Microsoft has released a set of critical security updates addressing 86 Microsoft CVEs and 5 non-Microsoft CVEs, including fixes for various products such as SQL Server, Azure Windows Virtual Machine Agent, and Windows Routing and Remote Access Service (RRAS). The update also includes defense-in-depth updates to improve security-related features.
Microsoft has released the August 2025 security update, which fixes 111 Microsoft CVEs related to various products like Windows Hyper-V, Azure Virtual Machines, Microsoft Office SharePoint, Microsoft Edge for Android, Microsoft Graphics Component, Microsoft Dynamics 365 (on-premises), Windows Routing and Remote Access Service (RRAS), Windows NTFS, Remote Access Point-to-Point Protocol (PPP) EAP-TLS, Windows Win32K - GRFX, Windows Distributed Transaction Coordinator, and Windows Cloud Files Mini Filter Driver.
The update addresses vulnerabilities in the following components: Remote Desktop Server, Windows DirectX, Windows Installer, Graphics Kernel, Windows Message Queuing, Windows Media, Windows PrintWorkflow UserSvc, Windows NT OS Kernel, Windows Kernel, Windows Streaming WOW Thunk Service Driver, Desktop Windows Manager, Windows Local Security Authority Subsystem Service (LSASS), Windows Remote Desktop Services, Windows Push Notifications, SQL Server, Microsoft Dynamics 365 (on-premises), and Azure File Sync.
Microsoft has released the July 2025 security update release, which includes 130 Microsoft CVEs, including Service Fabric, Windows Kernel, Remote Desktop Client, Windows Visual Basic Scripting, Microsoft Intune, Virtual Hard Disk (VHDX), Microsoft Input Method Editor (IME), Windows Storage VSP Driver, Windows GDI, Windows Event Tracing, Universal Print Management Service, Windows Cred SSProvider Protocol, Azure Monitor Agent, Microsoft Input Method Editor (IME), Microsoft PC Manager, Microsoft Office, Windows MBT Transport driver, Windows Routing and Remote Access Service (RRAS), Windows Hyper-V, Windows Connected Devices Platform Service, Windows BitLocker, Windows Update Service, Windows SMB, Windows Virtualization-Based Security (VBS) Enclave, Microsoft MPEG-2 Video Extension, Windows Kernel, Windows Secure Kernel Mode, Windows Office Excel, Windows Remote Desktop Licensing Service, Windows SSDP Service, HID class driver, Remote Desktop Client, Windows Universal Plug and Play (UPnP) Device Host, Windows AppX Deployment Service, Windows Cryptographic Services, Windows Routing and Remote Access Service (RRAS), Windows TDX.sys, Windows Event Tracing, Windows Ancillary Function Driver for WinSock, Windows Routing and Remote Access Service (RRAS), Windows User-Mode Driver Framework Host, Workspace Broker, Windows Kernel, Windows Win32K - ICOMP, and Windows Routing and Remote Access Service (RRAS).
Microsoft has released the June 2025 security updates, including 66 CVEs for Windows Storage Management Provider, Windows Cryptographic Services,.NET and Visual Studio, Windows Remote Desktop Services, Windows Win32K - GRFX, Windows Common Log File System Driver, Windows Installer, Remote Desktop Client, Windows Media, Windows SMB, Windows Recovery Driver, Windows Storage Port Driver, Windows Local Security Authority Subsystem Service (LSASS), Windows DHCP Server, Windows DWM Core Library, WebDAV, Windows DWM Core Library, Windows Kernel, Windows Standards-Based Storage Management Service, App Control for Business (WDAC), Windows Netlogon, Windows KDC Proxy Service (KPSSVC), Windows SMB, Windows Installer, Windows Shell, Microsoft Office, SharePoint, Microsoft Office Excel, Microsoft Office Word, Microsoft Office Outlook, Microsoft Office SharePoint, Microsoft Office Excel, Microsoft Office PowerPoint, Microsoft Office Outlook, Microsoft Office, Microsoft Office SDK, Power Automate, Microsoft AutoUpdate (MAU), Windows Hello, and Nuance Digital Engagement Platform.
