Patch Updates Released by Microsoft for 53 Vulnerabilities In Its Software
Microsoft today discharged security Patch updates for 53 vulnerabilities, influencing Windows, Internet Explorer (IE),.NET Framework, ASP.NET, PowerShell, Microsoft Edge, Visual Studio, ChakraCore, and Microsoft Office and Office Services, and Adobe Flash Player.
Out of 53 vulnerabilities, 17 are evaluated crucial, 34 vital, one fair and one as low in harshness.
Crucial Flaws Patched In Microsoft Products
A large portion of the crucial issues are memory defilement imperfections in IE, Chakra scripting engine and Microsoft Edge browser, which on successfull exploitation, could permit an unauthenticated, remote attacker to execute random code on target system with regards to the current client.
Microsoft explains that, “If the user is logged on with administrative user rights than the attacker can have full access of an affected system and can delete, change, view data or can create a new account with full privilege.”
Analysts at Casaba Security reported that, one of these basic defects (CVE-2018-8327), can even influences PowerShell Editor Services that could enable a remote attacker to execute infected code on a weak framework.
List of vulnerabilities which Microsoft fixes for its various products includes :
- Scripting Engine Memory Corruption Vulnerability (CVE-2018-8242)
- Edge Memory Corruption Vulnerability (CVE-2018-8262)
- Edge Memory Corruption Vulnerability (CVE-2018-8274)
- Scripting Engine Memory Corruption Vulnerability (CVE-2018-8275)
- Scripting Engine Memory Corruption Vulnerability (CVE-2018-8279)
- Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8280)
- Scripting Engine Memory Corruption Vulnerability (CVE-2018-8283)
- Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8286)
- Scripting Engine Memory Corruption Vulnerability (CVE-2018-8288)
- Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8290)
- Scripting Engine Memory Corruption Vulnerability (CVE-2018-8291)
- Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8294)
- Scripting Engine Memory Corruption Vulnerability (CVE-2018-8296)
- Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8298)
- Microsoft Edge Memory Corruption Vulnerability (CVE-2018-8301)
- Microsoft Edge Information Disclosure Vulnerability (CVE-2018-8324)
- PowerShell Editor Services Remote Code Execution Vulnerability (CVE-2018-8327)
Critical Patch Updates for Microsoft Products
Other than this, Microsoft has additionally tended to 34 imperative flaws classified as beneath:
- Microsoft Edge—Remote code execution (RCE), Information disclosure, spoofing, and security feature bypass flaws
- Microsoft Internet Explorer (IE)— RCE and security feature bypass flaws
- MS Office (Powerpoint, Word, Excel, Access, Lync, Skype)—security feature bypass, RCE, and elevation of privilege flaws
- Windows 10, 8.1, 7 and Server 2008, 2012, 2016—Denial of Service, security feature bypass, elevation of privilege flaws
- Microsoft .NET Framework—Elevation of privilege and RCE flaws
- Microsoft SharePoint—Elevation of Privilege, and RCE flaws
- ChakraCore—RCE, and security feature bypass vulnerabilities
- Microsoft Visual Studio—RCE flaw
- Expression Blend 4—RCE flaw
- ASP .NET—security feature bypass flaws
- E-Mail, Calendar, and People in Windows 8.1 App Store—information disclosure flaw
Other than this, Microsoft has likewise pushed security patch updates to fix vulnerabilities in Adobe items.
Clients are emphatically instructed to apply security fixes as early as possible inorder to repel attacker and Cyber Criminals from taking control of their PCs.
For installing Patch updates go to Settings → Update and security → Windows Update → Check for updates, or you can introduce the updates physically.