Exposure Management

Microsoft has released security updates for 61 vulnerabilities in its May 2024 Patch Tuesday rollout. There are two zero-day vulnerabilities patched, affecting Windows MSHTML (CVE-2024-30040) and Desk[…]

As adversaries become faster and stealthier, they relentlessly search for vulnerable assets to exploit. Meanwhile, your digital footprint is expanding, making it increasingly challenging to keep track[…]

UPDATE: It has been confirmed that disabling telemetry will not block this exploit. Applying a patch as soon as possible is the most effective remediation for this vulnerability. Patches for 8 of the […]

Microsoft has released security updates for 150 vulnerabilities in its April 2024 Patch Tuesday rollout, a much larger amount than in recent months. There are three Critical remote code execution vuln[…]

CrowdStrike is committed to protecting our customers from the latest and most sophisticated cybersecurity threats. We are actively monitoring activity surrounding CVE-2024-3094, a recently identified […]

Microsoft has released security updates for 60 vulnerabilities in its March 2024 Patch Tuesday rollout. There are two Critical vulnerabilities patched (CVE-2024-21407 and CVE-2024-21408), both of whic[…]

It is a common refrain in security circles that "nobody loves their vulnerability management tool." CrowdStrike may have just proved to be the exception. We are proud to announce that CrowdStrike is t[…]

Microsoft has released security updates for 73 vulnerabilities for its February 2024 Patch Tuesday rollout. These include two actively exploited zero-days (CVE-2024-21412 and CVE-2024-21351), both of […]

In a relatively quiet week for Microsoft Patch Tuesday, the vendor announced 49 vulnerabilities affecting Microsoft products, two of which are critical, and a number of remote code execution (RCE) vul[…]

Microsoft has released security updates for 34 vulnerabilities, including one previously disclosed zero-day (CVE-2023-20588), a vulnerability affecting Advanced Micro Devices (AMD) processors. Four of[…]

CrowdStrike discovered a vulnerability in Flexera's FlexNet Inventory Agent that can be exploited to allow arbitrary code execution and privilege escalation under certain conditions. The vulnerability[…]

Microsoft has released security updates for 58 vulnerabilities, including five zero-days, three of which are being actively exploited. One of the zero-days (CVE-2023-36025) is a Windows SmartScreen Se[…]

At CrowdStrike, we’re on a mission to stop breaches. As adversaries weaponize vulnerabilities with increasing speed, organizations must accelerate their ability to identify security gaps and proactive[…]

Twenty years ago, Microsoft introduced the concept of Patch Tuesday to “reduce the burden on IT administrators by adding a level of increased predictability and manageability.” The goal of Patch Tuesd[…]

In an increasingly connected digital landscape, the security of your organization's data and publicly facing assets is more critical than ever. According to the CrowdStrike 2023 Threat Hunting Report,[…]

This month marks the 20th anniversary of Patch Tuesday, and Microsoft has released security updates for 104 vulnerabilities, including three zero-days. One of the zero-days (CVE-2023-41763) is an elev[…]

Microsoft has released security updates for 62 vulnerabilities and two zero-days for its September 2023 Patch Tuesday rollout. One of the zero-days (CVE-2023-36802) is an elevation of privilege vulner[…]

Two new privilege escalation CVEs, CVE-2023-2640 and CVE-2023-32629, have been discovered in the Ubuntu kernel OverlayFS module. The CVEs affect not only any Ubuntu hosts running with vulnerable kerne[…]

The IT future is a cloudy one. Organizations are increasingly relying on cloud servers, as today’s IT environments use a combination of public and private clouds alongside on-premise infrastructure. G[…]

Microsoft has released security updates for 76 vulnerabilities and two zero-days for its August 2023 Patch Tuesday rollout. One of the zero-days (CVE-2023-38180) is a denial-of-service vulnerability i[…]

Microsoft has released security updates for 131 vulnerabilities and a disclosure for one yet-unpatched vulnerability for its July 2023 Patch Tuesday rollout: 9 are rated as Critical while the remainin[…]

Microsoft has released 78 security patches for its June 2023 Patch Tuesday rollout. Of the vulnerabilities patched today, 6 are classified as Critical and 38 are remote code execution (RCE) flaws. Jun[…]

CrowdStrike Falcon® Discover delivers deep asset visibility with no hardware to deploy or manage, providing valuable context for all of your assets. For IT and security teams alike, Falcon Discover is[…]

Microsoft has released patches for 38 vulnerabilities for its May 2023 Patch Tuesday rollout: 6 are rated as Critical while the remaining 32 are rated as Important. Three vulnerabilities are identifie[…]

