and one zero-day (CVE-2022-21989). None are rated Critical.

Fortinet patches High risk RCE vulnerability (CVE-2021-32589) in FortiManager and FortiAnalyzer

Fortinet has patched a High risk use-after-free vulnerability (CVE-2021-32589) in FortiManager and FortiAnalyzer fgfmsd daemon. An attacker could exploit the vulnerability to launch remote code execution (RCE) as root and take control of an impacted system.

Microsoft June 2021 Security Updates includes fixes for 6 zero-day vulnerabilities

Microsoft has released the June 2021 Security updates that includes patches for 50 vulnerabilities, 5 of those rated Critical. The updates also include fixes for 6 zero-day flaws exploited in the wild.