Microsoft has issued over 147 patches in its largest patch Tuesday release since 2017, including fixes for two actively exploited vulnerabilities.
The Microsoft flaws join a rash of zero days disclosed over the past week by various companies, including Apple, Google and Adobe.
Meanwhile, two exploited Exchange flaws that publicly emerged two weeks ago were not addressed in Microsoft’s update.
The vulnerability in the Windows Common Log File system could allow an authenticated attacker to execute code with elevated privileges.
Attackers were attempting to exploit the flaw to distribute the Emotet, Trickbot and Bazaloader malware.