SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) SANS Stormcast Wednesday, November 12th, 2025: Microsoft Patch Tuesday; Gladinet Triofox Vulnerability; SAP Patches
Nov 12, 2025
This segment dives into critical updates from Microsoft, highlighting vulnerabilities with serious risks, including a Windows kernel bug that is being actively exploited. The dangers of the Gladinet Triofox vulnerability are discussed, revealing how it can allow attackers to gain admin access simply by manipulating the Host header. Additionally, updates on SAP's patching efforts for significant SQL vulnerabilities are covered. Lastly, insights into Ivanti Endpoint Manager's risk management and patch guidance are shared, ensuring listeners stay ahead of threats.
AI Snips
Chapters
Transcript
Episode notes
Patch Microsoft Per Procedure
- Apply Microsoft November 2025 patches following your normal vulnerability management procedure.
- Do not rush emergency deployments; treat the zero-day as important but not exceptional.
Patch Tuesday Scope And Risks
- Microsoft released around 60–80 fixes including one actively exploited kernel escalation.
- Critical issues include GDI+ image RCE and Office flaws with large attack surfaces.
Prioritize By Exploitability And Surface
- Prioritize patches by exploitability and attack surface such as image rendering and Office.
- Monitor for kernel EoP chains but focus remediation on high-impact RCEs first.