Microsoft, Patched and Zero Day

3 Actively Exploited Zero-Day Flaws Patched in Microsoft's Latest Security Update
All the three Microsoft Access issues, on the other hand, have been credited to Unpatched.ai, an AI-guided vulnerability discovery platform. Action1 also noted that while the flaws are categorized as remote code execution (RCE) vulnerabilities, exploitation requires an attacker to convince the user to open a specially crafted file.
Microsoft's Largest Patch Tuesday Since 2017: 161 Vulnerabilities Fixed in January 2025 Update
All three zero-day vulnerabilities have a CVSS score of 7.8 and could allow an attacker to gain system privileges.
Microsoft Patches Eight Zero-Days to Start the Year
Microsoft released security updates for eight zero-day flaws in its first Patch Tuesday of 2025, with three of the vulnerabilities under active exploitation. Microsoft defines zero-day vulnerabilities as software flaws that have either been publicly disclosed or are being actively exploited, with no patch available.
Microsoft: Happy 2025. Here’s 161 Security Updates
Microsoft today unleashed updates to plug a whopping 161 security vulnerabilities in Windows and related software, including three “zero-day” weaknesses that are already under active attack. Redmond’s inaugural Patch Tuesday of 2025 bundles more fixes than the company has shipped in one go since 2017.
Microsoft’s big Patch Tuesday fixes over twice as many security flaws as usual
Yesterday was January’s big Patch Tuesday, where Microsoft rolled out a big bundle of security updates across several apps and services, eliminating 159 security vulnerabilities. This is the most extensive Patch Tuesday of the last few years with more than double the usual number of fixed security flaws.
New Critical Microsoft Windows Warning As 3 Zero-Day Attacks Underway
Microsoft has confirmed that a staggering three zero-day cyberattacks are underway against Windows users—here’s what you need ...
SecurityWeek2d
Fortinet Confirms New Zero-Day Exploitation
Fortinet patches critical vulnerabilities, including a zero-day that has been exploited in the wild since at least November ...
Security2d
How to Build Government Cyber Resilience Against Zero-Day Vulnerabilities
Two technologies can help predict and detect the attack methods adversaries might use and for government user intelligence.
Critical Microsoft Outlook Vulnerability Rated 9.8/10 Confirmed—Update Now
A critical-rated Outlook vulnerability has been confirmed by Microsoft which has warned that exploitation is likely—here’s ...
Infosecurity-magazine.com2d
Fortinet Confirms Critical Zero-Day Vulnerability in Firewalls
Fortinet has disclosed a new critical zero-day vulnerability affecting some of its FortiGate firewalls. In a security ...
Ivanti zero-day attacks infected devices with custom malware
Hackers exploiting the critical Ivanti Connect Secure zero-day vulnerability disclosed yesterday installed on compromised VPN ...
CSOonline2d
Fortinet confirms zero-day flaw used in attacks against its firewalls
The advisory from the cybersecurity company follows a report from security researchers who observed exploits in the wild in ...
Nominet says it was hit by cyberattack following recent Ivanti VPN security issue
Nominet warns customers about a recent cyberattack The company says the attackers abused an Ivanti zero-day So far, there is no evidence of data tampering or backdoor dropping Top domain registrar ...
Fortinet warns of auth bypass zero-day exploited to hijack firewalls
Attackers are exploiting a new authentication bypass zero-day vulnerability in FortiOS and FortiProxy to hijack Fortinet ...