Skip to main content

Microsoft

Microsoft
February 13, 2018

Importance: Critical

Resources affected:
- Internet Explorer
- Microsoft Edge
- Microsoft Windows
- Microsoft Office and Microsoft Office Services and Web Apps
- ChakraCore
- Adobe Flash

Description

The monthly publication of Microsoft security updates this month consists of 52 vulnerabilities, 14 classified as critical and 38 as important, the rest being medium or low severity.

Solution

Install the corresponding update. On the installation information page for security updates, the different update methods are reported.
Solution


Details

Security vulnerabilities of the following types have been published in the security update bulletin for the month of February:

- Privilege escalation
- Information divulgation.
- Remote code execution
- Evasion of security.

Comments

Popular posts from this blog

Drupal

Multiple vulnerabilities in the Drupal core   8.4.x-dev 7.x-dev  Description   The security team of Drupal has published two new versions that correct multiple vulnerabilities in versions 7 and 8. Solution Update the Drupal core to the latest version: Drupal 8.4.5 Drupal 7.57  Detail   The main vulnerabilities corrected with these updates are: Any user with permission to post comments can access comments for which they do not have authorization and modify them.  This vulnerability affects version 8 of Drupal. The JavaScript function checkPlain () used to escape possible malicious entries does not correctly handle all HTML injection methods, being able to perform cross-site scripting attacks in certain circumstances. This vulnerability affects version 7 of Drupal.

Meltdown and Spectre

Meltdown and Spectre exploit critical vulnerabilities in some of the main processor brands. These hardware vulnerabilities allow programs to steal data which is currently processed or in use on the computer. While programs are typically not permitted to read data from other programs, a malicious program can exploit Meltdown and Spectre to get information stored in the memory of other running programs. This might include your passwords stored in a password manager or browser, your personal data: photos, emails, instant messages and even business-critical documents. Meltdown and Spectre work all kind of devices: on personal computers, mobile devices, and in the cloud.