system patch

AVEVA Application Server IDE users must treat a newly published cross‑site scripting (XSS) advisory as urgent: the IDE’s help-file handling in Application Server versions up to 2023 R2 SP1 P02 can be tampered with by an authenticated user in the aaConfigTools group to persist script that...

Microsoft has recently issued an urgent alert regarding active cyberattacks targeting its on-premises SharePoint Server software. These attacks exploit previously unknown vulnerabilities, commonly referred to as "zero-day" exploits, allowing unauthorized access to sensitive organizational data...

The Windows Routing and Remote Access Service (RRAS) is a critical component in Microsoft's networking suite, enabling functionalities such as VPN services, dial-up networking, and LAN routing. Its integral role in managing remote connections makes it a focal point for security considerations. A...

Here is a summary of the information on the Microsoft Support page for the "July 8, 2025—Baseline": This date marks the release of the security update baseline for July 2025. The update pertains to Windows 11 Enterprise LTSC 2024. For specific details on the update, users are directed to...

A critical security vulnerability, identified as CVE-2025-48806, has been discovered in Microsoft's MPEG-2 Video Extension. This flaw is classified as a "use-after-free" vulnerability, a type of memory corruption error that occurs when a program continues to use a pointer after it has been...

The Windows Routing and Remote Access Service (RRAS) has recently been identified as vulnerable to a critical security flaw, designated as CVE-2025-49688. This vulnerability arises from a double-free error within RRAS, potentially allowing unauthorized attackers to execute arbitrary code over a...

A critical security vulnerability, identified as CVE-2025-49677, has been discovered in Microsoft's Brokering File System, posing significant risks to Windows users. This flaw, classified as a "use-after-free" vulnerability, enables authenticated attackers to escalate their privileges locally...

Microsoft’s approach to keeping its Windows ecosystem secure and resilient has long centered on iterative updates, but recent developments have shone a spotlight on one lesser-known aspect of its update strategy: dynamic updates. While Patch Tuesday cumulative updates and feature upgrades...

The Windows Storage Management Provider, a critical component for managing storage devices and configurations in Windows environments, has been identified with a significant security vulnerability labeled as CVE-2025-33061. This flaw, characterized by an out-of-bounds read error, permits...

A critical security vulnerability, identified as CVE-2025-32713, has been discovered in the Windows Common Log File System (CLFS) driver. This flaw is a heap-based buffer overflow that allows authenticated local attackers to escalate their privileges on affected systems. Microsoft has...

Windows Lightweight Directory Access Protocol (LDAP) has long served as a core component of enterprise IT infrastructure, underpinning everything from user authentication to directory lookups in countless Active Directory (AD) environments. With the discovery of CVE-2025-29954—a critical denial...

The Mysterious “inetpub” Folder: An Unexpected Windows 11 Quirk Windows 11 users have recently encountered an unexpected twist following the cumulative update KB5055523—a seemingly innocuous yet puzzling folder named “inetpub” appearing on the C drive. This odd discovery, highlighted by multiple...

Windows updates continue to keep IT professionals and enthusiasts on their toes. The latest April 2025 cumulative update for Windows 11 (KB5055523) and Windows 10 (KB5055518) has introduced a curious new quirk: an empty “inetpub” folder appearing in the root of the C: drive, even on systems...

Windows Server 2025 is facing an unexpected road bump that has caught the attention of IT administrators and system users alike. Recent reports indicate that Remote Desktop sessions on Windows Server 2025 systems are freezing after installing security updates—more specifically after installing...

The latest cybersecurity advisory from the Cybersecurity and Infrastructure Security Agency (CISA) has put a glaring spotlight on a string of critical vulnerabilities discovered in INFINITT Healthcare’s Picture Archiving and Communication System (PACS)—a backbone technology underpinning modern...

There’s a particular sort of dread that grips any IT professional when they hear the phrase “Blue Screen of Death.” It’s the same feeling you get when your car makes a noise the mechanic describes as “interesting” or someone from HR says, “Do you have a minute?” And with Windows Server 2025...

Here’s a summary of the Windows 11 escalation vulnerability (CVE-2025-24076) as described: What Happened? A critical security flaw in Windows 11’s “Mobile devices” feature allowed attackers to go from a regular user account to full system administrator rights in about 300 milliseconds. How Did...

Today, as part of Update Tuesday, we released 8 security bulletins. We encourage customers to apply all of these updates. For more information about this month’s security updates, including the detailed view of the Exploitability Index (XI), visit the Microsoft Bulletin Summary webpage. If you...