patch-tuesday

Patch Alert: Wing FTP Exploited, Two Patch Tuesday Zero-Days, and a D-Link RCE That Doesn't Need a Login

John Z Black Mar 17, 2026

Vulnerabilities & Patching #vulnerabilities #cisa #kev #wing-ftp #patch-tuesday #dlink #rce #patching

Three vulnerability disclosures in one week across different parts of the stack. Wing FTP is actively exploited, March Patch Tuesday dropped two zero-days, and D-Link has an unauthenticated RCE in its DNS config.

March Patch Tuesday: Two Zero-Days Already Public, Plus a SolarWinds Deadline That's Right Now

John Z Black Mar 12, 2026

Patch Tuesday #patch-tuesday #microsoft #zero-day #solarwinds #cisa #cve #vulnerability-management

Microsoft patched 79+ flaws including two publicly disclosed zero-days. No confirmed active exploitation yet, which is rare. But the SolarWinds Web Help Desk CISA deadline is today, and 'publicly disclosed' means attackers already have the blueprints.

Patch Week From Hell: Microsoft, Adobe, SAP, and HPE All Drop Critical Fixes at Once

John Z Black Mar 11, 2026

Vulnerability Management #patch-tuesday #microsoft #adobe #sap #hpe #zero-day #vulnerability-management

March 2026 might be the worst coordinated patching week in years. Microsoft, Adobe, SAP, and HPE all dropped critical fixes in the same 48-hour window. Here's what to patch first.