Microsoft issues one of its important security updates

- Advertisement -

Microsoft revealed one of its prominent security updates, repairing 50 defects in its products and 26 extra in Flash Player, which is packaged with its Edge browser.

The scraps are divided into 14 security news, covering the one devoted to Flash Player, seven of which are considered hazardous. They discuss defects in Windows, Internet Explorer, Microsoft Edge, Microsoft Exchange, Microsoft Office and Microsoft Office web services and apps.

For desktop utilization, managers should prioritize the dilemmas for Internet Explorer, which are included in the MS16-104 bulletin, Microsoft Edge, Microsoft Office, Microsoft Graphics Component, OLE Automation for VBScript Scripting Engine and Adobe Flash Player.

- Advertisement -

This is since these defects can be utilized to manage remote code execution by cheating users to tour bargained websites or to open individually crafted records. These are two of the very basic virus vectors applied in malware attacks.

One of the Internet Explorer and Edge defects could be used for learning exposure in a venture series. Microsoft sees in its report that still this defect has not been openly revealed, it has been used. The company did not give more reports regarding attacks supporting it.

The security update for Silverlight should also be prioritized even if though it’s considered as serious, somewhat than critical. The covered defect could also direct to remote code execution if a user tours a compromised website that carries a uniquely crafted Silverlight application.

On the server front, managers should concentrate on the update for Microsoft Exchange, which covers critical defects in the Oracle Outside In Technology (OIT). This is a set of software development kits (SDKs) that can be used to obtain, normalize, remove, change and see unorganized file formats.

Researchers from Cisco’s Talos team observed and recorded defects in Oracle OIT in the beginning of this year, signaling that they change products from many merchants, including Microsoft Exchange. Oracle issued scraps for these defects in July and Microsoft has now shipped those fixes. The Oracle OIT defects can be used to do remote code execution by only giving an email with a uniquely crafted attachment to a weak Exchange server.

- Advertisement -

In a blog post, Amol Sarwate, the director of defect labs at Qualys said:

“The Office update should also be on server administrators’ radar because it applies to Microsoft SharePoint Server 2007, 2010 and 2013 and the flaws it covers could allow attackers to take complete control of such servers by using the Word and Excel automation service. Server admins should also look at the update for Microsoft Graphics Component (MS16-106), which affects Windows servers, and at MS16-110 which applies to Server 2008 and 2012 and allows attackers with domain user account to could create a specially crafted request, causing Windows to execute arbitrary code with elevated permissions.”

- Advertisement -
Adeel Younashttps://techwafer.com
Editor-in-Chief at TechWafer (previously The Tech) an Entrepreneur, Blogger, Developer, and Freelancer.

More from author

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Related

Infinix announces HOT 11S with MediaTek G88 Chipset

Infinix, the no.1 selling smartphone brand, has announced its new gaming smartphone – HOT 11S in Pakistan. Boasting a Dual Chip MediaTek Helio G88...

realme is about to launch 5G smartphone in Pakistan

Everyone is harping about a 5G-enabled smartphone. But, in the absence of 5G connectivity in Pakistan and possibly no 5G connectivity in-sight for the...

Xiaomi announces Xiaomi 11 Lite 5G NE in exciting colours

Global tech leader Xiaomi has hit the Pakistani market with another device, the 11 Lite 5G NE is their latest drop. With a super...
Advertisment

Trending

NVIDIA CMP 170HX with 164 MH/s Hashrate Goes On Sale at $4400

NVIDIA's built a flagship mining-focused GPU named CMP 170HX - this GPU was revealed last month, and it's on sale by Dubai-based retailer Vipera....

Infinix announces HOT 11S with MediaTek G88 Chipset

Infinix, the no.1 selling smartphone brand, has announced its new gaming smartphone – HOT 11S in Pakistan. Boasting a Dual Chip MediaTek Helio G88...

Xiaomi announces Xiaomi 11 Lite 5G NE in exciting colours

Global tech leader Xiaomi has hit the Pakistani market with another device, the 11 Lite 5G NE is their latest drop. With a super...
get latest updates from us
subscribe and get important updates in the notification
Allow
Later