Patch Tuesday Fixes 53 Holes

Wednesday, July 11, 2018 @ 12:07 PM gHale

Microsoft’s Patch Tuesday updates for July takes care of 53 vulnerabilities.

The company found 17 of the holes critical and the major product line affected would be the Edge and Internet Explorer web browsers.

RELATED STORIES
Patch Tuesday Fixes 11 Critical Holes
Patch Tuesday Clears 2 Zero Days
Microsoft Clears Host Compute Service Library Hole
Microsoft’s Solution to Secure Critical Infrastructure

Three of the flaws patched this month were publicly disclosed before Microsoft released patches. The list includes CVE-2018-8278, a spoofing vulnerability affecting Edge; and CVE-2018-8314 and CVE-2018-8313, both of which are Windows privilege escalation vulnerabilities.

Microsoft made some updates to advisories describing the Spectre and Meltdown vulnerabilities, including letting users know about a new Spectre variant.

Trend Micro’s Zero Day Initiative (ZDI) has targeted a low severity Office tampering issue that can end up leveraged by an attacker by getting a user to open a specially crafted file.

Another vulnerability affects the Microsoft Wireless Display Adapter (MWDA). The flaw allows an authenticated attacker to execute arbitrary commands, but what makes the issue interesting is the fact a firmware update is required to address it, according to ZDI.



Leave a Reply

You must be logged in to post a comment.