Microsoft Updates | Critical Windows, Edge Browser, Office Security Releases
Microsoft has started this month’s Patch weekday update cycle to mend vulnerabilities in its software package, and now, the highlights are Windows, Edge browser, web explorer, and the workplace productivity suite.
There are thirteen totally different security bulletins this month, one in every of which is the Flash Player patch that was free a few days ago and that Microsoft enclosed in its rollout to mend vulnerabilities in internet explorer and Edge (both browsers come with Flash pre-installed, so in order to patch flaws, Microsoft needs to deliver fixes through Windows Update).
Out of the twelve remaining updates, there are six important updates fixing flaws in Windows, internet explorer, Office, and Edge browser. The rollout is targeting remote code execution flaws and step-up of privilege and includes updates that require a restart, so IT admins should have this in mind when beginning preparation.
Windows users, prioritize this update!
For Windows users, the most necessary update that needs to be installed ASAP is MS16-039, which involves address flaws related to a graphics element in the package. absolutely all versions of Windows are affected, beginning with view and ending with ten, in addition as workplace 2007 and 2010, .NET, Skype, and Lync.
“The 2 0-days square measure contained with the Windows portion and each allow the step-up of privilege from a standard user to administrator. In reality they'll be paired with an exploit for a vulnerability that gets the attacker on the machine like the Flash Player flaw,” Wolfgang Kandek, CTO of Qualys, explains.
“In that type of situation, your user would attend a standard web site and get attacked with a Flash exploit that then escalates with the CVE-2016-0165/7 vulnerabilities from MS16-039.”
MS16-042 is additionally a important patch for those using Outlook and is meant to fix a flaw found within the office productivity suite that would enable attackers to get constant privileges because the logged-in user with a compromised RTF document loaded in the email client. Avoid opening RTF files coming from suspicious sources till you patch.
Internet explorer and Edge browser users are getting their own share of updates within the form of MS16-037 and MS16-038, severally. Kandek says that, although every browser seems to possess six vulnerabilities that are patched with these updates, none is vulnerable right now.
And last but not least, there’s MS16-040, an update that has a new version of msxml.dll to handle a vulnerability in the XML Core scheme. in order to exploit the flaw, an assaulter needs to get users to a website holding a compromised XML file, so make certain you avoid clicking links that look dangerous till you install this update.
All these updates are delivered through Windows Update, and up to this point, we’re not responsive to any problems that might be experienced during the install process or after that. We’ll keep an eye out for such reports and can let you know with an update here should any issues be discovered.
Source: news.softpedia.com
Are you looking for best app developers who have experience in developing the innovative mobile apps across the world? Here we are Krify Innovations (UK) Ltd. Mobile Apps, Web Apps, Wearable Apps and Digital Marketing Services, Development Company UK | INDIA. Spreading across the world.
There are thirteen totally different security bulletins this month, one in every of which is the Flash Player patch that was free a few days ago and that Microsoft enclosed in its rollout to mend vulnerabilities in internet explorer and Edge (both browsers come with Flash pre-installed, so in order to patch flaws, Microsoft needs to deliver fixes through Windows Update).
Out of the twelve remaining updates, there are six important updates fixing flaws in Windows, internet explorer, Office, and Edge browser. The rollout is targeting remote code execution flaws and step-up of privilege and includes updates that require a restart, so IT admins should have this in mind when beginning preparation.
Windows users, prioritize this update!
For Windows users, the most necessary update that needs to be installed ASAP is MS16-039, which involves address flaws related to a graphics element in the package. absolutely all versions of Windows are affected, beginning with view and ending with ten, in addition as workplace 2007 and 2010, .NET, Skype, and Lync.
“The 2 0-days square measure contained with the Windows portion and each allow the step-up of privilege from a standard user to administrator. In reality they'll be paired with an exploit for a vulnerability that gets the attacker on the machine like the Flash Player flaw,” Wolfgang Kandek, CTO of Qualys, explains.
“In that type of situation, your user would attend a standard web site and get attacked with a Flash exploit that then escalates with the CVE-2016-0165/7 vulnerabilities from MS16-039.”
Outlook, IE, and Edge patches
MS16-042 is additionally a important patch for those using Outlook and is meant to fix a flaw found within the office productivity suite that would enable attackers to get constant privileges because the logged-in user with a compromised RTF document loaded in the email client. Avoid opening RTF files coming from suspicious sources till you patch.
Internet explorer and Edge browser users are getting their own share of updates within the form of MS16-037 and MS16-038, severally. Kandek says that, although every browser seems to possess six vulnerabilities that are patched with these updates, none is vulnerable right now.
And last but not least, there’s MS16-040, an update that has a new version of msxml.dll to handle a vulnerability in the XML Core scheme. in order to exploit the flaw, an assaulter needs to get users to a website holding a compromised XML file, so make certain you avoid clicking links that look dangerous till you install this update.
All these updates are delivered through Windows Update, and up to this point, we’re not responsive to any problems that might be experienced during the install process or after that. We’ll keep an eye out for such reports and can let you know with an update here should any issues be discovered.
Source: news.softpedia.com
Are you looking for best app developers who have experience in developing the innovative mobile apps across the world? Here we are Krify Innovations (UK) Ltd. Mobile Apps, Web Apps, Wearable Apps and Digital Marketing Services, Development Company UK | INDIA. Spreading across the world.
Contact now for your more details…!! Krify Innovations (UK) Ltd.
Advertise on APSense
This advertising space is available.
Post Your Ad Here
Post Your Ad Here
Comments