Microsoft's monthly batch of security updates was surprisingly light for April, but one flaw sticks out from the crowd. The software giant fixed six serious vulnerabilities, including a nasty Flash bug that affects most newer users of Windows.
The
software giant said that all users of Windows Vista and later --
including Windows 10 -- should patch as soon as possible to prevent
attackers from exploiting a flaw in how the operating system handles
graphics and fonts.
The "critical" bulletin (MS16-039)
patches a series of vulnerabilities that could allow an attacker to
remotely install programs, view data, and create new user accounts with
full rights. An attacker would have to trick a user into opening a
specially-crafted media file, which would let the attacker take control
of the entire system.
Microsoft also fixed the so-called Badlock flaw,
which it rated "important." The flaw, first revealed last month, drew
ire from the security community for publicizing the flaw weeks before it
was scheduled to be patched.
Two separate cumulative patches to Internet Explorer (MS16-037) and its newer browser, Microsoft Edge for Windows 10 (MS16-038),
will fix 12 separate vulnerabilities, which among other things would
allow a hacker to remotely run code or malware on an affected computer.
Another bulletin fixes a number of critical-rated vulnerabilities in Adobe Flash, affecting Windows 8.1 and later.
No comments:
Post a Comment