Microsoft released an updated patch for 25 critical security holes
The latest security update helps patch many vulnerabilities, including 25 very important errors, 21 critical errors and 2 average errors. These vulnerabilities affect many different versions of Windows OS, Internet Explorer, Microsoft Edge, Microsoft SharePoint, Windows Subsystem for Linux, Adobe Flash Player, Windows Hyper-V and Microsoft SQL Server.
CVE-201708620: Windows Search Remote Code Execution Vulnerability
The most interesting and most important vulnerability is the Windows Search Remote Code Execution Vulnerability (CVE-2017-8620), affecting all versions of Windows 7, Windows 10, which can be used to attack with computer worms like in the WannaCry case because it uses SMBv1 connection.
An attacker could exploit the vulnerability through an SMB connection to gain priority and gain control of the target Windows computer.
Many important vulnerabilities are fixed during this security update
'Remote code execution vulnerability occurs when Windows Search processes objects in memory. An attacker who successfully exploited this vulnerability could control the infected system. You can then install the program, view, change, delete data or create a new account with full user rights, "Microsoft explained. 'In addition to security changes to patch the vulnerability, this update also includes in-depth defense to help improve security-related features.
CVE-2017-8633: Windows Error Reporting Elevation of Privilege Vulnerability
Another important priority-related vulnerability in Windows Error Reporting (WER) can allow an attacker to run programs created specifically to gain administrative rights on the target machine and steal information. sensitive. 'This update will correct the way WER handles and executes files'.
CVE-2017-8627: Windows Sybsystem for Linux DoS Vulnerability
An important vulnerability discovered in Windows Subsystem for Linux allows an attacker to execute code with higher permissions.
'To exploit the vulnerability, an authenticated attacker can run the generated software. This security update solves the problem by correcting how Windows Subsystem for Linux NT Pipe processing.
Successful exploitation will result in refusal to attack the service, making the infected device unresponsive. Microsoft also released an important security update for Adobe Flash Player on Internet Explorer that will stop supporting Flash by the end of 2020.
To install the update, simply go to Settings > Update & Security > Windows Update and check for updates or manually install.
You should read it
- Microsoft blocked Windows 7 security updates without antivirus software
- Microsoft begins offering Exchange Server updates in .exe packages
- Microsoft released an emergency security patch for a serious vulnerability
- If you are using Android, you may have been lied by your manufacturer about security updates
- List of links to download BIOS updates for Meltdown and Specter
- Microsoft is preparing to release a series of new security holes
- Microsoft released an emergency patch to prevent ransomware from attacking
- Microsoft released a critical security patch update for all versions of Windows 10
May be interested
- New points on Microsoft Outlook.com Beta and how to registermicrosoft has started launching the beta version of outlook.com from today. this is the opt-in web version that is enabled on outlook.com and is available to all users in the next few weeks.
- 5 biggest ransomware attacks in the last 5 yearsfrom cryptolocker to wannacry and notpetya, these attacks show the development of the world of extortion code.
- Facebook is ready to confront YouTube with its brand new Watch, video servicewe've heard rumors about facebook's new video service plan and today, watch has officially aired, becoming a rival of youtube and netflix.
- A gamer recreated his entire school scene on Minecraftminecraft is a classic game that attracts many gamers from playing to killing time to playing for passion. a taiwanese gamer decided to rebuild his entire school scene in this video game sandbox because he wanted to remember his school.
- Evaluate Fenda T-400X 2.1 wireless Bluetooth speaker connectionthe fenda t-400x 2.1 has a total capacity of 100w: 2 speakers, each 20w speaker, 60w woofer. 2 speakers use 3-inch fullrange driver, the woofer is 8-inch fullrange.
- Microsoft invites you to make your own Xbox One gamemicrosoft has started to open the program xbox live creators program for everyone. this program allows anyone to make games and release them to the public.