Microsoft has released patches for 97 vulnerabilities for its April 2023 Patch Tuesday rollout: 7 are classified as Critical while the remaining 90 are classified as Important. One vulnerability is id[…]

Microsoft has released 80 security patches for its March 2023 Patch Tuesday rollout: 9 vulnerabilities are rated Critical, 70 Important and 1 Moderate. Two actively exploited zero-day vulnerabilities […]

Microsoft has released 75 security patches for its February 2023 Patch Tuesday rollout: 9 vulnerabilities are rated Critical, and the remaining 66 are rated Important. Three actively exploited vulnera[…]

Today, containers are the preferred approach to deploy software or create build environments in CI/CD lifecycles. However, since the emergence of container solutions and environments like Docker and K[…]

The first Patch Tuesday of 2023 is starting the year with a large number of bug fixes. Microsoft released 98 security patches for its January 2023 Patch Tuesday rollout, almost double the number relea[…]

Microsoft has released 49 security patches for its December 2022 Patch Tuesday rollout. Of these, 10 vulnerabilities are rated Critical, two are rated Medium and the rest are rated Important. DirectX […]

Microsoft has released 66 security patches for its November 2022 Patch Tuesday rollout. Of these, 10 vulnerabilities are rated Critical and the remaining 56 are rated Important. It should be noted tha[…]

Microsoft has released 84 security patches for its October 2022 Patch Tuesday rollout. Of these, 13 vulnerabilities are rated Critical, while the remaining 71 are rated Important. It should be noted t[…]

Microsoft has released 63 security patches for its September 2022 Patch Tuesday rollout. Five vulnerabilities are rated Critical, 57 are rated Important, one is Moderate, and one is rated Low in sever[…]

A hailed cybersecurity buzzword: Zero Trust was born out of the critical need to modernize outdated IT architecture, which assumes that all assets within an organization — and attached to it — should […]

Microsoft has released 121 security patches for its August 2022 Patch Tuesday rollout. Seventeen vulnerabilities are rated Critical in severity and the rest are classified as Important, with one (CVE-[…]

Microsoft has released 84 security patches for its July 2022 Patch Tuesday rollout. Four vulnerabilities are rated Critical in severity and the rest are classified as Important, with one (CVE-2022-220[…]

Microsoft has released 55 security patches for its June 2022 Patch Tuesday rollout. Three of the 55 CVEs addressed are rated Critical severity, with CVE-2022-30136 having the highest CVSS score of 9.8[…]

On May 27, 2022, a remote code execution vulnerability was reported affecting the Microsoft Windows Support Diagnostic Tool (MSDT) The vulnerability, which is classified as a zero-day, can be invoked […]

Microsoft has released 73 security patches for its May Patch Tuesday rollout. One of the 73 CVEs addressed, Windows LSA Spoofing Vulnerability CVE-2022-26925, is ranked as Important and is under activ[…]

In this blog you will: Learn how to leverage the CrowdStrike Falcon® Spotlight™ integrated threat and vulnerability management module to fuse your endpoint telemetry with CISA's Known Exploited Vulner[…]

Microsoft has released 117 security patches for its April Patch Tuesday rollout. Of the 117 CVEs addressed, two are ranked as Important zero-days, including CVE-2022-24521, which is under active explo[…]

CrowdStrike cloud security researchers discovered a new vulnerability (dubbed “cr8escape” and tracked as CVE-2022-0811) in the Kubernetes container engine CRI-O. CrowdStrike disclosed the vulnerabilit[…]

Microsoft has released 71 security patches for its March Patch Tuesday rollout. Of the 71 CVEs addressed, three are ranked as Important zero-days. This month the quantity of patches for Critical vulne[…]

Adversaries are becoming more adept and sophisticated in their attacks. Taking advantage of vulnerabilities present in major software is often an attractive entry point for establishing a campaign wit[…]

Microsoft has released 48 security patches for its February Patch Tuesday rollout. None are considered Critical or known to have been actively exploited. CVE-2022-21989, a publicly known zero-day vuln[…]

In November 2021, a vulnerability was discovered in a ubiquitous Linux module named Polkit. Developed by Red Hat, Polkit facilitates the communication between privileged and unprivileged processes on […]

Kicking off the first Patch Tuesday of 2022, CrowdStrike continues to provide research and analysis regarding critically rated vulnerabilities and the subsequent patches offered by Microsoft. In this […]

It’s the last Patch Tuesday update of 2021, and as with many other updates this year, this month’s list includes important ones — among them a zero-day (CVE-2021-43890 in AppX installer), multiple cri[…]

CrowdStrike Falcon® receives second half-year award for Approved Business Security Product from AV-Comparatives in 2021 This marks the tenth consecutive Approved Business Security Product award from A[…]

