Download an emergency Windows patch right away, fix two critical vulnerabilities, affecting every Windows version

Microsoft updated Patch Tuesday in October 2020, patching the 'Ping of Death' vulnerability on Windows 10
Update the latest patch for Windows XP to prevent dangerous security risks

Microsoft has announced a new Windows emergency patch, aimed at patching more than 90 security flaws, including two vulnerabilities used in direct attacks. Every Windows is affected, please update your operating system now.

Download the latest Windows patch at: https://portal.msrc.microsoft.com/en-us/security-guidance

CVE-2017-8543 vulnerability

The first vulnerability to be tracked is CVE-2017-8543. Microsoft describes the problem as follows:

Remote execution vulnerability exists when Windows Search processes objects in memory. The attacker successfully exploited this vulnerability can control the affected system. The attacker can then install the programs, view, change or delete data or create new accounts with full user rights.

To exploit the vulnerability, hackers can send created SMB messages specifically for the Windows Search service. Hackers who have access to a target computer can exploit this vulnerability to improve the rights and control of the computer. Also, in a business scenario, hackers who do not need remote authentication can activate the remote vulnerability via the SMB connection and then take control of the computer.

Updating the latest vulnerability patch will change the way Windows Search handles objects in memory.

This patch is available for all Microsoft operating systems, including older versions, such as XP and Server 2003.

Download an emergency Windows patch right away, fix two critical vulnerabilities, affecting every Windows version Picture 1

CVE-2017-8464 vulnerability

The second vulnerability discovered in direct attacks is CVE-2017-8464 and Microsoft describes it as follows:

This vulnerability exists in Microsoft Windows to allow remote code execution if the icon of a (specially created) shortcut key is displayed. An attacker who successfully exploited this vulnerability could obtain the same user rights as the user on the computer. User accounts will be less affected than Admin accounts in this case.

Security updates patch the vulnerability by fixing the correct reference of the shortcut icon reference.

Unlike the first vulnerability, this issue does not affect older versions of Windows XP and Windows.

Other security holes are patched in this update

A series of security updates are made for Office, Outlook versions from 2007 to 2016, security bugs, browser vulnerabilities, Adobe Flash Player, Windows Server. Interested readers can refer here: https://www.bleepingcomputer.com/news/microsoft/microsofts-june-patch-tuesday-fixes-two-vulnerabilities-used-in-live-attacks/

hacker

Samuel Daniel

Update 24 May 2019

You should read it

May be interested

Detected Critical Security Bugs Affecting All Versions of Windows
a critical security vulnerability, affecting all versions of windows, has just been discovered. notably, there are indications that hackers have exploited this security hole to attack users.
Mozilla patches a vulnerability in Firefox that helps hackers gain admin rights of Windows
mozilla has just released a security update to patch a critical security vulnerability that allows hackers to escalate privileges on windows computers. this critical security flaw has been patched in the recently released version of firefox 97.
Google releases an urgent update for Chrome, users should update immediately
google has rolled out emergency updates for chrome users on both windows, macos and linux to patch a critical flaw.
Microsoft released patches for more than 100 security holes on Windows
microsoft has released patches for more than 100 security flaws, including two zero-day vulnerabilities. patch tuesday is usually released on the second tuesday of every month, is an important patch for microsoft software.
How to check if the computer has serious Windows 10 vulnerabilities
recently, the us national security agency (nsa) has detected a serious security hole on windows 10 and microsoft has also released a patch to fix it. bkav has also recently released a tool to help windows 10 users check if their computer has been patched for the nsacrypt flaw.
Google Chrome has an urgent update, patching a serious zero-day vulnerability being exploited by hackers
google has just released chrome 91.0.4472.101 emergency update for windows, mac and linux to patch 14 security holes. among these is a critical zero-day vulnerability (cve-2021-30551) that is being actively exploited by hackers.
Microsoft releases an urgent patch to fix authentication errors on Windows Server
microsoft has just released an out-of-band (urgent update) update to fix authentication errors related to kerberos authorization scenarios affecting domain controllers (dcs) running versions of windows. servers are supported.
Microsoft releases urgent patch for printer error emergency patch
the patch for microsoft's printer vulnerability on windows again caused an error, forcing the company to issue another urgent patch.
Microsoft is preparing to release a series of new security holes
microsoft will release 12 new critical security patches to fix 57 security holes on all its software on tuesday (february 12). this will be the largest patch in the past few months.
How to block Specter Variant 2 Patch on Windows 10
microsoft has released a windows 10 kb4078130 update to disable patches for two meltdown and specter vulnerabilities that caused a reboot problem on some devices. however, if you do not want to waste storage space, users can adjust themselves without having to download additional kb4078130.