Articles about 0patch

Most people know by now that October will mark the end of free security updates for Windows 10, but that’s not the only Microsoft product that will stop receiving support. In the same month, the software giant will also pull the plug on Microsoft Office 2016 and Office 2019.

Millions of users still rely on these versions at home and in workplaces, but once support stops, they are left with the choice of upgrading or running software that will become increasingly unsafe. To address this, security firm 0patch has announced that it will provide ongoing security fixes for both abandoned Office versions.

Continue reading →

0patch has revealed a 0day vulnerability that affects all desktop versions of Windows as well as Windows Server. In all, a staggering 21 different editions of Windows have the security issue which is described as a URL File NTLM Hash Disclosure vulnerability.

The security patching firm has reported the issue to Microsoft but -- as has been the case in the past -- the Windows-maker has yet to produce a fix. Stepping up to fill the void, 0patch has released free micropatches for all affected versions of Windows.

Continue reading →

October 2025 marks a significant turning point for many Windows users. As Windows 10 receives its last free security updates from Microsoft, the only "free" way to keep Windows secure will be to take the plunge and upgrade to Windows 11. Despite Microsoft's best efforts, many users either don’t want to -- or can’t -- do this. Issues range from a preference for the familiar Windows 10 interface to the more serious matter of hardware incompatibility.

Canalys estimates that 240 million computers worldwide don’t meet Windows 11’s hardware requirements, lacking TPM 2.0, a supported CPU, 4GB RAM, UEFI firmware with Secure Boot capability, or a supported GPU. Leaving a Windows 10 computer unpatched after October 2025 will likely open it up to critical vulnerabilities within the first month, but there are solutions available to keep Windows 10 running securely after end-of-life arrives.

Continue reading →

Just over a week ago, details emerged of a worrying 0day vulnerability affecting everything from Windows 7 to Windows 11, and Windows Server 2008 R2 to Windows Server 2022. The EventLogCrasher vulnerability allows a low-privileged attacker to disable Windows logging on all computers in a Windows domain and any local computer, thereby compromising intrusion detection and forensic capabilities.

Microsoft is yet to issue a fix for the problem, and this is concerning given not only the scale of the issue, but also the importance of the logging tool. As it has done before, micropatching firm 0patch has risen to the challenge and released a free patch which can be installed by everyone.

Continue reading →

We've already written about Microsoft completely ending support -- even paid-for options -- for Windows 7 and Windows 8, and as part of this, the company will also stop releasing security update for its Edge browser on these platforms.

There are large numbers of both home users and businesses that are opting to stick with these operating systems, or have little choice for one reason for another. As far as Microsoft is concerned, Edge 109 is the last version of the browser that will be released for these OSes, and as of January there will be no more security update released. Thankfully, 0patch is here to save the day again, with the company announcing that it is "security-adopting" Microsoft Edge on Windows 7, Server 2008 and Server 2012.

Continue reading →

This week, we have written about the Follina zero-day vulnerability that allows for remote code execution on a victim's computer. Despite having been known about for a number of weeks, Microsoft is still yet to issue a patch for the actively exploited critical security flaw, instead simply offering details of a workaround.

As has been the case in the past, a third party has come to the rescue. Micro-patching firm 0patch has released a free fix for the vulnerability -- for Windows 11, Windows 10, Windows 7 and Windows Server 2008 R2 -- which is tracked as CVE-2022-30190 and relates to the Microsoft Windows Support Diagnostic Tool (MSDT) component of Windows.

Continue reading →

Once again, micro-patching firm 0patch has beaten Microsoft to the punch, releasing an unofficial patch for a zero-day vulnerability in Windows.

This time around we're talking about CVE-2021-24084, a local privilege escalation (LPE) zero-day vulnerability in Windows' Mobile Device Management service. The flaw affects Windows 10 version 1809 and later, and Microsoft is yet to release an official patch of its own. Not wanting to leave systems at risk of attack, 0patch stepped in to help out users by offering up a free fix.

Continue reading →

Micropatching specialist 0patch has stepped into help out with a fix for the PrintNightmare vulnerability that was recently accidentally leaked by security researchers.

While Microsoft has acknowledged that there is a security flaw in Windows Print Spooler that could lead to remotely compromised systems, the company has only offered workarounds rather than a patch. And so 0patch -- no stranger to helping out in such situations -- has stepped up to the plate and issued free micropatches of its own.

Continue reading →

It's only a week since Microsoft stopped supporting some older versions of Windows 10 -- specifically the Home and Pro editions of Windows 10 versions 1803, 1809 and 1909 -- but it won't be long before the effects are felt.

While Windows 10 version 1809 reaching "end of servicing" means there will be no more official patches and updates from Microsoft, the operating system will not be left completely unsupported. For anyone unwilling or unable to upgrade to a more recent build of Windows 10, micro-patch service 0patch has stepped up to the plate to lend a hand.

Continue reading →

Waiting for Microsoft to issue patches for bugs that have been discovered in its software can mean having to be very patient -- some updates just seem to take forever to appear. More than this, the bug fixes can introduce new problems of their own, so it's little wonder that third-party patching services such as 0patch have grown in popularity.

And once again, 0patch has managed to beat Microsoft in releasing a patch for a serious vulnerability. The company's latest patch addresses a local privilege escalation 0day in Windows Installer, and it's available well ahead of Microsoft's official fix.

Continue reading →

Windows 7 may be rather long in the tooth, but there are still millions of people using it globally. And just because the operating system has been around for years, that does not mean all of the bugs and security issues have been ironed out; far from it, in fact.

Earlier this month a security researcher discovered a local privilege escalation vulnerability in both Windows 7 and Windows Server 2008 R2. There's no indication that Microsoft will issue a patch even for organizations the paid for extended support, but the vast majority of Windows 7 users will be left vulnerable. Or at least that would be case if it wasn't for 0patch stepping up to the plate and making a micropatch available for free.

Continue reading →

We have written about the micropatching outfit 0patch several times here on BetaNews. Offering "security patching simplified to the extreme" 0patch has previously offered security fixes for problem with Internet Explorer and Windows 7 either before Microsoft has been able to do so, or after the company has stopped offering support for a particular product.

Now 0patch has done it again, announcing that it has "security adopted" Office 2010. This version of Microsoft's iconic office suite is -- as of October -- no longer officially supported, but 0patch says that it will help keep users secured against vulnerabilities with its micropatches.

Continue reading →

Last week, security researchers Alex Ionescu and Yarden Shafir published an analysis of a new Windows vulnerability that they named PrintDemon. The analysis included a proof-of-concept demonstration that worked on Windows 7 and newer versions of Windows.

PrintDemon, in a nutshell, is an elevation of privilege vulnerability that "allows arbitrary writing to the file system" upon successful exploitation.

Continue reading →

It can hardly have escaped your attention that Windows 7 has now reached end of life. For companies and enterprise customers unwilling to pay for Extended Security Updates, this means there will be no more updates. The average home user who has decided to stick with Windows 7 has been completely abandoned by Microsoft, leaving them with an operating system that could be found to contain an endless number of security vulnerabilities.

But, actually, there is another option for home users, and it does not involve paying any money to Microsoft. We're talking micropatches. Specifically, we're talking about micropatches from 0patch. We've covered the work of this company in the past, including its recent fix for the Internet Explorer vulnerability.

Continue reading →