Information Security News mailing list archives
Microsoft May 2019 Patch Tuesday arrives with fix for Windows zero-day, MDS attacks
From: InfoSec News <alerts () infosecnews org>
Date: Wed, 15 May 2019 06:53:15 +0000 (UTC)
https://www.zdnet.com/article/microsoft-may-2019-patch-tuesday-arrives-with-fix-for-windows-zero-day-mds-attacks/ By Catalin Cimpanu Zero Day ZDNet.com May 14, 2019Today, Microsoft released its monthly batch of security updates known as Patch Tuesday, and this month's security release includes fixes for 79 vulnerabilities in a wide range of Microsoft products.
The two headliners of this month's patches are CVE-2019-0863, a zero-day vulnerability exploited in the wild, and ADV190013, a security advisory for dealing with the latest wave of Intel CPU flaws that came to light only a few hours before.
THE ZERO-DAYThe zero-day is an elevation of privilege vulnerability that exists in the way the Windows Error Reporting (WER) service interacts with files.
Tracked as CVE-2019-0863 and discovered by security researchers from PolarBear and Palo Alto Networks, this vulnerability has been used in the wild by hackers to elevate access on compromised systems from a regular account to one with admin access.
[...] -- Subscribe to InfoSec News https://www.infosecnews.org/subscribe-to-infosec-news/ https://twitter.com/infosecnews_
Current thread:
- Microsoft May 2019 Patch Tuesday arrives with fix for Windows zero-day, MDS attacks InfoSec News (May 15)