SELECTED BY THE TALOS SECURITY INTELLIGENCE AND RESEARCH GROUP
Title: Microsoft Patch Tuesday includes 25 critical vulnerabilities
Description: Microsoft released its monthly security update today, disclosing vulnerabilities across many of its products and releasing corresponding updates. This month's Patch Tuesday covers 117 vulnerabilities, 25 of which are considered critical. There is also one moderate vulnerability and 91 that are considered important. This month's patches include updates to Microsoft Media Foundation, the GDI+ API and Windows Defender, among others.
Snort SIDs: 52213, 52214, 53402 - 53409, 53414 - 53419, 53420 - 53424
Title: State-sponsored groups exploit bug in Microsoft Exchange servers
Description: The U.S. Department of Defense warned that multiple state-sponsored actors are exploiting a vulnerability in Microsoft Exchange servers. The bug was disclosed and patched in February, but many users out there have not updated their software. Attackers can send malicious, specially crafted requests to the Exchange control panel. The vulnerability allows adversaries to change serialized data to be unserialized, which allows them to run malicious code on the server's backend at the system level.
Snort SIDs: 53380 - 53383