Microsoft launches huge update to fix 94 security problems




Microsoft has also launched security fixes designed to patch holes in older platforms.
Google + LinkedIn Facebook Twitter
Microsoft announced the launch of a major update to patch 94 security holes and fix 27 software problems that would allow the hacker to remotely control the victim’s machine, making it one of the biggest updates and patches that will correct the security vulnerabilities that have been fixed in the past two months.

Microsoft has also launched security fixes designed to patch holes in older platforms for increased penetration and exploitation. The company recommends that operating systems be updated as soon as possible, and older platforms, including Windows XP, Windows Server 2003, Windows Vista and Windows 8, have been patched.

The security update also extended older versions such as: MS08-067, MS09-050, MS10-061, MS14-068, MS17-010, MS17-013, and later versions such as CVE-2017-0176, CVE-2017-0222, CVE 2017-0267 to 0280, CVE-2017-7269, CVE-2017-8461, CVE-2017-8464, CVE-2017-8487, CVE-2017-8543, CVE-2017-8552.

In most platforms, the focus is on CVE-2017-8543, which is now exploited by Microsoft, a vulnerability that enables the attacker to control the victim’s computer by sending an SMB request to the Windows search service. This problem has affected Windows Server 2016, In addition to desktop versions such as Windows 10, 7, and 8.1, which made Microsoft provide a patch for this vulnerability to the old EOL platforms. Because this vulnerability is being exploited now in attacks, we are asking companies to start tweaking their systems as soon as possible.

Another exploit, CVE-2017-8464 in Windows LNK, allows an attacker to fully control the victim’s computer.

In addition to the high priority vulnerability CVE-2017-8527, the vulnerability of a user’s line in the search engines, where the attack begins when the user navigates to a website operating on this line. The CVE-2017-8528 and CVE-2017-0283 are similar in line Exploitation of the user if the user browses special code texts, and allows the attacker to take full control of the victim’s computer.

Companies that use Outlook should debug CVE-2017-8507, another problem that allows an attacker to send malicious software via e-mail and control when the user browses it in Outlook, and exploits Office CVE-2017-0260 and CVE-2017-8506 When the user opens an infected Office file and must be patched as soon as possible as Office is the most vulnerable to social engineering attacks.

Microsoft EDGE and Internet Explorer patches have several remote control holes in addition to CVE-2017-8498, CVE-2017-8530 and CVE-2017-8523, which are of great importance because they have been detected but have not been used in any attacks so far, and there are Control loopholes have been fixed today including Windows PDF CVE-2017-0291 and CVE-2017-029.

Overall, this update is one of the biggest security updates, with twice as many updates over the last two months as the number of patches. The SME CVE-2017-8543 and the patches launched for legacy operating systems would keep system administrators and digital security teams busy.


In: A Technology & Gadgets Asked By: [22646 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »