Reverse Engineering Patch Tuesday

Name: Reverse Engineering Patch Tuesday
Duration: 46 min
Description: Every second Tuesday of every month, Microsoft releases a security update package containing patches for dozens — sometimes over a hundred — CVEs. The Microsoft Security Response Center (MSRC) publish

John McIntosh

44CON 2025 · Day 1 · Main Track

Every second Tuesday of every month, Microsoft releases a security update package containing patches for dozens — sometimes over a hundred — CVEs. The Microsoft Security Response Center (MSRC) publish

AI review

McIntosh has done real engineering work automating patch diff workflows against Patch Tuesday at scale — 67% CVE-to-binary coverage, open-source tooling, live repo — but the underlying technique is decades old and the talk spends too much time on history and not enough on where the correlation algorithm breaks.

Watch on YouTube