Tuesday, March 2019 Patch – Krebs on Security

[ad_1]

Microsoft Tuesday pushed software updates to fix more than five dozen security holes in his the Windows operating systems, Internet Explorer, Edge, Office and Sharepoint. If you're using Microsoft products, it's time, once again, to start thinking about installing your patches. Malware or criminals can remotely exploit about a quarter of the corrected vulnerabilities in today's patch package without any help from users.

An interesting fix from Microsoft this week comes in response to a zero-day vulnerability (CVE-2019-0797) reported by researchers from Kaspersky Lab, who discovered that the bug could be (and is being) exploited to install malicious software.

Microsoft has also fixed a zero-day vulnerability (CVE-2019-0808) in Windows 7 and Windows Server 2008, which was misused in conjunction with a previously unknown weakness (CVE-2019-5786) in the Google Chrome browser. Last week, a Google security alert announced that hackers were linking Windows and Chrome vulnerabilities to file malicious code on vulnerable systems.

If you're using Chrome, please take a moment to make sure that you have this update and that there is no arrow to the right of your Chrome address bar indicating the availability of the new update. If it does, close and restart the browser. it should restore all windows that you have open at reboot.

This is the third consecutive month that Microsoft has released patches to fix critical critical vulnerabilities in the Windows component that assigns Internet addresses to hosts (a.k.a "Windows DHCP client").

These are vulnerabilities of the type "receive a bad data package and become homeowners". But Allan LiskaAccording to Recorded Future, Senior Solutions Architect of the Recorded Security Company, DHCP vulnerabilities are often hard to tap and the access required to do this usually means that there are easier ways to deploy software. malicious.

Most of the remaining critical bugs that have been fixed this month are in Internet Explorer, Edge, and Office. All in all, not the most crazy patch of Tuesday. Even Adobe gave us a month (or at least a week) to fix critical Flash Player bugs: The Flash Player update released this week includes non-security updates.

Staying up to date on Windows fixes is a good thing. Updating only after backing up your important data and files is even better. A good backup means that you do not tear your hair if the abnormal patch is causing problems to boot the system.

Windows 10 like to install patches at once and restart your computer according to its own schedule. Microsoft does not make it easy to change this setting for Windows 10 users, but it is possible. For all other users of the Windows operating system, if you prefer to be notified of new updates when they are available so that you can choose when to install them, there is a setting for that in Windows Update.

As always, if you're having trouble installing any of these patches this month, feel free to leave a comment on this below; There is a good chance that other readers have experienced the same thing and can even add some useful tips.