Microsoft Releases Updates to Patch 59 Vulnerabilities in its Software
Microsoft has released the October 2019 Patch Tuesday updates to resolve a total of 59 vulnerabilities in its software, out of which just 9 are considered to be “critical.”
Interestingly, out of these 9 flaws, no less than 7 impact browsers and scripting engines, including Internet Explorer and Microsoft Edge.
Of particular attention this month is an elevation of privilege vulnerability in the Windows Error Reporting manager, with the proof of concept already published online.
While Microsoft says the bug isn’t exploited in the wild, the company explains that a successful an attack can get the rights to overwrite a targeted file, eventually obtaining elevated status. A successful attack requires the attack to log in to the system, and using a crafted application, a malicious actor can take control of the affected system.
“The security update addresses the vulnerability by correcting how Windows Error Reporting manager handles hard links,” Microsoft explains in <a… (read more)