Microsoft’s Security Updates, June 2023

Microsoft’s monthly security updates have been released and consist of 69 new patches as well as 25 CVEs previously released by third parties. 
New are:
6 are rated critical
62 are rated important
1 is rated moderate in severity

Additional Reading and details:
https://msrc.microsoft.com/update-guide/
 Dustin Childs review and analysis in Zero Day Initiative:
 https://www.zerodayinitiative.com/blog/2023/6/13/the-june-2023-security-update-review

  **NOTE: Non-security preview releases for supported editions of Windows 10, version 20H2 and Windows 10, version 21H2 have been discontinued. Only cumulative monthly security updates (known as the “B” or Update Tuesday release) will continue for these versions. Windows 10, version 22H2 will continue to receive security and optional releases.

Microsoft Security Updates, March 2023

Today is March’s “Patch Tuesday”. There are 74 new patches from Microsoft.

Please use Windows Settings/ Windows Update or Use Automatic Updates to determine which updates are applicable to your particular system.
To review details please refer to Microsoft’s Update Guide: https://msrc.microsoft.com/update-guide/ and this comprehensive blog by Dustin Childs:  https://www.zerodayinitiative.com/blog/2023/3/14/the-march-2023-security-update-review

In severity the Microsoft March 2023 security updates consist of:
 6 rated Critical /  67 are rated Important / 1 is rated Moderate

Notes: After March 2023, there will be no more optional, non-security preview releases for the supported editions of Windows 10, version 20H2 and Windows 10, version 21H2. Only cumulative monthly security updates (known as the “B” or Update Tuesday release) will continue for these versions. Windows 10, version 22H2 will continue to receive security and optional releases.
The recently retired, out-of-support Internet Explorer 11 desktop application will be permanently turned off using a Microsoft Edge update on certain versions of Windows 10. https://techcommunity.microsoft.com/t5/windows-it-pro-blog/internet-explorer-11-desktop-app-retirement-faq/ba-p/2366549

Microsoft Security Updates, February 2023

The Microsoft February 2023 security updates consist of:
9 rated as critical
66 rated important

Notes:

After March 2023, there are no more optional, non-security preview releases for the supported editions of Windows 10, version 20H2 and Windows 10, version 21H2. Only cumulative monthly security updates (known as the “B” or Update Tuesday release) will continue for these versions. Windows 10, version 22H2 will continue to receive security and optional releases.
The recently retired, out-of-support Internet Explorer 11 desktop application will be permanently turned off using a Microsoft Edge update on certain versions of Windows 10.
See: https://techcommunity.microsoft.com/t5/windows-it-pro-blog/internet-explorer-11-desktop-app-retirement-faq/ba-p/2366549

More reading:
https://www.zerodayinitiative.com/blog/2023/2/14/the-february-2023-security-update-overview

Microsoft Security Updates, January 2023

The Microsoft January 2023 security updates have been released and consist of 98 new CVEs.
11 are rated critical
87 are rated important
At the time of release, one is listed as publicly known and one as being in the wild.

See January 2023 Security Updates – Release Notes – https://msrc.microsoft.com/update-guide/releaseNote/2023-Jan
for information regarding known issues with the security updates as well as the CVEs with FAQs, Mitigations and/or Workarounds.

* In Other News-

Windows 8.1 reached the end of support yesterday. The December 13, 2022 security update was the last update available for this version. Devices running this version will no longer receive monthly security and quality updates.

Windows 10 21HW reached the end of service yesterday as well as Extended Security Updates (ESU) for Windows 7 Professional and Enterprise users today.

Additional Reading:
https://www.zerodayinitiative.com/blog/2023/1/10/the-january-2023-security-update-review

Microsoft Updates for November 2022


This month, Microsoft released 64 new patches addressing CVEs in Microsoft Windows and Windows Components.

This is in addition to five other CVEs from third parties being integrated into Microsoft products bringing the total number of fixes to 69.

Of the 64 new patches released today:
11 are rated Critical
53 are rated Important

There is a full list of CVEs released by Microsoft for November 2022 included in the detailed blog here:
https://www.zerodayinitiative.com/blog/2022/11/8/the-november-2022-security-update-review

The list at Microsoft is here: https://msrc.microsoft.com/update-guide

 

Microsoft Security Updates for October 2022

 

Microsoft has released 85 new patches for October.
 15 are rated Critical
 69 are rated Important
  1 is rated Moderate in severity

There is a full list of CVEs released by Microsoft for October 2022 included in the blog here:
https://www.zerodayinitiative.com/blog/2022/10/11/the-october-2022-security-update-review

The list at Microsoft is here: https://msrc.microsoft.com/update-guide

Microsoft Security Updates July 2022

Microsoft has released 84 new patches addressing CVEs in Microsoft Windows and Windows Components; Windows Azure components; Microsoft Defender for Endpoint; Microsoft Edge (Chromium-based); Office and Office Components; Windows BitLocker; Windows Hyper-V; Skype for Business and Microsoft Lync; Open-Source Software; and Xbox. 

Of the 84 new CVEs released today:
4 are rated Critical
80 are rated Important in severity

For more information and review please see:
https://msrc.microsoft.com/update-guide/

https://www.zerodayinitiative.com/blog/2022/7/12/the-july-2022-security-update-review

Microsoft Updates, June 2022

Microsoft June 2022 security updates have been released and consist of 55 CVEs. 

Severity:
3 critical
51 important
1 moderate 

* Internet Explorer 11 desktop application will be retired and will no longer receive support as of June 15, 2022. See steps at Microsoft Support to enable IE Mod on your Windows 10 or Windows 11 device.
https://support.microsoft.com/en-us/office/internet-explorer-mode-in-microsoft-edge-6604162f-e38a-48b2-acd2-682dbac6f0de

* Windows 10 Versions 1909 and 20H2 have reached the end of service and will no longer receive updates. The most current version of Windows 10 is 21H2.

Additional Reading: Dustin Childs review and analysis in Zero Day Initiative — The June 2022 Security Update Review.
https://www.zerodayinitiative.com/blog/2022/6/14/the-june-2022-security-update-review

Microsoft Security Updates, May 2022

The Microsoft May 2022 security updates have been released and consist of 74 CVEs. 

 7 are rated critical
 65 rated important 
 1 low in severity
Currently one is listed as publicly known and under active exploit. Two additional CVE’s are publicly known.

More information:

https://msrc.microsoft.com/update-guide/releaseNote/2022-May
https://www.zerodayinitiative.com/blog/2022/5/10/the-may-2022-security-update-review