Cyber security news for all

More

    Microsoft fixed a total of 115 vulnerabilities

    Almost 120 vulnerabilities closed by Microsoft on March 10 – vulnerabilities that Microsoft considers critical. These affect Windows, Internet Explorer and Office.

    Microsoft Classifies The Remaining Gaps As High Risk

    Microsoft offers details of all vulnerabilities for self-searching in the confusing security update guide. The majority of the vulnerabilities are spread across the various versions of Windows for which Microsoft still offers security updates. Windows 7 is still mentioned in the security reports, but updates are only available to organizations participating in the chargeable program. Microsoft rates some of these Windows vulnerabilities as critical. This month there is again a newly discovered vulnerability that affects all versions of Windows. Your CVE number is lower than that of the gap plugged in the previous month. Microsoft should have known it for a longer time. There are also two gaps in all Windows versions. Microsoft has fixed critical vulnerabilities in the Windows Media Foundation. These only affect newer versions of Windows, like Windows 10 and Server 2019.

    The open source Application Inspector could be used to inject and execute code. To do this, the attacker would have to make his victim to release the software on code that contains a specially prepared third-party component. Microsoft apparently fixed the bug in version in January and has only just released it.

    The server message protocol in Windows 10 and Windows Server is susceptible to attacks with prepared packets. If successful, an attacker could execute the injected code. The vulnerability, previously unofficially known as CVE-2020 is said to be safe. Microsoft has not yet released an update to address the vulnerability. In the security recommendation, Microsoft advises to deactivate the SMBv3 compression and also shows how this can be done. However, this only protects against attacks on SMB servers clients. Here it can help to block the port from access. It is not yet known when Microsoft wants to close the gap.

    Recent Articles

    Hungarian banks were the target of a massive DDoS attack

    Several banks and the Hungarian Telekom have been the target of a cyber attack. The attacks are said to have come in several waves...

    The source code of Windows XP is leaked

    The source code of Windows XP is currently freely accessible. The media says that data first appeared on 4chan and is currently being exchanged...

    Hackers send malicious Azure Cloud apps to Microsoft

    Microsoft has banned some Azure Cloud applications from its cloud that the company identified as part of an attack infrastructure. Microsoft describes the approach...

    Vodafone experiences a vulnerability with fatal effects

    The injected JavaScript can access the session cookies from Vodafone website and send them to a server. An attacker can take over the session...

    Maze leaks data on its own platform

    The Maze ransomware has been up to almost a year and a half. This week, security experts warned about the actions of the cyber...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox