We’ve already provided the direct download links for the cumulative updates released today for Windows 10 and 11, but now it’s time to talk about Critical Vulnerabilities and Exposures again. This month, the Redmond tech giant released 74 new patches, which is a lot more than some people were expecting right after Easter. These software updates address CVEs in:
Microsoft Windows and Windows Components .NET and Visual Studio Microsoft Edge (Chromium-based) Microsoft Exchange Server Office and Office Components Windows Hyper-V Windows Authentication Methods BitLocker Windows Cluster Shared Volume (CSV) Remote Desktop Client Windows Network File System NTFS Windows Point-to-Point Tunneling Protocol
74 CVEs were identified and dealt with this month
Not the busiest but also not the lightest month for Microsoft security experts. You might like to know that, out of the 74 new CVEs released, 7 are rated Critical, 66 are rated Important, and one is rated Low in severity Out of all the Critical-rated patches, there are two that affect the Windows implementation of Point-to-Point Tunneling Protocol (PPTP) that could allow an RCE. SPONSORED The tech giant stated that an attacker would need to win a race condition to successfully exploit these bugs, but not every race condition is identical. There is also a Critical-rated Elevation of Privilege (EoP) bug in Microsoft Kerberos, but no further information is provided at this moment. The next Patch Tuesday rollout will be on May 10th, so don’t get too comfortable with the current state of affairs, as it might change sooner than you think. Was this article helpful to you? Share your opinion in the comments section below.
Name *
Email *
Commenting as . Not you?
Save information for future comments
Comment
Δ