Microsoft today released safety spell updates for 53 vulnerabilities, affecting Windows, Internet Explorer (IE), Edge, ChakraCore, .NET Framework, ASP.NET, PowerShell, Visual Studio, together with Microsoft Office together with Office Services, together with Adobe Flash Player.
Out of 53 vulnerabilities, 17 are rated critical, 34 important, i moderate together with i every bit depression inwards severity.
This calendar month in that place is no critical vulnerability patched inwards Microsoft Windows operating arrangement together with surprisingly, none of the flaw patched yesteryear the tech giant this calendar month is listed every bit publicly known or nether active attack.
Critical Flaws Patched In Microsoft Products
Most of the critical issues are retentiveness corruption flaws inwards IE, Edge browser together with Chakra scripting engine, which if successfully exploited, could allow an unauthenticated, remote aggressor to execute arbitrary code on a targeted arrangement inwards the context of the electrical flow user.
"If the electrical flow user is logged on amongst administrative user rights, an aggressor who successfully exploited the vulnerability could conduct maintain command of an affected system. An aggressor could thus install programs; view, change, or delete data; or exercise novel accounts amongst sum user rights," Microsoft explains.
One of these critical flaws (CVE-2018-8327), reported yesteryear researchers at Casaba Security, likewise affects PowerShell Editor Services that could allow a remote aggressor to execute malicious code on a vulnerable system.
Here's below you lot tin shipping away honour a brief listing of all critical vulnerabilities Microsoft has patched this calendar month inwards its diverse products:
- Scripting Engine Memory Corruption Vulnerability (CVE-2018-8242)
- Edge Memory Corruption Vulnerability (CVE-2018-8262)
- Edge Memory Corruption Vulnerability (CVE-2018-8274)
- Scripting Engine Memory Corruption Vulnerability (CVE-2018-8275)
- Scripting Engine Memory Corruption Vulnerability (CVE-2018-8279)
- Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8280)
- Scripting Engine Memory Corruption Vulnerability (CVE-2018-8283)
- Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8286)
- Scripting Engine Memory Corruption Vulnerability (CVE-2018-8288)
- Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8290)
- Scripting Engine Memory Corruption Vulnerability (CVE-2018-8291)
- Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8294)
- Scripting Engine Memory Corruption Vulnerability (CVE-2018-8296)
- Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8298)
- Microsoft Edge Memory Corruption Vulnerability (CVE-2018-8301)
- Microsoft Edge Information Disclosure Vulnerability (CVE-2018-8324)
- PowerShell Editor Services Remote Code Execution Vulnerability (CVE-2018-8327)
Important Patch Updates for Microsoft Products
Besides this, Microsoft has likewise addressed 34 of import flaws categorized every bit below:
- Microsoft Edge—Remote code execution (RCE), Information disclosure, spoofing, together with safety characteristic bypass flaws
- Microsoft Internet Explorer (IE)— RCE together with safety characteristic bypass flaws
- MS Office (Powerpoint, Word, Excel, Access, Lync, Skype)—security characteristic bypass, RCE, together with elevation of privilege flaws
- Windows 10, 8.1, vii together with Server 2008, 2012, 2016—Denial of Service, safety characteristic bypass, elevation of privilege flaws
- Microsoft .NET Framework—Elevation of privilege together with RCE flaws
- Microsoft SharePoint—Elevation of Privilege, together with RCE flaws
- ChakraCore—RCE, together with safety characteristic bypass vulnerabilities
- Microsoft Visual Studio—RCE flaw
- Expression Blend 4—RCE flaw
- ASP .NET—security characteristic bypass flaws
- Mail, Calendar, together with People inwards Windows 8.1 App Store—information disclosure flaw
Besides this, Microsoft has likewise pushed safety updates to spell vulnerabilities inwards Adobe products, details of which you lot tin shipping away teach through a separate article posted today.
Users are strongly advised to apply safety patches every bit presently every bit possible to cash inwards one's chips along hackers together with cybercriminals away from taking command of their computers.
For installing safety updates, but caput on to Settings → Update & safety → Windows Update → Check for updates, or you lot tin shipping away install the updates manually.
