未加星标

Microsoft Patches Five Zero Days Under Attack

字体大小 | |
[系统(windows) 所属分类 系统(windows) | 发布者 店小二04 | 时间 2016 | 作者 红领巾 ] 0人收藏点击收藏

Microsoft Patches Five Zero Days Under Attack

Microsoft today patched a handful of zero-day vulnerabilities that have been publicly attacked in Internet Explorer, Edge, windows and Office products. The security updates were included among 10 Patch Tuesday bulletins , half of which were rated critical by Microsoft.

Today also signaled the first time Microsoft issued security updates for older Windows versions (Windows 7 and 8, and Windows Server 2008 and 2012) as single, cumulative security and feature updates.

Last week Microsoft announced that admins will have three choices for patch distribution going forward: a single update that includes all new patches for the month available on WSUS; a monthly security update that includes new patches for the month and patches from previous monthly rollups available via Windows Update; and a monthly rollup with a preview of upcoming feature updates and patches from previous rollups to be delivered via WSUS on the third Tuesday of every month.

None of the zero-day vulnerabilities were publicly disclosed prior to today, but Microsoft said it was aware of attacks exploiting the flaws.

The Internet Explorer zero day, CVE-2016-3298, was one of 11 remote code execution flaws patched in a cumulative update, MS16-118 . The flaw is an information-disclosure vulnerability and could allow an attacker to “test for the presence of files on disk,” Microsoft said, adding that a user would have to visit a malicious website via IE 9-11 to trigger the vulnerability. The update also patches a mix of memory corruption and privilege elevation flaws, all of which enable remote code execution.

The Microsoft Edge bulletin, MS16-119 , also includes a patch for a zero day, CVE-2016-7189, in the browser’s scripting engine.

“A remote code execution vulnerability exists when Microsoft Edge improperly handles objects in memory,” Microsoft said in its advisory. “An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.”

The zero day is one of 13 vulnerabilities patched in Edge, most of which are memory corruption flaws in the browser.

Another zero day, CVE-2016-3393, was addressed in Microsoft Windows Graphics Component in MS16-020 . Attackers could exploit this flaw over the web, or through a malicious file attached to an email or sent over a file-sharing application.

The bulletin patches eight vulnerabilities overall in Graphics Component, GDI+ and True Type Font Parsing, which is used in Windows, Office, Skype for Business, Silverlight and Microsoft Lync, exposing those applications to remote code execution.

An Office zero-day, CVE-2016-7193, was also patched in MS16-121 , the lone vulnerability addressed in the bulletin. Microsoft said the flaw is a remote code execution vulnerability caused by the way Office handles RTF files. An attacker would have to convince a victim to open an infected file with an Office application.

The remaining publicly attacked zero day, CVE-2016-3298, was in the Microsoft Internet Messaging API and patched in MS16-126 . The flaw is an information disclosure vulnerability affecting Vista, Windows 7 and 8. The protocol was used by email clients such as Outlook and Exchange Server to communicate access public and private files and folders; that is no longer the case.

The remaining bulletin rated critical, MS16-122 , patches a vulnerability in the Windows Video Control. The vulnerability, CVE-2016-0142, is a remote code execution bug in Windows Vista, 7, 8 and 10 and can be exploited by a user opening a crafted file or application from the Internet or email. The vulnerability can be triggered from the Preview Pane, Microsoft said.

Microsoft also patched Adobe Flash Player native to Internet Explorer and Edge in MS16-127 ; a new version of Flash Player was released today by Adobe that patched a dozen vulnerabilities in the software, most of which were remote code execution.

The remaining bulletins were rated important or moderate severity by Microsoft:

MS16-123 : Patches five elevation of privilege vulnerabilities in Windows Kernel-Mode Drivers MS16-124 : Patches four elevation of privilege vulnerabilities in Windows Registry MS16-125 : Patches an elevation of privilege flaw in Windows Diagnostics Hub

本文系统(windows)相关术语:三级网络技术 计算机三级网络技术 网络技术基础 计算机网络技术

分页:12
转载请注明
本文标题:Microsoft Patches Five Zero Days Under Attack
本站链接:http://www.codesec.net/view/481631.html
分享请点击:


1.凡CodeSecTeam转载的文章,均出自其它媒体或其他官网介绍,目的在于传递更多的信息,并不代表本站赞同其观点和其真实性负责;
2.转载的文章仅代表原创作者观点,与本站无关。其原创性以及文中陈述文字和内容未经本站证实,本站对该文以及其中全部或者部分内容、文字的真实性、完整性、及时性,不作出任何保证或承若;
3.如本站转载稿涉及版权等问题,请作者及时联系本站,我们会及时处理。
登录后可拥有收藏文章、关注作者等权限...
技术大类 技术大类 | 系统(windows) | 评论(0) | 阅读(40)