Microsoft patches critical Internet Explorer, Windows, Office and Edge vulnerabilities during Patch Tuesday

Microsoft released 9 security updates that patch 34 vulnerabilities in yesterday's Patch Tuesday. The vulnerabilities include critical leaks in Internet Explorer, Edge, Windows, Office and the Windows built-in PDF reader which allowed attackers to fully take-over the computer. None of the fixed vulnerabilities were already disclosed or actively attacked.

myce-microsoft-patch

ADVERTISEMENT

The vulnerabilities in Edge and Internet Explorer could be exploited when an user simply visited a malicious or hacked website. Also viewing an infected advertisement was sufficient to become a victim of an attack exploiting the vulnerabilities.

By opening or previewing a malicious document the vulnerability in Office could be exploited. Opening a malicious PDF document in the Windows PDF reader (since Windows 8) allowed an attacker to execute random code.

Microsoft also patched several serious vulnerabilities in the Windows Graphic Component. These vulnerabilities could be exploited by tricking users of Windows, Office, Skype for Business and Lync to visit a hacked or malicious website. Also tricking them into opening a malicious document could lead to a successful attack.

ADVERTISEMENT

Windows Updates are automatically received using Windows Update on most Windows computers.

No posts to display