Install your Windows updates folks!
Microsoft’s second Tuesday of the Month
- 12 patch bundles, 8 of them critical, 4 important
- Remote Code Execution vulnerabilities for: Office, Uniscribe, Silverlight, “Graphics Component”, DNS, JScript & VBScript.
- Critical update packages for their Edge and IE browsers.
Adobe updates FLASH to v18.104.22.168
- Adobe has released security updates for Adobe Flash Player. These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system.
- How many??? 78!!!
- Now at v22.214.171.124
- And still trying to push McAfee “Security Scan Plus” on us
Post from SAN Internet Storm Center:
Special Note: MS15-127 looks particularly “nasty”. A remote code execution vulnerability in Microsoft’s DNS server. Microsoft rates the exploitability as “2”, but doesn’t provide much detail as to the nature of the vulnerability other than the fact that it can be triggered by remote DNS requests, which is bad news in particular if you are using a Microsoft DNS server exposed to the public internet. In this case, I would certainly expedite this patch. This is the vulnerability to look out for this time around.