Microsoft Patch Tuesday Tsunami No Zero-Days, but an Asterisk

10-Apr-24

Microsoft’s April Patch Tuesday addresses a record-high 147 CVEs, with three critical vulnerabilities and no zero-day threats. Notably, a SmartScreen Prompt security bypass and flaws in Windows Secure Boot are among the fixes, with evidence of active exploitation for one vulnerability. Microsoft SQL Server vulnerabilities also receive attention, though exploitation requires social engineering. Security teams are advised to prioritize patching and monitor for anomalous activity.

Read More…