Falcon Exposure Management Team

Microsoft has addressed 130 vulnerabilities in its May 2026 security update release, fewer than April’s 164 vulnerabilities. This month's patches include fixes for 30 Critical vulnerabilities, along w[…]

Microsoft has addressed 164 vulnerabilities in its April 2026 security update release, double the number of vulnerabilities in March 2026. These include one exploited zero-day vulnerability, one previ[…]

Microsoft has addressed 82 vulnerabilities in its March 2026 security update release. These include two publicly disclosed vulnerabilities and eight Critical vulnerabilities. March 2026 Risk Analysis […]

Microsoft has addressed 59 vulnerabilities in its February 2026 security update release. These include six actively exploited vulnerabilities, three of which were publicly known, and five Critical vul[…]

Microsoft has addressed 114 vulnerabilities in its January 2026 security update release, including 112 newly patched CVEs and 2 updated advisories. This month's update addresses one actively exploited[…]

Microsoft has addressed 57 vulnerabilities in its December 2025 security update release. This month's updates address one actively exploited Important zero-day, two publicly disclosed Important zero-d[…]

Microsoft has addressed 63 vulnerabilities in its November 2025 security update release, almost one third from October's record-breaking 172 patches. This month's updates address one actively exploite[…]

Microsoft has addressed 172 vulnerabilities in its October 2025 security update release, marking the highest number of vulnerabilities patched in a single month this year. This month's patches address[…]

Microsoft has addressed 84 vulnerabilities in its September 2025 security update release. This month's patches address two publicly disclosed zero-day vulnerabilities and eight Critical vulnerabilitie[…]

Microsoft has addressed 107 vulnerabilities in its August 2025 security update release. This month's patches include fixes for one publicly disclosed zero-day vulnerability and 13 Critical vulnerabili[…]

Microsoft has addressed 137 vulnerabilities in its July 2025 security update release, more than double the number of vulnerabilities in June. This month's patches include fixes for one publicly disclo[…]

Microsoft has addressed 66 vulnerabilities in its June 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and nine Critical vulnerabilit[…]

Microsoft has addressed 72 vulnerabilities in its May 2025 security update release. This month's patches include fixes for five actively exploited zero-day vulnerabilities, including a zero-day vulner[…]

Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit[…]

Microsoft has released security updates for 57 vulnerabilities in its March 2025 Patch Tuesday rollout. Among these are seven zero-days as well as six Critical vulnerabilities. March 2025 Risk Analysi[…]

Microsoft has released security updates for 67 vulnerabilities in its February 2025 Patch Tuesday rollout. Among these are three Critical vulnerabilities and four zero-days affecting the Windows NTLMv[…]

Microsoft has released security updates for 159 vulnerabilities in its January 2025 Patch Tuesday rollout. Among these are 10 Critical vulnerabilities and eight zero-days affecting the Windows Hyper-V[…]

Microsoft has released security updates for 71 vulnerabilities in its December 2024 Patch Tuesday rollout. Among these are 16 Critical vulnerabilities and one zero-day affecting the Windows Common Log[…]

Microsoft has released security updates for 158 vulnerabilities in its November 2024 Patch Tuesday rollout. Among these are four Critical vulnerabilities (CVE-2024-43625, CVE-2024-49056, CVE-2024-4349[…]

Microsoft has released security updates for 118 vulnerabilities in its October 2024 Patch Tuesday rollout. These include two actively exploited zero-days (CVE-2024-43573, CVE-2024-43572). Three of the[…]

Microsoft has released security updates for 79 vulnerabilities in its September 2024 Patch Tuesday rollout. These include four actively exploited zero-days (CVE-2024-38014, CVE-2024-38217, CVE-2024-38[…]

Microsoft has released security updates for 85 vulnerabilities in its August 2024 Patch Tuesday rollout. These include six actively exploited zero-days (CVE-2024-38213, CVE-2024-38193, CVE-2024-38189,[…]

Microsoft has released security updates for 142 vulnerabilities for its July 2024 Patch Tuesday rollout. These include two actively exploited zero-days (CVE-2024-38080 and CVE-2024-38112). Five of the[…]

