Patch now! Microsoft and Adobe release critical security updates

Patch now! Microsoft and Adobe release critical security updates

Patch now! Microsoft and Adobe release critical security updates

Microsoft recently started working on a dark theme for the File Explorer in Windows 10, and this is an important step that the tech giant took.

"This exploit was found in the wild and was used by an APT actor", the Kaspersky Lab researchers say in a blog post. In Windows 7, Windows Server 2008 and Windows Server 2008 R2, the attacker could run arbitrary code in kernel mode to view or edit data, create new accounts or install programs.

Another Exchange patch addresses a memory corruption vulnerability (CVE-2018-8154), which an attacker could use to execute code.

The critical vulnerability in the Windows VBScript Engine, which affects Internet Explorer, as well as other Microsoft products, allows remote code execution on affected systems. This had allowed people to force Internet Explorer to load, no matter what browser someone was already using.

A malicious Rich Text Format document is received by the target and causes a page of HTML with malicious code to be downloaded once it's opened. The bug, designated as CVE-2018-8120, is being exploited in the wild.

The fix issued Tuesday updates vulnerable operating systems and versions.

More news: Tottenham Hotspur midfielder Eric Dier ruled out of Newcastle United clash

Microsoft has issued its Patch Tuesday security update for May that included patches for 67 vulnerabilities spread across its software portfolio. One (CVE-2018-0961) allows a guest operating system to send Hyper-V packets to the host to compromise it.

It's not just Microsoft who is issuing patches - Adobe has fixed five CVEs.

Meanwhile Gill Langston, director of product management at Qualys feels that system admins need to prioritise patching of user-facing assets first, with a focus on OS, browser patches, and Office to resolve scripting engine vulnerabilities.

Microsoft's Windows 10 April 2018 Update starting rolling out to the general public on April 30 but has since been halted for some users.

In the wake of Patch Tuesday is a cumulative update for Windows 10 version 1803, aka April 2018 Update, that's causing many PCs to remain in an infinite boot loop. Microsoft also cites performance and stability issues as key components of the errors, so it's possible that users with the April update can unknowingly suffer from reduced performance if they have an Intel SSD installed in their system.

Related news

[an error occurred while processing the directive]