Microsoft Releases Windows and Office Security Updates to Fix 51 Vulnerabilities
Microsoft has published this month’s Patch Tuesday updates, fixing a total of 51 vulnerabilities in products like Windows operating systems, Microsoft Edge and Internet Explorer browsers, and Microsoft Office productivity suite.
What’s very important to note is that this is a rather light security cycle, as no zero-days have been discovered, though this doesn’t mean that you should delay patching systems.
First and foremost, Microsoft has released further mitigations for the Spectre variant 4 vulnerability, and now Intel is expected to ship new microcode updates to address the flaw as well.
Additionally, the software giant fixes CVE-2018-8225, a Windows DNSAPI Remote Code Execution flaw that could allow an attacker to run arbitrary code in the context of Local System Account. “To exploit the vulnerability, the attacker would use a malicious DNS server to send corrupted D… (read more)