0patch

@0patch@infosec.exchange
825 Followers
372 Following
166 Posts
Critical security patches for Windows, https://0patch.com
Web sitehttps://0patch.com
Twitterhttps://twitter.com/0patch
Searchtfr
Show thread0patch3d ago

This exploited-in-the-wild issue is an interesting twist on binary planting that we were working on a decade and a half ago. The DLL/EXE search order just keeps on giving (to attackers, that is). https://binaryplanting.com

It turned out that all our security-adopted Windows versions were affected by this issue, so we created micropatches for them all. These are already distributed and applied to all online affected systems.

We would like to thank security researchers Alexandra Gofman and David Driker with @_cpresearch_ for detecting the exploitation and publishing their analysis, which made it possible for us to create a micropatch for this issue.

Binary Planting - The Official Web Site of a Forgotten Vulnerability . ACROS Security

0patch3d ago
Micropatches Released for WEBDAV Remote Code Execution Vulnerability (CVE-2025-33053) https://blog.0patch.com/2025/06/micropatches-released-for-webdav-remote.html
Show thread0patchMay 29

CVE-2025-29957 is a denial of service vulnerability allowing an attacker in the network to easily consume all available memory on a Windows Server with Windows Deployment Service installed. Our patch properly frees memory allocated by incoming requests (just like Microsoft's).

We would like to thank security researcher Zhiniang Peng (@edwardzpeng) for publishing their analysis, which made it possible for us to create a micropatch for this issue.

0patchMay 29
Micropatches Released for Preauth DoS on Windows Deployment Service (CVE-2025-29957) https://blog.0patch.com/2025/05/micropatches-released-for-preauth-dos.html
Show thread0patchMay 26
We would like to thank security researcher Aliakbar Zahravi (@aliakbarzahravi) with Trend Micro for publishing their analysis, which made it possible for us to create a micropatch for this issue.
0patchMay 26
Micropatches Released for Microsoft Management Console Security Feature Bypass Vulnerability (CVE-2025-26633) https://blog.0patch.com/2025/05/micropatches-released-for-microsoft.html
0patchMay 22
How MSPs Can Handle Windows 10 End of Support with 0patch
https://blog.0patch.com/2025/05/how-can-msps-handle-windows-10-end-of.html
How MSPs Can Handle Windows 10 End of Support with 0patch

“Patching Windows 10 after end-of-support? Done.” October 14, 2025, is a date that’s probably already circled in red on your Windows 10 cli...

Show thread0patchApr 29
There are apparently still many Windows 7 and Windows Server 2008 R2 machines out there. Let's get them patched!
0patchApr 29
Due to (wow!) growing demand, we've decided to extend support for Windows 7 and Windows Server 2008 R2 with security patches for another year (Jan/2027). Reminder: our security patches are the only security patches existing for these Windows versions.
https://support.0patch.com/hc/en-us/articles/360009437380
Show thread0patchApr 16

This issue is one of many issues causing an NTLM hash leak using a malicious URL file. We found it had been fixed by Microsoft with July 2023 updates, but we could not map it to a specific CVE (therefore "Unknown CVE").

The issue, however, still affects various older Windows systems that we have security-adopted, so we created patches for them.

We'd like to thank our sources researching various NTLM hash leak issues:
1) @domchell of @mdseclabs - https://mdsec.co.uk/2021/02/farming-for-red-teams-harvesting-netntlm/
2) @yorickkoster of @securifybv - https://securify.nl/en/blog/living-off-the-land-stealing-netntlm-hashes/
3) @Swepstopia: https://swepstopia.com/url-file-attack/