Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11Just one page access, Windows PC can also be hacked
Microsoft has released a patch Patch Tuesday fixes many critical vulnerabilities on Windows and other products, five of which allow attackers to hack computers when users only need to access a website.
These five critical vulnerabilities are included in the Windows Graphics Component, due to improper handling of embedded fonts of Windows font libraries and affecting all Windows versions, including Windows 10 / 8.1 / RT 8.1 / 7, Windows Server 2008/2012/2016.
Users just need to open the file or access the website using poisoned font, when opening on the browser will make the hacker take control of the machine. All five of these vulnerabilities were discovered and reported by researcher Hossein Lotfi at Flexera Software.
- CVE-2018-1010
- CVE-2018-1012
- CVE-2018-1013
- CVE-2018-1015
- CVE-2018-1016
Windows Microsoft Graphics is also affected by a denial of service attack, causing the victim's computer to stop responding. This error is caused by the way Windows handles objects in memory.
In addition, Microsoft also announced details of the critical RCE vulnerability (CVE-201801994) in Windows VBScript Engine and affects all versions of Windows.
Many serious holes were patched in the third update
'In the Web-based attack scenario, the attacker hosts a website specifically designed to exploit the vulnerability through Internet Explorer and then make the site accessible to users,' Microsoft explained. 'An attacker can embed the embedded ActiveX Control as' safe 'in an Microsoft Office application or file with an IE rendering engine.'
In addition, Microsoft also patched many vulnerabilities in remote code execution in Microsoft Office and Excel, patched six bugs in Adobe Flash Player, three of which were considered serious.
The remaining errors belong to Windows, Microsoft Office, Internet Explorer, Microsoft Edge, ChakraCore, Malware Protection Engine, Microsoft Visual Studio, and Microsoft Azure IoT SDK, along with errors on Adobe Flash Player
Users should update the patch as quickly as possible by going to Settings> Update and Security> Windows Update> Check for Updates.
See more:
- Instructions for installing Windows 10 Spring Creators Update
- How to enable redirection blocking to malicious websites on Google Chrome
- Update Teamviewer now if you don't want to be hacked
Isabella HumphreyYou should read it
- Download an emergency Windows patch right away, fix two critical vulnerabilities, affecting every Windows version
- Patch Tuesday security patch causes blue screen errors and slows down Windows 10
- Update the latest patch for Windows XP to prevent dangerous security risks
- Microsoft released an updated patch for 25 critical security holes
- Discovering two serious RCE vulnerabilities on Windows, Microsoft had to issue an emergency patch
- 5 best patch management and monitoring software
- Microsoft patched a series of serious bugs for IE and Office next Tuesday
- Do not rush to update Patch Tuesday for November 2021 because it causes printer errors on Windows 10 again
May be interested
- Vietcombank's website was hacked, showing two poetic sentences about student life
this afternoon, april 13, vietcombank's website was hacked and displayed two poetic sentences about the life of a hundred-year-old kieu student who is still a student / student. - JavaScript takes user data via the 'Sign in with Facebook' featurethe javascript library of many advertising and analytics services is taking user data from websites that use the facebook login permission feature.
- The new algorithm can prevent cyber-attacks on GPS devicesscientists have developed a new algorithm that can help detect and prevent cyberattacks on gps-enabled devices in real time.
- Detecting zero-day vulnerabilities in Internet Explorer helps hackers gain control of the computerthe research team from qihoo 360's security unit discovered a zero-day vulnerability (the term refers to unpublished or unresolved vulnerabilities) on internet explorer.
- Warning: new code of virtual money digging is available via Facebook Messengersecurity researchers from trend micro have discovered a new virtual money code that is attacking users via facebook messenger called facexworm.
- Hackers found a way to bypass Microsoft Office 365 Safe Linkssecurity researchers have just revealed how hackers overcome microsoft office 365's safe links security feature, used to protect users from malware and phishing attacks.
Attack the network
MS Access 2003 - Lesson 26: Adjust the print page- The UN acknowledges that cyberattacks are extremely sophisticated and cannot identify the culprit
- Learn about Off-Page SEO techniques
- Signs show clearly that your system is being hacked
- How to remove the Ease of Access button from the login screen in Windows 10
MS Access 2003 - Lesson 26: Adjust the print page
The UN acknowledges that cyberattacks are extremely sophisticated and cannot identify the culprit
Learn about Off-Page SEO techniques
Signs show clearly that your system is being hacked
How to remove the Ease of Access button from the login screen in Windows 10