Microsoft has confirmed that a hacker who successfully exploits a zero-day SQL vulnerability could gain system administrator privileges. Here’s how to fix it.

Microsoft is aware of public disclosure of two of today’s Patch Tuesday vulnerabilities, but without evidence of exploitation in the wild for any (yet), so there are no Microsoft additions to CISA’s ...

Zero-days in .NET and SQL Server, and a handful of critical RCE bugs, form the nucleus of Microsoft's March Patch Tuesday update.

Today is Microsoft's March 2026 Patch Tuesday with security updates for 79 flaws, including 2 publicly disclosed zero-day ...

Microsoft's March 2026 Patch Tuesday includes fixes for 83 vulnerabilities affecting Windows, Office, SQL Server, Azure and .NET.

The latest update from Microsoft deals with 112 flaws, including eight the company rated critical — and three zero-day exploits. Ninety-five of the vulnerabilities affect Windows. The first Patch ...

Windows Server 2025 is currently open to a Remote Code Execution exploit via the Windows Update Service, and at the time of this writing a fix from Microsoft has yet to fully patch the issue. Reports ...

Microsoft has released an emergency out-of-band security update for Windows Server to address a probable remote code execution vulnerability tracked as CVE-2025-59287. The issue affects the Windows ...

Microsoft issues emergency patch for a critical WSUS flaw enabling remote code execution CVE-2025-59287 allows unauthenticated attackers to gain SYSTEM privileges without user interaction An ...

Microsoft on Thursday deployed a reworked update for a critical vulnerability in the Windows Server Update Service (WSUS) that has come under attack in the wild. CVE-2025-59287 is a remote code ...

Microsoft’s October Patch Tuesday releases will fix 167 vulnerabilities, the highest number this year, including seven rated as critical that need immediate attention from CISOs. Separately, SAP ...