Microsoft has released another set of bug fixes for Windows, Office, Azure, and SharePoint (via ZDNet). The latest round of bug fixes comes as expected as part of Microsoft’s “Patch Tuesday,” usually the second Tuesday of each month, where the company releases fixes on a schedule to make it easier for administrators and consumers to keep their systems up to date.
This time, there’s only one “zero day” exploit fix (last month there were 6), a Windows kernel elevation of privilege vulnerability, which although the exploit could grant elevated privileges to an attacker, it “requires an attacker to take additional actions prior to exploitation to prepare the target environment,” and while a proof of concept for the vulnerability exists, the bug has yet to be exploited.
In addition to the single “zero day” bug fix, the company issued a wide range of fixes for everything from vulnerabilities in Azure Data Explorer to Office, Teams, Hyper-V, SQL Server, Visual Studio, and Windows. You can find the complete Security Update Guide on the Microsoft Security Response Center website, as well as release notes for the individual CVEs.
You can check for updates through Windows Update, and through the update options in Office documents and your various applications.