Microsoft has published the security updates for May 2025, which encompass Azure DevOps, Microsoft Edge (Chromium-based), Azure Automation, Azure Storage Resource Provider, Microsoft Dataverse, and Microsoft Power Apps. Microsoft has republished five non-Microsoft CVEs. The blog posts on the Security Update Guide have been revised to enhance transparency and support regarding CVEs assigned by industry partners. Updates for Windows 10 and Windows 11 are cumulative, incorporating all security fixes and non-security updates accessible through the Microsoft Update Catalog. The Windows Lifecycle Facts Sheet offers detailed information regarding the lifecycle and support dates for these operating systems. Organizations utilizing Windows Server 2008 R2 or 2008 are required to acquire the Extended Security Update to maintain access to security updates.
Microsoft has announced the release of 126 security updates for April 2025, addressing a total of 126 CVEs. The recent updates cover a range of services and applications, including Visual Studio Code, Windows Standards-Based Storage Management Service, Windows Local Security Authority (LSA), Windows NTFS, Windows Routing and Remote Access Service (RRAS), Windows Update Stack, Windows Telephony Service, Windows DWM Core Library, Microsoft Edge (Chromium-based), Azure Local Cluster, Windows Hello, Windows BitLocker, Windows USB Print Driver, Windows Digital Media, Windows Cryptographic Services, Microsoft Office, Windows Kerberos, Windows Kernel, Windows Secure Channel, Windows Local Session Manager (LSM), Windows LDAP, Windows upnphost.dll, Windows Media, Windows Subsystem for Linux, Windows Remote Desktop Services, Windows Defender Application Control, and RPC Endpoint Mapper Service.
Fort Firewall 3.16.6 has been released and introduces a "Connections" button, a "Auto-Learn Off" flag for programs, a "Trace Driver Events" flag for logs, and a "Driver" flag to address the default action on the Global Rule.
Microsoft has published the March 2025 security update release covering 57 Microsoft CVEs, which include the Windows exFAT File System, Azure Agent Installer, Windows MapUrlToZone, Windows Remote Desktop Services, .NET, Windows Win32 Kernel Subsystem, Microsoft Streaming Service, Windows Hyper-V, Azure CLI, Windows Routing and Remote Access Service (RRAS), Windows NTLM, Windows USB Video Driver, Windows Telephony Server, Microsoft Office, Windows Common Log File System Driver, Windows Mark of the Web (MOTW), Windows Kernel-Mode Drivers, ASP.NET Core & Visual Studio, Windows File Explorer, Microsoft Local Security Authority Server (lsasrv), Microsoft Office Excel, Windows Cross Device Service, Microsoft Office Word, Microsoft Office Access, Visual Studio Code, Microsoft Management Console, Microsoft Edge (Chromium-based), and Remote Desktop Client. Furthermore, 10 non-Microsoft CVEs have been republished.
Microsoft has announced the release of 63 security updates, addressing a range of vulnerabilities across various platforms including Windows 10, Windows DHCP Client, Windows Message Queuing, Windows Resilient File System (ReFS) Deduplication Service, Windows CoreMessaging, Azure Network Watcher, Windows Telephony Service, Microsoft Surface, Microsoft High Performance Compute Pack (HPC) Linux Node Agent, Windows Telephony Service, Windows Telephony Server, Visual Studio, Windows Routing and Remote Access Service (RRAS), Windows Internet Connection Sharing (ICS), Windows CoreMessaging, Windows Kernel, Windows Win32 Kernel Subsystem, Windows LDAP, Windows NTLM, Windows DHCP Server, Microsoft Office Excel, Windows Storage, Microsoft Office SharePoint, Windows DWM Core Library, Windows Ancillary Function Driver for WinSock, Windows Setup Files Cleanup, Windows Disk Cleanup Tool, Microsoft AutoUpdate (MAU), and Visual Studio Code.
Microsoft has issued 159 security updates for January 2025, addressing a range of vulnerabilities. The updates encompass a resolution for .NET, .NET Framework, Visual Studio, Microsoft Office Access, Power Automate, Windows MapUrlToZone, Active Directory Federation Services, Windows Recovery Environment Agent, Windows Connected Devices Platform Service, Windows Virtual Trusted Platform Module, Windows Boot Loader, Windows BitLocker, Windows Boot Manager, Windows Mark of the Web, Windows Kerberos, Windows Message Queuing, Windows Telephony Service, Line Printer Daemon Service (LPD), Windows Remote Desktop Services, Windows Digital Media, IP Helper, Windows PrintWorkflowUserSvc, and other related services.