Microsoft released security updates for 51 vulnerabilities in its June 2024 Patch Tuesday rollout. These patches address one previously disclosed zero-day vulnerability affecting the DNS protocol (CVE[…]

Microsoft has released security updates for 61 vulnerabilities in its May 2024 Patch Tuesday rollout. There are two zero-day vulnerabilities patched, affecting Windows MSHTML (CVE-2024-30040) and Desk[…]

UPDATE: It has been confirmed that disabling telemetry will not block this exploit. Applying a patch as soon as possible is the most effective remediation for this vulnerability. Patches for 8 of the […]

Microsoft has released security updates for 150 vulnerabilities in its April 2024 Patch Tuesday rollout, a much larger amount than in recent months. There are three Critical remote code execution vuln[…]

Microsoft has released security updates for 60 vulnerabilities in its March 2024 Patch Tuesday rollout. There are two Critical vulnerabilities patched (CVE-2024-21407 and CVE-2024-21408), both of whic[…]

Microsoft has released security updates for 73 vulnerabilities for its February 2024 Patch Tuesday rollout. These include two actively exploited zero-days (CVE-2024-21412 and CVE-2024-21351), both of […]

In a relatively quiet week for Microsoft Patch Tuesday, the vendor announced 49 vulnerabilities affecting Microsoft products, two of which are critical, and a number of remote code execution (RCE) vul[…]

Microsoft has released security updates for 34 vulnerabilities, including one previously disclosed zero-day (CVE-2023-20588), a vulnerability affecting Advanced Micro Devices (AMD) processors. Four of[…]

Microsoft has released security updates for 58 vulnerabilities, including five zero-days, three of which are being actively exploited. One of the zero-days (CVE-2023-36025) is a Windows SmartScreen Se[…]

This month marks the 20th anniversary of Patch Tuesday, and Microsoft has released security updates for 104 vulnerabilities, including three zero-days. One of the zero-days (CVE-2023-41763) is an elev[…]

Microsoft has released security updates for 62 vulnerabilities and two zero-days for its September 2023 Patch Tuesday rollout. One of the zero-days (CVE-2023-36802) is an elevation of privilege vulner[…]

Microsoft has released security updates for 76 vulnerabilities and two zero-days for its August 2023 Patch Tuesday rollout. One of the zero-days (CVE-2023-38180) is a denial-of-service vulnerability i[…]

Microsoft has released security updates for 131 vulnerabilities and a disclosure for one yet-unpatched vulnerability for its July 2023 Patch Tuesday rollout: 9 are rated as Critical while the remainin[…]

Microsoft has released 78 security patches for its June 2023 Patch Tuesday rollout. Of the vulnerabilities patched today, 6 are classified as Critical and 38 are remote code execution (RCE) flaws. Jun[…]

Microsoft has released patches for 38 vulnerabilities for its May 2023 Patch Tuesday rollout: 6 are rated as Critical while the remaining 32 are rated as Important. Three vulnerabilities are identifie[…]

Microsoft has released patches for 97 vulnerabilities for its April 2023 Patch Tuesday rollout: 7 are classified as Critical while the remaining 90 are classified as Important. One vulnerability is id[…]

Microsoft has released 80 security patches for its March 2023 Patch Tuesday rollout: 9 vulnerabilities are rated Critical, 70 Important and 1 Moderate. Two actively exploited zero-day vulnerabilities […]

Microsoft has released 75 security patches for its February 2023 Patch Tuesday rollout: 9 vulnerabilities are rated Critical, and the remaining 66 are rated Important. Three actively exploited vulnera[…]

The first Patch Tuesday of 2023 is starting the year with a large number of bug fixes. Microsoft released 98 security patches for its January 2023 Patch Tuesday rollout, almost double the number relea[…]

Microsoft has released 49 security patches for its December 2022 Patch Tuesday rollout. Of these, 10 vulnerabilities are rated Critical, two are rated Medium and the rest are rated Important. DirectX […]

