Patches for 6 zero-days under active exploit are now available from Microsoft

EnlargeGetty Images

It’s the second Tuesday of the month, and that means it’s Update Tuesday, the monthly release of security patches available for nearly all software Microsoft supports. This time around, the software maker has fixed six zero-days under active exploit in the wild, along with a wide range of other vulnerabilities that pose a threat to end users.

Two of the zero-days are high-severity vulnerabilities in Exchange that, when used together, allow hackers to execute malicious code on servers. Tracked as CVE-2022-41040 and CVE-2022-41082, these vulnerabilities came to light in September. At the time, researchers in Vietnam reported they

→ Continue reading at Ars Technica

Related articles


Share article

Latest articles