Microsoft rolled out security updates to solve as many as 79 vulnerabilities in the software as part of the May 2019 Patch Tuesday cycle.
There are 22 critical flaws this month, out of which at least 18 affect browsers and scripting engines, along with other 4 representing Remote Code Execution (RCE) vulnerabilities in key products like Remote Desktop and Word.
Among the priorities this month is CVE-2019-0863, that is an elevation of privilege vulnerability in Windows that's already being exploited by attackers.
Microsoft says all supported versions of Windows are affected, including Windows 10, and comes down to the way Windows Error Reporting handles files. The flaw was publicly disclosed and Microsoft says it's conscious of exploits already happening within the wild.
Then, it's CVE-2019-0708, a security vulnerability in Remote Desktop Services that affects older versions of Windows, including Windows XP. You can read much more about this flaw and the emergency update shipped by Microsoft for the impacted Windows releases here.
"Skype for Android also getting a patch"
Microsoft also resolves a publicly disclosed vulnerability in Skype for Android. Detailed in CVE-2019-0932, the flaw allows an attacker to listen to a conversation on Skype without users even knowing.
"To exploit the vulnerability, an assailant would need to call an Android phone with Skype for Android installed that's also combined with a Bluetooth device. The safety update addresses the vulnerability by correcting how Skype for Android answers incoming calls," Microsoft says, adding that exploitation is not as likely. Skype 8.35 is the version affected by the vulnerability.
The list of products being targeted with security updates this month includes Office and Office 365, SharePoint, SQL Server, and .NET Framework.
As always, users are suggested to install these security updates as soon as possible, and also to prioritize the patches targeting flaws already being exploited in the wild.
:: بازدید از این مطلب : 609
|
امتیاز مطلب : 0
|
تعداد امتیازدهندگان : 0
|
مجموع امتیاز : 0