Zero day alert: CVE-2026-45585
CVE-2026-45585 is a Windows security feature bypass zero-day vulnerability, publicly known as “YellowKey", that targets the protections provided by Microsoft BitLocker full-disk encryption. This vulnerability can allow an attacker with physical access
Zero day Alert: Microsoft Defender Vulnerabilities (Actively Exploited)
Microsoft has disclosed two actively exploited zero-days affecting Microsoft Defender, including a privilege escalation flaw and a denial-of-service issue. The vulnerabilities have been patched in updated Defender Antimalware Platform releases, and organizations
Google patches multiple critical vulnerabilities in Chrome 147.0.7727.137/138 Stable Channel update
Hello everyone, Chrome Stable Channel has been updated to 147.0.7727.137/138 for Windows and Mac, and 147.0.7727.137 for Linux. This update comes with 30 security fixes, including multiple Critical severity vulnerabilities. The details of the critical
ManageEngine Security Compliance Benchmarks
Built and continuously curated by the dedicated security research team at ManageEngine, ManageEngine Security Benchmarks provide industry-aligned security hardening recommendations for operating systems, applications, browsers, and enterprise technologies.
Patch Tuesday Updates: May 2026
Good day, everyone! Here's a list of the updates released in this month's Patch Tuesday. New OS Security Updates: 44283 - 2026-05 Servicing Stack Update for Windows 10 Version 1607 for x64-based Systems (KB5088064) 44284 - 2026-05 Servicing Stack Update
NIST by ManageEngine
NIST (National Institute of Standards and Technology) is a U.S. government agency that develops widely adopted cybersecurity frameworks and standards. Its guidelines, such as the NIST Cybersecurity Framework (CSF), help organizations identify, protect,
Critical Vulnerabilities detected on Oracle Java and Azul Zulu
Multiple vulnerabilities have been identified in both Oracle Java and Azul Zulu distributions across various JDK and JRE versions. These flaws could allow attackers to execute arbitrary code, escalate privileges, or cause denial-of-service conditions.
CVE-2026-5525 – Notepad++ Stack-Based Buffer Overflow (DoS) Zero-day Vulnerability
A stack-based buffer overflow zero-day vulnerability has been identified in Notepad++ v8.9.3, specifically within the file drop handler component. The following are the vulnerability details: CVE ID: CVE-2026-5525 Affected Version: Notepad++ 8.9.3 Component:
Google patches multiple critical and high severity vulnerabilities in Chrome 147.0.7727.101/102 Stable Channel update
Hello everyone, Chrome Stable Channel has been updated to 147.0.7727.101/102 for Windows and Mac, and 147.0.7727.101 for Linux. This update comes with 31 security fixes, including multiple Critical severity vulnerabilities. The details of the critical
Zero-Day Vulnerability Alert: Patches Released for Adobe Acrobat Zero-day Vulnerability
Patches have been released to address the following zero vulnerability in Adobe Acrobat. This vulnerability could be exploited through malicious documents, potentially leading to system compromise. It is recommended to apply the relevant updates at the
Patch Tuesday Updates: April 2026
Good day, everyone! Here's a list of the updates released in this month's Patch Tuesday. New OS Security Updates: 43994 - 2026-04 Security Monthly Quality Rollup for Windows Server 2012 R2 for x64-based Systems (KB5082126) (ESU) 43995 - 2026-04 Security
UK Cyber Essentials Compliance Checks
UK Cyber Essentials is a government-backed cybersecurity certification developed by the National Cyber Security Centre (NCSC). It helps organizations protect against common cyber threats through essential security controls. As part of our expanding coverage,
The March 2026 Patch Reality Check: Public Zero-Days, “Preview Pane” Office Risk, and Browser Extension Exposure
In the month of March, the big theme wasn’t “hundreds of scary CVEs.” It was how quickly risk moves when details are public and how often attacks ride on normal daily behaviour: previewing Office content, running productivity tools, and using browser
Patch Tuesday Updates: March 2026
Good day, everyone! Here's a list of the updates released in this month's Patch Tuesday. New OS Security Updates: 43565 - 2026-03 Security Monthly Quality Rollup for Windows Server 2012 R2 for x64-based Systems (KB5078774) (ESU) 43566 - 2026-03 Security
Zero-Day Vulnerability and Severity Reclassification
Our dedicated security research team has revisited and thoroughly reviewed vulnerability data by continuously monitoring fifteen trusted cybersecurity intelligence sources. These include vulnerability disclosure platforms, vendor security advisories,
Microsoft Windows 2022 Servers Unexpectedly Upgrades to 2025
The issue appears to stem from KB5044284, an update released during October's Patch Tuesday. While this update is intended for Windows Server 2025, Microsoft's patch management systems have misclassified it, leading to it being treated as an OS upgrade
Patch Tuesday Updates: February 2026
Good day, everyone! Here's a list of the updates released in this month's Patch Tuesday. New OS Security Updates: 43385 - 2026-02 Security Monthly Quality Rollup for Windows Server 2012 R2 for x64-based Systems (KB5075970) (CVE-2026-21513) (CVE-2026-21525)
Patch with Confidence: Stop Auto-Updaters' Hacking Risks
One silent redirect is all it takes! The recent Notepad++ updater incident shows why letting endpoints self-update from the internet is a supply-chain risk, because attackers compromised parts of the update infrastructure and selectively rerouted in-app
Patch Tuesday Updates: January 2026
Good day, everyone! Here's a list of the updates released in this month's Patch Tuesday. New OS Security Updates: 43200 - 2026-01 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB5073695) (CVE-2023-31096) (ESU) 43201
Patch Tuesday Updates: December 2025
Good day, everyone! Here's a list of the updates released in this month's Patch Tuesday. New OS Security Updates: 43062 - 2025-12 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB5071501) (ESU) (CVE-2025-54100) 43063
Question
I am using Vulnerability manager plus. i have a license which says for example 5 computers and 10 network devices. when i scan an ip range it always give me result for network devices whether it be computer or VM or anything. How do i scan for computer
End of Support Announcement for macOS Mojave (10.14) and Catalina (10.15)
We’d like to inform you that support for macOS Mojave (10.14) and macOS Catalina (10.15) will be officially discontinued effective March 1, 2026. Reason for This Change Apple has officially ended software and security updates for macOS Mojave (10.14)
Forrester study reveals 95% time savings in patching with Endpoint Central
According to the latest Forrester Total Economic Impact™ study, organizations using Endpoint Central saw up to 95% time savings in patch management resulting in $913,000 in productivity gains over three years. The study found that interviewed organizations
Expanded Exploit Coverage for CVEs
Previously, CVE information was fetched from a limited number of sources, which caused many detected CVEs in the product to have their exploit status marked as Not Available. We have now expanded our data coverage by integrating several additional sources.
