Krebs on Security's latest article highlights Microsoft's December 2024 Patch Tuesday, which addresses over 70 security vulnerabilities, including an actively exploited zero-day flaw in the Windows Common Log File System (CLFS). Tyler Reguly from Fortra is quoted discussing the consistency of Microsoft's yearly vulnerability tallies, emphasizing the need for ongoing vigilance in system updates.
Originally published in Krebs on Security.
Excerpt: “Tyler Reguly at the security firm Fortra had a slightly different 2024 patch tally for Microsoft, at 1,088 vulnerabilities, which he said was surprisingly similar to the 1,063 vulnerabilities resolved in 2023 and the 1,119 vulnerabilities resolved in 2022.
‘If nothing else, we can say that Microsoft is consistent,’ Reguly said. ‘While it would be nice to see the number of vulnerabilities each year decreasing, at least consistency lets us know what to expect.’”