Microsoft Patch Tuesday 2025 Year in Review
Microsoft addressed over 1,100 CVEs as part of Patch Tuesday releases in 2025, including 40 zero-day vulnerabilities.Key takeaways:Microsoft's 2025 Patch Tuesday releases addressed 1,130 CVEs. This is the second year in a row where the CVE count was over 1,000. Elevation of Privilege…
マイクロソフト 2025 年 12 月月例セキュリティ更新プログラム、56 件の CVE を修正 (CVE-2025-62221)
Microsoft addresses 56 CVEs, including two publicly disclosed vulnerabilities and one zero-day that was exploited in the wild to close out the final Patch Tuesday of 2025
CVE-2025-55182: React2Shell に関するよくある質問: React サーバー コンポーネントにおけるリモート コード実行の脆弱性
A maximum severity vulnerability (CVSS 10) was discovered in React, one of the most popular JavaScript frameworks. If your app supports React Server Components, you are likely vulnerable out of the box, even if you aren’t using Server Functions explicitly. Patch immediately.
Sha1-Hulud 2.0 に関するよくある質問: NPM リポジトリを標的としたサプライチェーン攻撃の再来
Sha1-Hulud malware is an aggressive npm supply-chain attack compromising CI/CD and developer environments. This blog addresses frequently asked questions and advises cloud security teams to immediately audit for at least 800 compromised packages.
CVE-2025-64446: フォーティネット FortiWeb のゼロデイパストラバーサル脆弱性の悪用が確認される
Fortinet has released an advisory for a recently disclosed zero-day path traversal vulnerability which has been exploited in the wild. 直ちにパッチを適用するようにしてください。
マイクロソフト 2025 年 11 月月例セキュリティ更新プログラム、63 件の CVE (CVE-2025-62215) を修正
Microsoft addresses 63 CVEs including one zero-day vulnerability which was exploited in the wild.
Oracle 2025年10月のクリティカルパッチアップデートで 170 件の CVE に対処
Oracle addresses 170 CVEs in its final quarterly update of 2025 with 374 patches, including 40 critical updates.
F5、「BIG-IP 」の侵害を公表: 今すぐ対処が必要な 44 件の脆弱性
Partnering with an EDR vendor after a nation-state has already stolen your source code isn’t innovation — it’s a gamble. You don’t build a fire extinguisher while the house is burning. You find every spark before it becomes the next inferno.Key takeaways:F5’s BIG-IP is used to secure everything…
2025 年 8 月の F5 セキュリティインシデントに関するよくある質問
Frequently asked questions about the August 2025 security incident at F5 and the release of multiple BIG-IP product patches.
Microsoft の 2025 年 10 月 月例パッチが 167 件の CVE (CVE-2025-24990、CVE-2025-59230) を修正
Microsoft addresses 167 CVEs in its largest Patch Tuesday to date, including three zero-day vulnerabilities, two of which were exploited in the wild.
CVE-2025-61882: Oracle E-Business Suite (EBS) のゼロデイ脆弱性および関連する脆弱性に関するよくある質問
Following reports the Cl0p ransomware group has been extorting Oracle E-Business Suite customers, Oracle released an advisory for a zero-day that was exploited in the wild.
CVE-2025-20333、CVE-2025-20362: Cisco Adaptive Security Appliance (ASA) および Firewall Threat Defense (FTD) のゼロデイ脆弱性に関するよくある質問
Cisco published advisories and a supplemental post about three zero-day vulnerabilities, two of which were exploited in the wild by an advanced threat actor associated with the ArcaneDoor campaign.
営業チームに問い合わせる