-->
Microsoft Releases 12 Safety Updates; Including Half Dozen Critical Patches

Microsoft Releases 12 Safety Updates; Including Half Dozen Critical Patches

Microsoft Releases 12 Safety Updates; Including Half Dozen Critical Patches

 For the terminal Patch Tuesday for this yr Microsoft releases 12 Security Updates; Including vi Critical Patches
For the terminal Patch Tuesday for this year, Microsoft has released 12 safety bulletins, one-half of which are rated 'critical' every bit they give attackers remote code execution capabilities on the affected computers.

The safety bulletins address vulnerabilities inwards Microsoft's Windows, Office, Internet Explorer as well as Edge.

The showtime critical safety bulletin, MS16-144, patches a full of eight safety vulnerabilities inwards Internet Explorer, iii of which had publicly been disclosed earlier Microsoft issued patches for them, though the companionship said they're non beingness exploited inwards the wild.

The iii publicly disclosed vulnerabilities include a Microsoft browser data disclosure vulnerability (CVE-2016-7282), a Microsoft browser safety characteristic bypass põrnikas (CVE-2016-7281) as well as a scripting engine retention corruption vulnerability (CVE-2016-7202) that allow remote code execution on the affected computer.

The remaining five safety flaws include a scripting engine retention corruption bug, 2 retention corruption vulnerabilities, an data disclosure bug, as well as a Windows hyperlink object library data disclosure bug.

Next critical bulletin, MS16-145, addresses a full of eleven flaws inwards the Edge browser, iii of which convey likewise been publicly disclosed exactly the companionship they are non actively beingness exploited.

Two flaws (CVE-2016-7282 as well as CVE-2016-7281) are the same every bit inwards IE, as well as the 3rd ane is an data disclosure vulnerability (CVE-2016-7206) whose existence has likewise been made public.

Remaining eight vulnerabilities allow an assailant to perform remote code execution as well as data disclosure.

Another critical bulletin, MS16-146, includes the monthly safety piece for Microsoft graphics components, addressing 2 RCE flaws inwards Windows graphics components, every bit good every bit ane Windows GDI data disclosure flaw.

The nearly severe flaws inwards each of the higher upwards bulletins are remote code execution (RCE) bugs, wherein viewing a especially crafted spider web page or opening a malicious document could remotely execute malicious code on a victim's computer.

Other critical bulletins include MS16-147 that addresses a safety number inwards Windows Uniscribe as well as MS16-148 that fixes a full of sixteen safety flaws inwards Microsoft Office, Office Services, as well as Web Apps.

Those sixteen vulnerabilities include iv retention corruption, ane Office OLE DLL side-loading flaw, iii safety characteristic bypass bugs, ane GDI data disclosure issue, vi MS Office data disclosure bug, as well as ane summit of privilege põrnikas inwards Microsoft Auto Update (MAU).

Last, exactly non the least, critical bulletin, MS16-154, addresses a full of 17 flaws inwards the embedded Adobe Flash Player for Edge as well as Internet Explorer, ane of which includes a zero-day exploited inwards targeted attacks.

This bulletin contains vii use-after-free vulnerabilities that could Pb to remote code execution, iv buffer overflow flaws, five retention corruption bugs that could likewise effect inwards remote code execution as well as ane safety bypass issue.

Remaining are the of import safety bulletins that address an summit of privilege põrnikas inwards the Windows Secure Kernel Mode, an data disclosure põrnikas inwards the .NET framework, 2 summit of privilege bulletins inwards Windows as well as the Windows kernel-mode drivers, as well as an data disclosure põrnikas inwards Windows.

Users as well as information technology administrators are strongly recommended to apply these critical safety updates every bit presently every bit possible, since or as well as then of the vulnerabilities had already been publicly disclosed, giving hackers lead a opportunity to conk into your systems.
Blogger
Disqus
Pilih Sistem Komentar

No comments

Advertiser