Microsoft fixes an important vulnerability in Windows
Microsoft has released a set of fixes for its products Windows, Internet Explorer,. NET Framework, Silverlight, Office. A total of 13 updates were released, of which 3 with the status of Critical, the rest are Important. Update MS15-043 fixes 22 vulnerabilities in IE 6-11 web browser and VBScript engine (VBScript Scripting Engine, Vbscript.dll). Vulnerabilities can be used by attackers for remote code execution using a specially crafted web page, as well as bypassing ASLR when developing more stable exploits.
Earlier we wrote about the dangerous 0day LPE vulnerability in Windows with the identifier CVE-2015-1701. The vulnerability is present in the Win32k.sys driver in Windows Server 2003 - Windows 7. To fix this vulnerability, an MS15-051 update was released. It was used in targeted cyber attacks on US government agencies in conjunction with another Flash Player RCE vulnerability to bypass sandbox browsers.
We recommend that our users install updates as soon as possible and, if you have not already done so, enable automatic delivery of updates using Windows Update (this option is enabled by default).
Earlier we wrote about the dangerous 0day LPE vulnerability in Windows with the identifier CVE-2015-1701. The vulnerability is present in the Win32k.sys driver in Windows Server 2003 - Windows 7. To fix this vulnerability, an MS15-051 update was released. It was used in targeted cyber attacks on US government agencies in conjunction with another Flash Player RCE vulnerability to bypass sandbox browsers.
We recommend that our users install updates as soon as possible and, if you have not already done so, enable automatic delivery of updates using Windows Update (this option is enabled by default).
')
Source: https://habr.com/ru/post/257929/
All Articles