Monday, November 18, 2024

Fixing a Bunch of Scripting Engine Vulnerabilities by Disabling Just-In-Time Compiler (CVE-2024-38178)

  August 2024 Windows Updates brought a patch for CVE-2024-38178 , a remotely exploitable memory corruption issue in "legacy" Scri...
Tuesday, November 12, 2024

Micropatches Released for Remote Registry Service Elevation of Privilege Vulnerability (CVE-2024-43532)

  October 2024 Windows Updates brought a patch for CVE-2024-43532 , a vulnerability in Windows Remote Registry Service that could allow an...
Tuesday, October 29, 2024

We Patched CVE-2024-38030, Found Another Windows Themes Spoofing Vulnerability (0day)

TL;DR: While patching CVE-2024-38030, we found another similar issue, reported it to Microsoft and created free micropatches for 0patch user...
Wednesday, October 2, 2024

Micropatches for Windows Installer Elevation of Privilege Vulnerability (CVE-2024-38014)

  September 2024 Windows Updates brought a patch for CVE-2024-38014 , a privilege escalation vulnerability in Windows Installer that could ...
Thursday, September 19, 2024

Micropatches for "MadLicense" Windows Remote Desktop Licensing Service Remote Code Execution (CVE-2024-38077)

  July 2024 Windows Updates brought a patch for CVE-2024-38077 , a memory corruption vulnerability in Remote Desktop Licensing Service that...
Monday, July 29, 2024

Patches for two Windows Bluetooth Vulnerabilities (CVE-2023-23388, CVE-2023-24871)

March 2023 Windows updated brought patches for two Windows Bluetooth vulnerabilities: CVE-2023-23388 , a Windows Bluetooth Driver Elevation ...
Tuesday, July 23, 2024

Micropatches Released for Windows MSHTML Platform Spoofing (CVE-2024-38112)

  July 2024 Windows Updates brought a patch for CVE-2024-38112 , a vulnerability in Windows that allows an attacker to create a Windows Inte...