Microsoft Patches a Pair of Actively Exploited Zero-Days


In addition to two “important”-rated zero-day security vulnerabilities that are currently being actively exploited in the wild, Microsoft patched five major security flaws in its September Patch Tuesday update. A total of 59 new patches were issued by Microsoft to resolve bugs in a variety of its products, including Windows, Exchange Server, Office,.NET and Visual Studio, Azure, Microsoft Dynamics, and Windows Defender.

A few third-party concerns are also included in the update, including a critical, actively exploited zero-day Chromium bug that affects Microsoft Edge. The total CVEs include the external issues, making 65. The Windows implementation of the TCP/IP protocol and the zero-days, serious flaws, and issues in Microsoft Exchange Server need to move to the front of the patching queue despite the breadth of the solutions this month, according to researchers.

Read More…