Microsoft Windows Patch Tuesday Update Fixes 54 Bugs, Dangerous .Net Vulnerabilities

Microsoft
Windows is more secure today than it was at the beginning of the week. That is how it typically goes after the second Tuesday of each month, otherwise known as Patch Tuesday, when Microsoft doles out a collection of security updates and fixes. This particular Patch Tuesday saw Microsoft dish out 54 bug fixes, including 17 deemed Critical.

As far as Patch Tuesday collections go, this one is about average, both in the overall number of fixes and those that are Critical. Of those that fell into the latter category, 15 of them addressed issues with Edge and Internet Explorer, along with technologies associated with both browsers. Critical patches address flaws that can be remotely exploited by a malicious actor.

Microsoft also served up an Important fix for another speculative execution vulnerability that was discovered last month. It's a side-channel attack vulnerability similar to Spectre and Meltdown.

The company's .NET Framework received some patches as well. One of they is a Security Feature Bypass vulnerability that exists when the number of incorrect login attempts is not validated. Left unpatched, an attacker who exploits the flaw could try and infinite number of authentication attempts. The update included in the Patch Tuesday collection addresses the vulnerability by validating the number of incorrect login attempts.

There are several Adobe Flash Player fixes too. In addition, it should come as no big surprise that Adobe issued an update to its Flash Player browser plugin, to address both Critical and Important vulnerabilities affecting Windows, macOS, and Linux. In addition, there are patches for several other Adobe products, including Acrobat, Reader, Connect, and Experience Manager.

As is typical of Patch Tuesday collections, a reboot will be required, so plan accordingly if you haven't already updated your system.


Via:  Qualys
Show comments blog comments powered by Disqus