Microsoft August Patch Tuesday Fix 60 Vulnerabilities

0
0

Over this week Microsoft have a released a new set of security patches that come to fix 60 vulnerabilities in different products 19 of them are critical and affect Microsoft Windows, Edge Browser, Internet Explorer, Office, .NET Framework, Exchange Server, Microsoft SQL Server and Visual Studio. The same update will address 2 zero days CVE-2018-8414 and CVE-2018-8373.

CVE-2018-8373 is a vulnerability allows attacker to remotely gain administrative rights over the target system and it affect Internet Explorer VBscript engine by default this is disabled on latest IE11.

The second zeroday allows attacker to remotely execute a malicious code due to improper validation of system’s file paths. There is also new Spectre vulnerability called L1TF that was found in Intel processors: CVE-2018-3615, CVE-2018-3620 and CVE-2018-3646. Microsoft August security update are going to patch these issues and MSFT created a separate bulletin for this ADV180018 | Microsoft Guidance to mitigate L1TF variant.

If you are using a one of the affected Microsoft software, it is time to review the list of patches (August 2018 Security Updates ) so you can prioritize the update and plan your testing/applying security update to fix critical issues.

Share