Skip to content

A November rain of patches from Microsoft – Sophos News

Microsoft has released patches for 57 vulnerabilities, with 31 of them affecting Windows. Other product groups, including Azure, are also impacted. Out of the 57 vulnerabilities, only 3 are considered critical, with 2 in Windows and 1 in Azure. One important-severity elevation-of-privilege issue affects both .NET and Visual Studio, while another important-severity EoP affects .NET, Visual Studio, and ASP.NET. Three Windows issues are currently being exploited in the wild, and an additional 10 vulnerabilities are expected to be exploited in the next 30 days. Microsoft has also provided information on various other advisories, including those related to Edge/Chromium, BlueTooth, HTTP/2, CBL-Mariner, and Adobe products. Windows Server 2022, 23H2 Edition has also been released. The article provides detailed statistics on the number of CVEs, advisories, and their impact across different products. It also highlights notable updates, including security feature bypass, remote code execution, and spoofing vulnerabilities. Microsoft urges users to update their systems promptly to mitigate these risks. Appendix A lists the patches sorted by impact and severity. Users can manually download the updates from the Windows Update Catalog website.

Leave a Reply

Your email address will not be published. Required fields are marked *