Log4j2 is an open-source, Java-based logging framework commonly incorporated into Apache web servers. Between late November and early December 2021, a critical vulnerability (CVE-2021-44228) impacting[…]

The Cybersecurity and Infrastructure Security Agency (CISA) issued a mandate on November 2, 2021, for all U.S. federal agencies to fix hundreds of known vulnerabilities. Binding Operational Directive […]

As the year draws to a close, the active exploitation of Microsoft vulnerabilities continues unabated. Once again, a broad range of Microsoft products are included in this month’s Patch Tuesday update[…]

Microsoft has released its October 2021 updates covering a garden variety of vulnerabilities that threat actors can exploit using several attack types, from remote code execution to spoofing to privil[…]

This announcement is part of the Fal.Con 2021 CrowdStrike Cybersecurity Conference, Oct. 12-14. Register now for free to learn all about our other exciting new products and partnerships! SecOps has a […]

Attackers are continually taking advantage of Microsoft products, and this month’s vulnerabilities and subsequent patch updates reflect that reality. One particular zero-day vulnerability, CVE-2021-40[…]

The security operations center, or SOC, is the heart and soul of an enterprise that identifies, investigates and remediates security threats. However, modern-day threats continue to evolve, making it […]

August’s Patch Tuesday covered less than half as many patched vulnerabilities as July. Two of the vulnerabilities patched this month (CVE-2021-34481 and CVE-2021-36934) were previously disclosed and h[…]

Imagine this scenario: Your IT staff, pressed for time, checks for patches once every month after the Microsoft Patch Tuesday release. They spend a few minutes gathering intel and perhaps a few more m[…]

The month of July 2021 has been particularly challenging for organizations relying on Microsoft products. Along with the ongoing PrintNightmare out-of-band patch bypass situation affecting Windows Pri[…]

As part of June’s Patch Tuesday, an update for CVE-2021-1675 “Windows Print Spooler Remote Code Execution Vulnerability” was published. However, weeks later, researchers uncovered that the CVE-2021-16[…]

This month’s patch update covers 50 vulnerabilities, with 6 of them actively exploited - the highest number we’ve seen so far in 2021. Five of these in-the-wild exploits affect default Windows compone[…]

Vulnerabilities in the kernel mode component have serious implications on endpoint security. Operating systems and independent software vendors have been improving the security of code for years, but […]

Last month, teams participating in a global hacking contest, Pwn2Own, succeeded in exploiting several Microsoft products on the first day of the competition. These Windows products, which include Micr[…]

The threat landscape is constantly evolving, with an increase in incidents and breaches being reported rapidly across industries. In 2020, the number of data breaches soared from a decade ago, accordi[…]

The year 2021 has required a lot of attention from cyber-savvy Microsoft users so far, considering the quantity and severity of vulnerabilities requiring updates and also the increased urgency to rele[…]

One lesson from 2020 is clear: Patching security holes must be a high priority for security operations teams throughout this year and beyond. While the newest vulnerabilities often get the most media […]

In this Microsoft Patch Tuesday update, we discuss several critical vulnerabilities, including a newly released zero-day targeting Internet Explorer that has already seen active exploitation in the wi[…]

While the total number of patches Microsoft delivered in its "Patch Tuesday" update this month is lower than usual, it included some sorely needed fixes -- including one that addresses Zerologon, a vu[…]

Identifying and remediating vulnerabilities is a fundamental step toward creating a secure IT environment. Building a successful vulnerability management program, however, requires more than just tech[…]

On Patch Tuesday, January 12, 2021, Microsoft released a patch for CVE-2021-1678, an important vulnerability discovered by CrowdStrike® researchers. This vulnerability allows an attacker to relay NTLM[…]

This blog was originally published on October 8, 2019. On October 8, 2019, aka Patch Tuesday, Microsoft released patches for CVE 2019-1166 and CVE-2019-1338 — two important vulnerabilities discovered […]

This blog was originally published on July 14, 2020. On July 14, 2020 Patch Tuesday, Microsoft released a patch for CVE-2020-1267, an important vulnerability in the Active Directory (AD) identity stor[…]

A serious and potentially dire patch warning has been issued by the Department of Homeland Security (DHS) advisory team, the Cybersecurity and Infrastructure Security Agency (CISA). The alert, labeled[…]

Event Stream Processing (ESP) has been a central component of CrowdStrike Falcon®’s IOA approach since CrowdStrike's inception. In this post we'll take a closer look at ESP — along with its utility an[…]

A significant fraction of targeted attacks involve spear phishing emails with malicious lure documents that, when opened, exploit a vulnerability in the document viewer application to invoke a backdoo[…]