Microsoft gets Four Critical Updates for Patch

Microsoft received critical security updates on Tuesday. Windows 8.1 comprises 12 important updates (including the Malicious Software Removal Tool). Microsoft pushed out 11 update bundles to fix more than two dozen bugs in Windows and associated softwares.

This security update resolves remote code execution (RCE) vulnerabilities in Internet Explorer which is the most severe vulnerability if a user views a specially crafted webpage using Internet Explorer.

 An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

The good news is that this month’s collection of security bulletins includes only four rated Critical.
First is MS15-033. It is rated critical for Microsoft Word 2007, Microsoft Office 2010, Microsoft Word 2010, Microsoft Office Web Apps Server 2010, Microsoft Word Viewer, Microsoft Office Compatibility Pack and Word Automation Services on Microsoft SharePoint Server 2010.

MS15-034 resolves vulnerability in HTTP.sys; it’s rated critical for all supported editions of Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2.

MS15-032 fixes 10 security holes in Internet Explorer, nine of which are rated critical. Generally, if IE is on your machine, then you need this patch as IE6 to IE11 are vulnerable without it.

MS15-035 closes an RCE flaw in Microsoft graphics component, specifically in the Enhanced Metafile (EMF) file format that could be exploited if an attacker convinces a user to browse a maliciously crafted site, file, “or browse to a working directory that contains a specially crafted EMF image file.”

Although the raw number of updates might sound high, it represents a big drop from last month, when some PC users saw 50 or more updates on Patch Tuesday.

Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

How to Install Kali Linux on VirtualBox [Windows Host] in 2020

Kali Linux is a Debian based Linux distribution, released on the 13th March 2013 as a complete rebuild of BackTrack Linux. It is one of...

Acunetix v13 Release Introduces Groundbreaking Innovations

The newest release of the Acunetix Web Vulnerability Scanner further improves performance and premieres best-of-breed technologies London, United Kingdom – February 5, 2019 – Acunetix,...

What is Ethical Hacking, how to be an Ethical Hacker

Hacking is the process of discovering vulnerabilities in a system and using these found vulnerabilities by gaining unauthorized access into the system to perform...

Basic steps to ensure security Online!

Security concerns are growing day by day due to the growing interconnectivity and technology. Drastic things can happen if you be a little careless...