Article - Full

Microsoft has released security updates to patch 100 security holes in its Windows operating system and other software, including a zero-day vulnerability that is already being used in active attacks against public safety agencies. This release consists of security updates for software including:

.NET Core

Azure Machine Learning

Azure Service Connector

Microsoft Bluetooth Driver

Microsoft Defender for Endpoint

Microsoft Dynamics

Microsoft Dynamics 365 Customer Voice

Microsoft Edge (Chromium-based)

Microsoft Graphics Component

Microsoft Message Queuing

Microsoft Office

You can view the entire list of affected software here and the security updates deployment information here.

In addition, Apple has released a set of important updates addressing two zero-day vulnerabilities that are being used to attack iPhones, iPads, and Macs that are used by public safety agencies. You can view the entire list of Apple security updates here.

We strongly encourage you to apply the recommended mitigations in this advisory, and sign up for U.S. Computer Emergency Readiness Team (US-CERT) alerts at us-cert.cisa.gov to receive timely, important updates. Visit the public safety cyber webpage at cisa.gov/public-safety-cybersecurity for additional cyber and communications resiliency resources.

Thank you for your continued support.

Major George Perera
Miami-Dade Police Department
Chair, SAFECOM Cybersecurity Working Group