'Remote code execution vulnerability occurs when Windows Search processes objects in memory. An attacker who successfully exploited this vulnerability could control the infected system. You can then install the program, view, change, delete data or create a new account with full user rights, "Microsoft explained. 'In addition to security changes to patch the vulnerability, this update also includes in-depth defense to help improve security-related features.
CVE-2017-8633: Windows Error Reporting Elevation of Privilege Vulnerability
Another important priority-related vulnerability in Windows Error Reporting (WER) can allow an attacker to run programs created specifically to gain administrative rights on the target machine and steal information. sensitive. 'This update will correct the way WER handles and executes files'.
CVE-2017-8627: Windows Sybsystem for Linux DoS Vulnerability
An important vulnerability discovered in Windows Subsystem for Linux allows an attacker to execute code with higher permissions.
'To exploit the vulnerability, an authenticated attacker can run the generated software. This security update solves the problem by correcting how Windows Subsystem for Linux NT Pipe processing.
Successful exploitation will result in refusal to attack the service, making the infected device unresponsive. Microsoft also released an important security update for Adobe Flash Player on Internet Explorer that will stop supporting Flash by the end of 2020.
To install the update, simply go to Settings > Update & Security > Windows Update and check for updates or manually install.