Staying present with Microsoft’s month-to-month patches is difficult, but crucial for one’s cybersecurity program. This week, Microsoft’s November Patch Tuesday launched 55 patches, six of which have been categorized as “critical,” 4 have been beforehand disclosed (which signifies that cyber criminals could already be exploiting them), and two are being exploited now. Plugging all of those vulnerabilities must be a excessive precedence on your safety groups.
The vulnerabilities being exploited by cyber criminals now embody one that enables distant code execution to Microsoft Alternate Server; the opposite includes bypassing a safety function in Microsoft Excel.
For a whole record of the vulnerabilities, the patches and what to do about them, the Sans Web Storm Heart outlines them nicely in its month-to-month abstract, which could be accessed here.