Microsoft has released 66 security patches for its November 2022 Patch Tuesday rollout. Of these, 10 vulnerabilities are rated Critical and the remaining 56 are rated Important. It should be noted tha[…]

Microsoft has released 84 security patches for its October 2022 Patch Tuesday rollout. Of these, 13 vulnerabilities are rated Critical, while the remaining 71 are rated Important. It should be noted t[…]

Microsoft has released 63 security patches for its September 2022 Patch Tuesday rollout. Five vulnerabilities are rated Critical, 57 are rated Important, one is Moderate, and one is rated Low in sever[…]

Microsoft has released 121 security patches for its August 2022 Patch Tuesday rollout. Seventeen vulnerabilities are rated Critical in severity and the rest are classified as Important, with one (CVE-[…]

Microsoft has released 84 security patches for its July 2022 Patch Tuesday rollout. Four vulnerabilities are rated Critical in severity and the rest are classified as Important, with one (CVE-2022-220[…]

Microsoft has released 55 security patches for its June 2022 Patch Tuesday rollout. Three of the 55 CVEs addressed are rated Critical severity, with CVE-2022-30136 having the highest CVSS score of 9.8[…]

Microsoft has released 73 security patches for its May Patch Tuesday rollout. One of the 73 CVEs addressed, Windows LSA Spoofing Vulnerability CVE-2022-26925, is ranked as Important and is under activ[…]

Microsoft has released 117 security patches for its April Patch Tuesday rollout. Of the 117 CVEs addressed, two are ranked as Important zero-days, including CVE-2022-24521, which is under active explo[…]

Microsoft has released 71 security patches for its March Patch Tuesday rollout. Of the 71 CVEs addressed, three are ranked as Important zero-days. This month the quantity of patches for Critical vulne[…]

Microsoft has released 48 security patches for its February Patch Tuesday rollout. None are considered Critical or known to have been actively exploited. CVE-2022-21989, a publicly known zero-day vuln[…]

Kicking off the first Patch Tuesday of 2022, CrowdStrike continues to provide research and analysis regarding critically rated vulnerabilities and the subsequent patches offered by Microsoft. In this […]

It’s the last Patch Tuesday update of 2021, and as with many other updates this year, this month’s list includes important ones — among them a zero-day (CVE-2021-43890 in AppX installer), multiple cri[…]

As the year draws to a close, the active exploitation of Microsoft vulnerabilities continues unabated. Once again, a broad range of Microsoft products are included in this month’s Patch Tuesday update[…]

Microsoft has released its October 2021 updates covering a garden variety of vulnerabilities that threat actors can exploit using several attack types, from remote code execution to spoofing to privil[…]

Attackers are continually taking advantage of Microsoft products, and this month’s vulnerabilities and subsequent patch updates reflect that reality. One particular zero-day vulnerability, CVE-2021-40[…]

August’s Patch Tuesday covered less than half as many patched vulnerabilities as July. Two of the vulnerabilities patched this month (CVE-2021-34481 and CVE-2021-36934) were previously disclosed and h[…]

Imagine this scenario: Your IT staff, pressed for time, checks for patches once every month after the Microsoft Patch Tuesday release. They spend a few minutes gathering intel and perhaps a few more m[…]

The month of July 2021 has been particularly challenging for organizations relying on Microsoft products. Along with the ongoing PrintNightmare out-of-band patch bypass situation affecting Windows Pri[…]

This month’s patch update covers 50 vulnerabilities, with 6 of them actively exploited - the highest number we’ve seen so far in 2021. Five of these in-the-wild exploits affect default Windows compone[…]

Last month, teams participating in a global hacking contest, Pwn2Own, succeeded in exploiting several Microsoft products on the first day of the competition. These Windows products, which include Micr[…]

The year 2021 has required a lot of attention from cyber-savvy Microsoft users so far, considering the quantity and severity of vulnerabilities requiring updates and also the increased urgency to rele[…]

In this Microsoft Patch Tuesday update, we discuss several critical vulnerabilities, including a newly released zero-day targeting Internet Explorer that has already seen active exploitation in the wi[…]