Microsoft fixes 48 security vulnerabilities with its August 2017 Patch

Microsoft fixes 48 security vulnerabilities with its August 2017 Patch

Microsoft has introduced fixes for as many as 48 security issues with its August 2017 Patch, including flaws in the Linux subsystem and SQL Server.

Microsoft has also patched security vulnerabilities in Microsoft Edge that allowed malicious hackers to conduct remote code executions.

All of the security vulnerabilities that Microsoft is fixing this month carry ‘critical’ or ‘important’ tags and range across multiple Microsoft products including the Edge browser, the SQL server, Adobe Flash Player, Internet Explorer and Microsoft Windows.

Apple patches 47 vulnerabilities in iOS, MacOS and WatchOS devices

According to Bobby McKeown, Senior Manager of Engineering at Rapid7, this was also the first time that Microsoft patched security vulnerabilities on the Linux subsystem under Windows. The Redmond-based software giant also issued patches for several security vulnerabilities that were disclosed to the public earlier.

Previously-known vulnerabilities included CVE-2017-8633 (Privilege Escalation with Windows Error Reporting) as well as CVE-2017-8620 (Windows Search Remote Code Execution Vulnerability), and CVE-2017-8627 (Windows Subsystem for Linux Denial of Service Vulnerability).

However, McKeown noted that Microsoft didn’t introduce any patch for the SMBLoris vulnerability which is also known to the public. SMBLoris is a vulnerability in the Server Message Block (SMB) that was discovered by security researchers Sean Dillon and Jenna Magius in June.

‘ExplodingCan’ malware may affect 375,000 computers running Microsoft Windows 2003

According to Bleeping Computer, SMBLoris ‘allows an attacker to open tens of thousands of connections to the same machine, exhausting its RAM and potentially crashing the target’s computer’. Microsoft declined to issue any patch for SMBLoris vulnerability, stating that it isn’t a security bug but will bring in a fix for it in the future.

Earlier today, Adobe also released patches for as many as 80 security vulnerabilities in its products, including Flash Player, Digital Editions, Reader, Adobe Acrobat, and Experience Manager products.

‘These updates address a critical type confusion vulnerability that could lead to code execution and an important security bypass vulnerability that could lead to information disclosure,’ said Adobe in a statement.

Copyright Lyonsdown Limited 2021

Top Articles

RockYou2021 data leak: 8.4 billion passwords compromised

A report shows that 100GB of data which includes 8.4 billion passwords have been recently leaked on the internet, people are being encouraged to secure their accounts.

Hackers Breach Electronic Arts & Steal Game Code

Electronic Arts, one of the world's biggest video game publishers including games such as FIFA, Madden, Sims and Medal of Honor, are the latest company to be hacked.

JBS Foods paid £7.7m in ransom to REvil ransomware gang

JBS Foods, the world’s largest processor of beef and poultry products, has admitted to paying a ransom of $11 million to cyber criminals, a week after it announced that operations…

Related Articles

[s2Member-Login login_redirect=”https://www.teiss.co.uk” /]