Wednesday, May 7, 2025
HomeSecurity NewsMicrosoft Released New Security Patch Updates for More than 30 Critical Security...

Microsoft Released New Security Patch Updates for More than 30 Critical Security Issues

Published on

SIEM as a Service

Follow Us on Google News

Microsoft released security updates for December to patch 34 security issues in different software category and some of the patch released under very critical list.

This Released fix categorized to different Microsoft products and most of the fixed bugs are belongs to servers and Windows 8 and 10 system based vulnerabilites.

Many of office vulnerabilities are catogoried as a defense-in-depth measure and the update disables the Dynamic Update Exchange protocol (DDE) in all supported editions of Microsoft Word.

- Advertisement - Google News

Microsoft Edge and Internet Explorer 11 having many bug fixes along with this security updates.

Also Read: New BlackArch Penetration Testing Linux ISOs Released with More Hacking Tools

All the windows 10 bugs are fixed by security realsed and In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.

Microsoft released security updates for following catogories
– Internet Explorer
– Microsoft Edge
– Microsoft Windows
– Microsoft Office and Microsoft Office Services and Web Apps
– Microsoft Exchange Server
– ChakraCore
– Microsoft Malware Protection Engine

Higly critical information disclouser vulneabities are exists when the Windows its:// protocol handler unnecessarily sends traffic to a remote site in order to determine the zone of a provided URL.

According to Microsoft,This could potentially result in the disclosure of sensitive information to a malicious site.
To exploit the vulnerability an attacker would have to trick a user into browsing to a malicious website or to an SMB or UNC path destination. An attacker who successfully tricked a user into disclosing the user’s NTLM hash could attempt a brute-force attack to disclose the corresponding hash password.
Windows 10 for 32-bit Systems 4053581Security UpdateInformation DisclosureImportant4048956
Windows 10 for x64-based Systems 4053581Security UpdateInformation DisclosureImportant4048956
Windows 10 Version 1511 for 32-bit Systems 4053578Security UpdateInformation DisclosureImportant4048952
Windows 10 Version 1511 for x64-based Systems 4053578Security UpdateInformation DisclosureImportant4048952
Windows 10 Version 1607 for 32-bit Systems 4054517Security UpdateInformation DisclosureImportant4048955
Windows 10 Version 1607 for x64-based Systems 4053579Security UpdateInformation DisclosureImportant4048953
Windows 10 Version 1703 for 32-bit Systems 4053580Security UpdateInformation DisclosureImportant4048954
Windows 10 Version 1703 for x64-based Systems 4053580Security UpdateInformation DisclosureImportant4048954
Windows 10 Version 1709 for 32-bit Systems 4054517Security UpdateInformation DisclosureImportant4048955
Windows 10 Version 1709 for x64-based Systems 4054517Security UpdateInformation DisclosureImportant4048955
Windows 7 for 32-bit Systems Service Pack 1 4054518Monthly RollupInformation DisclosureImportant4048957
4054521Security Only
Windows 7 for x64-based Systems Service Pack 1 4054518Monthly RollupInformation DisclosureImportant4048957
4054521Security Only
Windows 8.1 for 32-bit systems 4054519Monthly RollupInformation DisclosureImportant4048958
4054522Security Only
Windows 8.1 for x64-based systems 4054519Monthly RollupInformation DisclosureImportant4048958
4054522Security Only
Windows RT 8.1 4054519Monthly Rollup Information DisclosureImportant4048958
Windows Server 2008 for 32-bit Systems Service Pack 2 4053473Security UpdateInformation DisclosureImportant 
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4053473Security UpdateInformation DisclosureImportant 
Windows Server 2008 for Itanium-Based Systems Service Pack 2 4053473Security UpdateInformation DisclosureImportant 
Windows Server 2008 for x64-based Systems Service Pack 2 4053473Security UpdateInformation DisclosureImportant 
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4053473Security UpdateInformation DisclosureImportant 
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 4054518Monthly RollupInformation DisclosureImportant4048957
4054521Security Only
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4054518Monthly RollupInformation DisclosureImportant4048957
4054521Security Only
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4054518Monthly RollupInformation DisclosureImportant4048957
4054521Security Only
Windows Server 2012 4054520Monthly RollupInformation DisclosureImportant4048959
4054523Security Only
Windows Server 2012 (Server Core installation) 4054520Monthly RollupInformation DisclosureImportant4048959
4054523Security Only
Windows Server 2012 R2 4054519Monthly RollupInformation DisclosureImportant4048958
4054522Security Only
Windows Server 2012 R2 (Server Core installation) 4054519Monthly RollupInformation DisclosureImportant4048958
4054522Security Only
Windows Server 2016 4053579Security UpdateInformation DisclosureImportant4048953
Windows Server 2016 (Server Core installation) 4053579Security UpdateInformation DisclosureImportant4048953
Windows Server, version 1709 (Server Core Installation) 4054517Security UpdateInformation DisclosureImportant4048955
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

IT Worker from Computacenter Let Girlfriend Into Deutsche Bank’s Restricted Areas

A former information technology manager has filed a whistleblower lawsuit alleging a major security...

NSO Group Ordered to Pay $168 Million to WhatsApp in US Spyware Verdict

A federal jury in California has ordered Israeli spyware maker NSO Group to pay...

BFDOOR Malware Targets Organizations to Establish Long-Term Persistence

The BPFDoor malware has emerged as a significant threat targeting domestic and international organizations,...

Uncovering the Security Risks of Data Exposure in AI-Powered Tools like Snowflake’s CORTEX

As artificial intelligence continues to reshape the technological landscape, tools like Snowflake’s CORTEX Search...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

FBI Alerts Public to Scammers Posing as IC3 Officials in Fraud Scheme

The Federal Bureau of Investigation (FBI) has issued a warning regarding an emerging scam...

New ‘Waiting Thread Hijacking’ Malware Technique Evades Modern Security Measures

Security researchers have unveiled a new malware process injection technique dubbed "Waiting Thread Hijacking"...

EU’s GDPR Article 7 Poses New Challenges for Businesses To Secure AI-Generated Image Data

As businesses worldwide embrace digital transformation, the European Union’s General Data Protection Regulation (GDPR),...