Microsoft issues one of its important security updates

- Advertisement -

Microsoft revealed one of its prominent security updates, repairing 50 defects in its products and 26 extra in Flash Player, which is packaged with its Edge browser.

The scraps are divided into 14 security news, covering the one devoted to Flash Player, seven of which are considered hazardous. They discuss defects in Windows, Internet Explorer, Microsoft Edge, Microsoft Exchange, Microsoft Office and Microsoft Office web services and apps.

- Advertisement -

For desktop utilization, managers should prioritize the dilemmas for Internet Explorer, which are included in the MS16-104 bulletin, Microsoft Edge, Microsoft Office, Microsoft Graphics Component, OLE Automation for VBScript Scripting Engine and Adobe Flash Player.

This is since these defects can be utilized to manage remote code execution by cheating users to tour bargained websites or to open individually crafted records. These are two of the very basic virus vectors applied in malware attacks.

- Advertisement -

One of the Internet Explorer and Edge defects could be used for learning exposure in a venture series. Microsoft sees in its report that still this defect has not been openly revealed, it has been used. The company did not give more reports regarding attacks supporting it.

The security update for Silverlight should also be prioritized even if though it’s considered as serious, somewhat than critical. The covered defect could also direct to remote code execution if a user tours a compromised website that carries a uniquely crafted Silverlight application.

- Advertisement -

On the server front, managers should concentrate on the update for Microsoft Exchange, which covers critical defects in the Oracle Outside In Technology (OIT). This is a set of software development kits (SDKs) that can be used to obtain, normalize, remove, change and see unorganized file formats.

Researchers from Cisco’s Talos team observed and recorded defects in Oracle OIT in the beginning of this year, signaling that they change products from many merchants, including Microsoft Exchange. Oracle issued scraps for these defects in July and Microsoft has now shipped those fixes. The Oracle OIT defects can be used to do remote code execution by only giving an email with a uniquely crafted attachment to a weak Exchange server.

In a blog post, Amol Sarwate, the director of defect labs at Qualys said:

“The Office update should also be on server administrators’ radar because it applies to Microsoft SharePoint Server 2007, 2010 and 2013 and the flaws it covers could allow attackers to take complete control of such servers by using the Word and Excel automation service. Server admins should also look at the update for Microsoft Graphics Component (MS16-106), which affects Windows servers, and at MS16-110 which applies to Server 2008 and 2012 and allows attackers with domain user account to could create a specially crafted request, causing Windows to execute arbitrary code with elevated permissions.”

- Advertisement -
63045c01f4ad860aad8ad74961a9564b - Microsoft issues one of its important security updates
Adeel Younashttps://techwafer.com
Editor-in-Chief at TechWafer (previously The Tech) an Entrepreneur, Blogger, Developer, and Freelancer.

More from author

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Related posts

Advertisment

Latest posts

The Unveiling OF CAMON 17 From a Tech Guru’s POV!

TECNO Pakistan launched the CAMON 17 as the "Clearest Selfie Camera Phone". Well! All thanks to its huge 16MP AI-enabled selfie camera that comes...

Bigger Celebrations, Bigger Offers! OPPO F19 and A54 dropped down to new amazing prices for you to enjoy your Eid!

As consumers prepare for the festivities of Eid Ul-Adha, the Global leading smartphone brand OPPO decides to make your Eid even more exciting by...

TECNO brings massive discounts for fans with “Bari Eid ki Bari Sale” Offer

As EID is around the corner, TECNO brings happiness with up to a 14% discount on your favorite TECNO phones at Daraz “Bari EID...

Want to stay up to date with the latest news?

We would love to hear from you! Please fill in your details and we will stay in touch. It's that simple!