Microsoft Patch Tuesday, June 2019 – Krebs on Security

[ad_1]

Microsoft Tuesday released updates to fix 88 security vulnerabilities in his the Windows operating systems and associated software. The most dangerous of them includes four loopholes for which there is already operating code. There is also a scary bug that affects all versions of Microsoft Office this can be triggered by a malicious link or attachment. And of course Adobe has its usual monthly security update for Flash Player.

Microsoft claims to have so far seen no exploitation against any of the four publicly disclosed flaws before their update this week – nor against any of the 88 bugs voided in this month's release. The four are elevation of privilege breaches: CVE-2019-1064 and CVE-2019-1069 affect Windows 10 and then; CVE-2019-1053 and CVE-2019-0973 affect all currently supported versions of Windows.

Most critical vulnerabilities – those that can be exploited by malware or malware to infect systems without any action on the part of the user – are present in Microsoft's browsers. Internet Explorer and Edge.

according to Allan Liska, senior solutions architect at Future saved, the major vulnerabilities in this month's fix pack are in Microsoft Word (CVE-2019-1034 and CVE-2019-1035).

"This is another memory corruption vulnerability that forces an attacker to send a specially crafted Microsoft Word document to open a victim." Otherwise, an attacker could convince the victim to click on a link to a website hosting a malicious Microsoft Word document, "Liska wrote. . "This vulnerability affects all versions of Microsoft Word on Windows and Mac, as well as on Office 365. Since Microsoft Word documents are a favorite operating tool for cybercriminals, this vulnerability could be exploited extensively if it were inverted. . "

Microsoft has also requested an update to address a critical security vulnerability in the Adobe Flash Player software, which is in use but remains a target for malware vendors. Google Chrome Automatically updates Flash, but now requires users to explicitly enable Flash each time they want to use it. In the summer of 2019, Google Chrome users will change their settings to turn it on whenever they wish.

Firefox also forces users with the Flash add-on installed to click to play Flash content; the instructions to disable or remove Flash from Firefox are here. Adobe will stop supporting Flash by the end of 2020.

Note that Windows 10 like to install patches at once and restart your computer according to its own schedule. Microsoft does not make it easy to change this setting for Windows 10 users, but it is possible. For all other users of the Windows operating system, if you prefer to be notified of new updates when they are available so that you can choose when to install them, there is a setting for that in Windows Update. To get there, click the Windows key on your keyboard and type "Windows Update" in the box that appears.

Staying up to date on Windows fixes is a good thing. Updating only after backing up your important data and files is even better. A good backup means that you do not tear your hair if the abnormal patch is causing problems to boot the system. So do yourself a favor and save your files before installing any fixes.

As always, if you are having trouble installing one of the fixes this month, feel free to leave a comment about it below; There is a good chance that other readers have experienced the same thing and can even add some useful tips.