Microsoft has issued 72 CVEs, including System Center Operations Manager, Microsoft Office, Microsoft Edge (Chromium-based), Microsoft Defender for Endpoint. Microsoft Office SharePoint, GitHub, Microsoft Office Word, Microsoft Office Excel, Windows Task Scheduler, Windows Mobile Broadband, Windows Kernel-Mode Drivers, Windows Remote Desktop Services, Windows Virtualization-Based Security (VBS) Enclave, Windows Resilient File System (ReFS), Windows PrintWorkflowUserSvc, Windows Message Queuing, Windows Wireless Wide Area Network Service, Windows LDAP - Lightweight Directory Access Protocol, and Wi Windows Remote Desktop Services.
The Microsoft November 2024 security update release includes 89 Microsoft CVEs, including Windows Package Library Manager, SQL Server, Microsoft Virtual Hard Drive, Windows SMBv3 Client/Server, Windows USB Video Driver, Windows DNS, Windows NTLM, Windows Registry, SQL Server,.NET and Visual Studio, Windows Update Stack, LightGBM, Azure CycleCloud, Azure Database for PostgreSQL, Windows Telephony Service, Windows NT OS Kernel, Windows Hyper-V, Windows VMSwitch, Windows Telephony Service, Windows DWM Core Library, Windows Kernel, Windows Secure Kernel Mode, Windows USB Video Driver, Windows DWM Core Library, Windows USB Video Driver, Windows Kerberos, Windows Registry, Windows SMB, Windows CSC Service, Windows Defender Application Control (WDAC), Windows SQL Server, Windows Active Directory Certificate Services, Windows Office Excel, Microsoft Graphics Component, Microsoft Office Word, Windows Task Scheduler, Microsoft Exchange Server, Azure Database for PostgreSQL, Visual Studio, Windows Win32 Kernel Subsystem, TorchGeo, Visual Studio Code, Microsoft PC Manager, and Airlift.microsoft.com.
Fort Firewall 3.14.9 has been released, featuring updates to the user interface, such as the introduction of dark theme colors and the removal of Service SID handling.
Microsoft has released 117 CVEs for October 2024, covering various aspects of Windows systems. These include Windows Hyper-V, Windows EFI Partition, Windows Kernel, OpenSSH for Windows, Azure Monitor, Windows Netlogon, Windows Kerberos, BranchCache, Azure Stack, Windows Routing and Remote Access Service (RRAS),.NET and Visual Studio, Windows Remote Desktop Licensing Service, Windows Remote Desktop Services, Microsoft Configuration Manager, Service Fabric, Power BI,.NET,.NET Framework, Visual Studio, Visual Studio Code, DeepSpeed, Windows Resilient File System (ReFS), Windows Common Log File System Driver, Windows Kernel, Microsoft Office SharePoint, Microsoft Office Excel, Microsoft Office Visio, BranchCache, Microsoft Graphics Component, Windows Kernel, Windows Standards-Based Storage Management Service, Windows BitLocker, Windows NTFS, Internet Small Computer Systems Interface (iSCSI), Windows Secure Kernel Mode, Microsoft ActiveX, Windows Telephony Server, Microsoft WDAC OLE DB provider for SQL, Windows Kernel, Windows Hyper-V, and Windows Local Security Authority.
Fort Firewall 3.14.0 has been released, allowing users to apply an "Alerts" filter to their programs and reset changes on close, following a regression from v3.13.13.
The Microsoft September 2024 security update release is packed with 79 Microsoft CVEs. It's like a treasure trove of fixes for Windows TCP/IP, SQL Server, Security Zone Mapping, Windows Installer, and so much more.
Fort Firewall 3.13.10 has been updated with Spanish language support, a "README.portable" file for uninstallation, and driver scripts advising against removing the FortFirewall service.
Fort Firewall 3.13.9 has been released to address a regression introduced back in 3.13.6.
A new test version of Fort Firewall is available.
Microsoft has announced the security updates for August 2024.
