Get our weekly newsletter April bundle addresses 100-plus vulnerabilities including 10 critical RCEs
Microsoft's massive April Patch Tuesday includes one bug that has already been exploited in the wild and a second that has been publicly disclosed. In total, the Redmond giant patched a whopping 128 bugs today, including 10 critical remote code execution (RCE) vulnerabilities. First, though: CVE-2022-24521, which NSA and CrowdStrike security researchers reported to Microsoft, is under active exploitation. It's an elevation-of-privilege vulnerability, and it occurs in the Windows Common Log File ...