Microsoft has Released Patch Update for 53 vulnerabilities, affecting Windows, Internet Explorer (IE), Edge, ChakraCore, .NET Framework, ASP.NET, PowerShell, Visual Studio, and Microsoft Office and Office Services, and Adobe Flash Player.
Out of 53 vulnerabilities, 17 are rated critical, 34 important, one moderate and one as low in severity.
Recently there has not been found any critical vulnerability patched in Microsoft Windows operating system and unexpectedly none of the flaw patched by the tech giant is listed as publicly known or under active attack.
The critical errors patched in Microsoft products are memory corruption flaws in IE, Edge browser and Chakra scripting engine, which if successfully exploited, could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system in the context of the current user.
Here’s below you can find a brief list of all critical vulnerabilities Microsoft recently patched in its various products:
- Scripting Engine Memory Corruption Vulnerability (CVE-2018-8242)
- Edge Memory Corruption Vulnerability (CVE-2018-8262)
- Edge Memory Corruption Vulnerability (CVE-2018-8274)
- Scripting Engine Memory Corruption Vulnerability (CVE-2018-8275)
- Scripting Engine Memory Corruption Vulnerability (CVE-2018-8279)
- Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8280)
- Scripting Engine Memory Corruption Vulnerability (CVE-2018-8283)
- Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8286)
- Scripting Engine Memory Corruption Vulnerability (CVE-2018-8288)
- Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8290)
- Scripting Engine Memory Corruption Vulnerability (CVE-2018-8291)
- Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8294)
- Scripting Engine Memory Corruption Vulnerability (CVE-2018-8296)
- Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8298)
- Microsoft Edge Memory Corruption Vulnerability (CVE-2018-8301)
- Microsoft Edge Information Disclosure Vulnerability (CVE-2018-8324)
- PowerShell Editor Services Remote Code Execution Vulnerability (CVE-2018-8327)
Important Patch Updates for Microsoft Products
Besides this, Microsoft has also addressed 34 important flaws categorized as below:
- Microsoft Edge—Remote code execution (RCE), Information disclosure, spoofing, and security feature bypass flaws
- Microsoft Internet Explorer (IE)— RCE and security feature bypass flaws
- MS Office (Powerpoint, Word, Excel, Access, Lync, Skype)—security feature bypass, RCE, and elevation of privilege flaws
- Windows 10, 8.1, 7 and Server 2008, 2012, 2016—Denial of Service, security feature bypass, elevation of privilege flaws
- Microsoft .NET Framework—Elevation of privilege and RCE flaws
- Microsoft SharePoint—Elevation of Privilege, and RCE flaws
- ChakraCore—RCE, and security feature bypass vulnerabilities
- Microsoft Visual Studio—RCE flaw
- Expression Blend 4—RCE flaw
- ASP .NET—security feature bypass flaws
- Mail, Calendar, and People in Windows 8.1 App Store—information disclosure flaw
Besides this, Microsoft has also focused on security updates to patch vulnerabilities in Adobe products.
Users are strongly suggested to apply security patches as soon as possible to keep hackers and cybercriminals away from taking control of their computers.
For installing security updates, just head on to Settings → Update & security → Windows Update → Check for updates, or you can install the updates manually.
