Tripwire's February 2025 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft. Up first on the list are patches for Microsoft Edge (Chromium-based) that resolve 4 remote code execution and 2 spoofing vulnerabilities. Next on the list are patches for Microsoft Office and Excel. These patches resolve 8 issues such as remote code execution and information disclosure vulnerabilities. Next are patches that affect components of the core Windows operating system. These patches resolve over 30 vulnerabilities, including elevation of privilege, information disclosure, and...
Author: Lane Thames
Tripwire's January 2025 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft. First on the list are patches for the Microsoft office platform, including Word, Access, Visio, Excel, OneNote, and Outlook. These patches resolve 13 issues such as remote code execution and security feature bypass vulnerabilities. Next are patches that affect components of the core Windows operating system. These patches resolve over 120 vulnerabilities, including elevation of privilege, information disclosure, and remote code execution vulnerabilities. These vulnerabilities affect core...
Tripwire's December 2024 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft and Adobe. First on the list is a notice about Windows Common Log File System Driver (CLFS). CVE-2024-49138 impacts Windows CLFS, which Microsoft released a patch for in December 2024. This vulnerability has been detected as actively exploited and has been added to the CISA Known Exploited Vulnerabilities (KEV) catalog. This vulnerability will be patched with the main Windows OS cumulative update for December. Administrators should consider the elevated risk to their organizations and...
Tripwire's November 2024 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft and Google Chromium. First on the list are patches for Microsoft Edge, Excel, and Word that resolve remote code execution and security feature bypass vulnerabilities. Next are patches that affect components of the core Windows operating system. These patches resolve over 35 vulnerabilities, including elevation of privilege, information disclosure, denial of service, and remote code execution vulnerabilities. These vulnerabilities affect core Windows, Kernel, Win32k, Graphics Component...
Tripwire's October 2024 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft. First on the list are patches for Microsoft Edge, Office, Excel, and Visio that resolve remote code execution, elevation of privilege, and spoofing vulnerabilities. Next are patches that affect components of the core Windows operating system. These patches resolve over 80 vulnerabilities, including elevation of privilege, information disclosure, security feature bypass, denial of service, and remote code execution vulnerabilities. These vulnerabilities affect core Windows, Kernel, Win32k...
Tripwire's September 2024 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft. First on the list are patches for Microsoft Excel, Visio, and Publisher that resolve remote code execution, elevation of privilege, and security feature bypass vulnerabilities. Next are patches that affect components of the core Windows operating system. These patches resolve over 35 vulnerabilities, including elevation of privilege, information disclosure, security feature bypass, denial of service, and remote code execution vulnerabilities. These vulnerabilities affect core Windows...
Tripwire's August 2024 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft, Adobe and Google. First on the list are patches for Microsoft Edge and Google Chromium that resolve 12 vulnerabilities, including information disclosure, remote code execution, and memory corruption vulnerabilities. Up next are patches for Microsoft Outlook, PowerPoint, Visio, Excel, Project, and Office that resolve remote code execution, elevation of privilege, and spoofing vulnerabilities. Up next are patches for Adobe Reader and Acrobat. These patches resolve 12 issues, including...
Tripwire's July 2024 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft. First on the list are patches for Microsoft Office and Outlook that resolve remote code execution and spoofing vulnerabilities. Next are patches that affect components of the core Windows operating system. These patches resolve over 65 vulnerabilities, including elevation of privilege, information disclosure, security feature bypass, denial of service, and remote code execution vulnerabilities. These vulnerabilities affect core Windows, Kernel, Cryptographic Services, Imaging, Layer-2...
Tripwire's June 2024 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft. First on the list are patches for Microsoft Edge (Chromium-based) and Chromium that resolve use after free, heap buffer overflow, and out of bounds write vulnerabilities Next on the patch priority list this month are patches for Microsoft Office and Outlook that resolve 4 remote code execution vulnerabilities. Next are patches that affect components of the core Windows operating system. These patches resolve over 35 vulnerabilities, including elevation of privilege, information disclosure...
Tripwire's June 2024 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft and Adobe. First on the list this month is a patch for Microsoft Windows Error Reporting (CVE-2024-26169). This CVE is listed in the CISA Known Exploited Vulnerabilities (KEV) catalog. Next on the list are patches for Microsoft Edge (Chromium-based) and Chromium that resolve use after free, heap buffer overflow, and spoofing vulnerabilities. Next on the patch priority list this month is a patch for Microsoft Excel that resolves a remote code execution vulnerability. Up next are patches for...