Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
Patch Your Windows: Microsoft Releases Critical Security Updates.
#1
Microsoft has released a total of 14 security bulletins as part of this month’s Patch Tuesday cycle, with six of them considered to be critical and targeting all Windows versions on the market.

First and foremost, we have MS16-129, which is a cumulative security update for Microsoft Edge patching a Remote Code Execution (RCE) flaw that would allow an attacker to gain the same privileges as the logged in user when a malicious website is loaded.

Then, it’s MS16-130, a security update for Microsoft Windows, which also patches RCE flaws that “could allow remote code execution if a locally authenticated attacker runs a specially crafted application.” MS16-131 is a critical patch that resolves vulnerabilities in the operating system that can be exploited with arbitrary code targeting Microsoft Video Control.

MS16-132 is a security update for Microsoft Graphics Component fixing vulnerabilities that can be exploited when a malicious webpage is loaded, causing the Windows Animation Manager to improperly handle objects in memory. A successful attack allows hackers to install programs, view and delete data or even create new accounts with administrator rights.

Last but not least, there’s MS16-141 (security update for Adobe Flash Player) and MS16-142for Internet Explorer, with the latter targeting all supported versions of the browser at the moment.


The Google-disclosed security flaw
In case you’re looking for the patch aimed at the Google-disclosed Windows vulnerability, this is MS16-135 and is only flagged as important, which is a little bit unexpected given the fact that exploits have already been spotted in the wild.

“This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application that could exploit the vulnerabilities and take control of an affected system,” Microsoft says.
All patches are available right now via Windows Update, and critical ones should obviously be prioritized, but IT admins should keep in mind that system reboots are required, and work needs to be saved. We’re not aware of any botched updates at the time of writing this article, but we’ll continue monitoring the forums and let you know should anything be reported.

Source: http://news.softpedia.com/news/gentlemen...0074.shtml
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Microsoft Breaks Down Windows Update on Windows 7, PCs Hit with Error 80248015 mrtrout 1 3,582 12-06-2017 , 01:42 AM
Last Post: clyde
  Microsoft Silently Pulls Botched Updates scot 0 2,623 07-17-2017 , 05:13 PM
Last Post: scot
  Microsoft Says Windows 10 Users Might Receive Critical Updates No Matter What scot 0 2,766 03-18-2017 , 05:39 PM
Last Post: scot
  What Might Have Gone Wrong with Microsoft’s Delayed Security Updates scot 2 3,409 02-15-2017 , 05:56 PM
Last Post: scot
  Microsoft Releases Windows 10 Build 15019 with Lots of New Features. scot 0 2,650 01-28-2017 , 06:08 PM
Last Post: scot



Users browsing this thread: 1 Guest(s)