0patch

Long Live Windows 10... With 0patch blog.0patch.com/2024/06/long-l…

We'd like to thank Alberto Bruscino (@ErPaciocco) for sharing vulnerability details and POC, which allowed us to create a patch for this issue and protect our users.

Patches were written for: - Microsoft Office 2016 and 2019 click-to-run with all available updates (version 2508, build 19127.20302) - Microsoft Office 2010 and 2013 with all available updates Office 2016 and 2019 volume license received an official patch from Microsoft.

Micropatches released for Microsoft Access Remote Code Execution Vulnerability (CVE-2025-62552) blog.0patch.com/2026/03/microp…

We'd like to thank Đào Tuấn Linh (@Tuan_Linh_98) and Chen Le Qi (@cplearns2h4ck) of Starlabs (starlabs.sg) for discovering this vulnerability and publishing their analysis, which allowed us to create a patch and protect 0patch users against this issue.

Micropatches released for Windows Telephony Service Elevation of Privilege Vulnerability (CVE-2024-43626) blog.0patch.com/2026/02/microp…

@0patch The 0day thus became CVE-2026-21525 msrc.microsoft.com/update-guide/v…

@0patch With February 10, 2026 Windows Updates, Microsoft patched this vulnerability on still-supported affected Windows versions. By that time, @0patch users on both supported and legacy Windows versions have had this vulnerability already patched for 60 days.

We'd like to thank Quan Jin (@jq0904) with DBAPPSecurity (dbappsecurity.com) for sharing vulnerability details and POC, which allowed us to create a patch for this issue and protect our users.

Among our security-adopted (support.0patch.com/hc/en-us/artic…) Office versions, we found this vulnerability to affect not only Office 2016 and 2019 click-to-run, but also Office 2013. Office 2010 is not affected.

Micropatches released for Microsoft Excel Remote Code Execution Vulnerability (CVE-2025-62203) blog.0patch.com/2026/02/microp…

According to statcounter (gs.statcounter.com/os-version-mar…), about 45% of Windows machines are still Windows 10. If this is you and you don't have Extended Security Updates, @0patch is your only other source of Windows 10 security patches. Check it out!

We patched: - Microsoft Office 2019 click-to-run version 2508 (Build 19127.20302) - Microsoft Office 2016 click-to-run version 2508 (Build 19127.20302) - Microsoft Office 2013 - updated with all available updates - Microsoft Office 2010 - updated with all available updates

While Microsoft issued patches for this exploited issue for volume licensed Office 2016 and 2019 versions despite their official end of support, click-to-run Office 2016 and 2019 versions were left without a patch. Our Pro and Enterprise users now have a patch as well.

Micropatches Released for Microsoft Office Security Feature Bypass Vulnerability (CVE-2026-21509) blog.0patch.com/2026/01/microp…

We'd like to thank Erik Egsgard (@hexnomad) with Field Effect for discovering this vulnerability, and Kryptoenix (@kryptoenix) for analyzing it and publishing their analysis and proof-of-concept, which allowed us to create a patch and protect 0patch users against this issue.

Micropatches Released for Credential Security Support Provider Protocol (CredSSP) Elevation of Privilege Vulnerability (CVE-2025-47987) blog.0patch.com/2026/01/microp…

@CydonianTR Our Windows 7 security patches are the only actual code patches available for Windows 7 since January 2023, and the number of Windows 7 machines using 0patch is steadily growing! support.0patch.com/hc/en-us/artic…

@0patch You should do the patching thing for Windows 7 too! There are millions still using windows 7 today!

Long Live Windows 10... With 0patch blog.0patch.com/2024/06/long-l…

tl;dr: We found a 0day exploit affecting all Windows versions up to Windows 11 22H2 and Windows Server 2025 and created a free micropatch for it. 40% of our customers use 0patch on still-supported fully updated Windows for additional protection against 0days.

Free Micropatches for Windows Remote Access Connection Manager DoS (0day) blog.0patch.com/2025/12/free-m…