マイクロソフトの 2023 年 5 月月例セキュリティ更新プログラム、38 件の CVE を修正 (CVE-2023-29336)
Microsoft addresses 38 CVEs including three zero-day vulnerabilities, two of which were exploited in the wild.
マイクロソフトの 2023 年 4 月月例セキュリティ更新プログラム: 97 件の CVE を修正 (CVE-2023-28252)
Microsoft addresses 97 CVEs, including one that was exploited in the wild as a zero day.
マイクロソフトの 2023 年 3 月月例セキュリティ更新プログラム 76 件の CVE に対処 (CVE-2023-23397)
Microsoft addresses 76 CVEs including two zero-days exploited in the wild, one of which was publicly disclosed.
マイクロソフト 2023 年 2 月月例セキュリティ更新プログラム、75 件の CVE を修正 (CVE-2023-23376)
Microsoft addresses 75 CVEs including three zero-day vulnerabilities that were exploited in the wild.
ProxyNotShell、OWASSRF、TabShell: Microsoft Exchange サーバーに今すぐセキュリティパッチを適用する
Several flaws in Microsoft Exchange Server disclosed over the last two years continue to be valuable exploits for attackers as part of ransomware and targeted attacks against organizations that have yet to patch their systems. Patching the flaws outlined below is strongly recommended.
マイクロソフト、2023 年 1 月の月例セキュリティ更新プログラムで 98 件の CVE を修正 (CVE-2023-21674)
Microsoft addresses 98 CVEs including a zero-day vulnerability that was exploited in the wild.
CVE-2022-37958: Microsoft SPNEGO NEGOEX における「緊急」の脆弱性に関するよくある質問
Microsoft recently reclassified a vulnerability in SPNEGO NEGOEX, originally patched in September, after a security researcher discovered that it can lead to remote code execution. Organizations are urged to apply these patches as soon as possible.
マイクロソフト 2022 年 12 月月例セキュリティ更新プログラム、47 件の CVE を修正 (CVE-2022-44698)
Microsoft addresses 48 CVEs including two zero-day vulnerabilities, one that has been exploited in the wild (CVE-2022-44698) and one that was publicly disclosed prior to a patch being available (CVE-2022-44710).
マイクロソフト 2022 年 11 月月例セキュリティ更新プログラム、62 件の CVE (CVE-2022-41073) を修正
Microsoft addresses 62 CVEs including four zero-day vulnerabilities that were exploited in the wild.
マイクロソフト 2022 年 10 月月例セキュリティ更新プログラム、84 件の CVE に対応(CVE-2022-41033)
Microsoft addresses 84 CVEs in its October 2022 Patch Tuesday release, including 13 critical flaws.
CVE-2022-40684: FortiOS および FortiProxy における「緊急」の認証バイパスの脆弱性
Fortinet has patched a critical authentication bypass in its FortiOS and FortiProxy products that could lead to administrator access.
CVE-2022-41040、CVE-2022-41082: ProxyShell の亜種の悪用が確認される
Microsoft has confirmed reports of two zero-day vulnerabilities in Microsoft Exchange Server that have been exploited in the wild. Patches are not yet available.
営業チームに問い合わせる