Estimated Reading Time: 1 min
Yesterday was Microsoft’s monthly Patch Tuesday. This time, they come with fixes for 48 vulnerabilities, with 27 that could result in remote code execution exploits. The problems exist within Windows, IE, Edge, Sharepoint, SQL Server, Hyper-V, the Windows Subsystem for Linux, and the Windows Kernel itself.
Experts are recommending prioritizing CVE-2017-8620, which is a vulnerability within Windows Search.
Make sure to get your systems patched and update and stay safe out there!
“This is by far the most critical bug for this month,” says Dustin Childs at the Zero Day Initiative, which reports CVE-2017-8620 is “under active attack.” A previous Search flaw also allowed a malicious SMB request to execute code on target machines.
“As with the previous Search flaw, within an enterprise, an attacker could remotely trigger the vulnerability through an SMB connection and then take control of a target computer,” he adds. “That’s pretty close to wormable and just the sort of thing malware writers look for in a bug.”
MSTechPages is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to Amazon.com. As an Amazon Associate, we earn from qualifying purchases at no extra cost to you.