Patch Tuesday Updates: November 2025
Good day, everyone! Here's a list of the updates released in this month's Patch Tuesday. New OS Security Updates: 42869 - 2025-11 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB5068908) (ESU) 42870 - 2025-11 Security
Allow Microsoft patches to be automatically approved
We would like to be able to let all Microsoft patches or lets say only Patch Tuesday patches to be automatically approved. We have a specific patch plan for our servers and we need to be able to patch our windows servers without the "Test and Approve"
Patch Tuesday Updates: October 2025
Good day, everyone! Here's a list of the updates released in this month's Patch Tuesday. New OS Security Updates: 42594 - 2025-10 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB5066876) (ESU) (CVE-2025-24052) (CVE-2025-24990)
Vulnerability Manager Plus Now Supports macOS 26 Tahoe
Hello everyone ! We’re excited to inform you that Vulnerability Manager Plus now supports macOS 26 Tahoe. IT administrators can now manage patches for macOS Tahoe devices easily using Vulnerability Manager Plus’s advanced patching features. macOS Tahoe,
Patch Tuesday Updates: September 2025
Good day, everyone! Here's a list of the updates released in this month's Patch Tuesday. New OS Security Updates: 42320 - 2025-09 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB5065510) (CVE-2025-55234) (ESU) 42321 -
Patch Tuesday Updates: August 2025
Good day, everyone! Here's a list of the updates released in this month's Patch Tuesday. New OS Security Updates: 42112 - 2025-08 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB5063927) (ESU) 42113 - 2025-08 Security
WINRAR 7.13 (X64) Security Vulnerability– Immediate Patch Advisory
Hello everyone ! A high-risk security flaw has been identified in WinRAR version 7.13 (x64) that could let attackers execute malicious code via specially crafted archive files. Systems with this version installed and not updated are at immediate risk.
Critical SharePoint Vulnerabilities: CVE-2025-53770 and CVE-2025-53771
Critical zero-day vulnerabilities in Microsoft SharePoint on-premises servers, CVE-2025-53770 and CVE-2025-53771, have been actively exploited, with numerous servers compromised across various sectors. CVE-2025-53770 is a remote code execution vulnerability;
email server setup
how do i setup email server settings in vulnerability manager plus . does it require business emails only or gmail accounts also could be used.
CVE-2025-48818: Security feature bypass vulnerability
CVE-2025-48818 is a security feature bypass vulnerability in Windows BitLocker. The flaw stems from a time-of-check to time-of-use (TOCTOU) race condition, which could allow an attacker with physical access to a target system to bypass BitLocker encryption
Patch Tuesday Updates: July 2025
Good day, everyone! Here's a list of the updates released in this month's Patch Tuesday. New OS Security Updates: 2025-07 Security Only Quality Update for Windows Server 2008 for x64-based Systems (KB5062618) (ESU) 2025-07 Security Only Quality Update
Password change interval
I have a password change interval set on my domain that is greater than 45 days but is not out of compliance for my security policy. How do I change this server setting so it does not flag every one of my servers as highly vulnerable? -Michael
Red Hat Linux Patching Alert: Update Nomination Settings Before July 7, 2025
Hello everyone ! Starting July 7, 2025, Red Hat will no longer allow logins using an email address. If your Red Hat nomination currently uses an email ID instead of a username, this change could affect patch deployment and related automation workflows.
Agent installation on Work From Home workstations
We are implementing Vulnerability Manager for our corporate LAN, which contains ~30 servers and ~15 workstation virtual machines, all of which are on the same local infrastructure and joined to our local active directory on premises (which syncs to our
Scheduled Remote Shutdown Email Notification to admins
Can your team add an email notification option for the scheduled remote shutdown? From an administrator perspective when we perform our daily system audits, we currently get email notifications sent to us confirming the reboot, which we have done using
Post deployment forced reboot without notification/prompting
When creating a deployment policy for patching, we are able to force reboot pre-deployment without notification to the user. However, I am not seeing the same option for post-deployment reboot. Please advise. We do not want users being prompted of this,
Next Page
