December Microsoft Patch addresses 19 Critical browser issues[source: securityaffairs]

Microsoft released Patch Tuesday updates for December 2017 that address more than 30 vulnerabilities, including 19 Critical browser issues.

Microsoft has released its Patch Tuesday updates for December 2017 that address more than 30 vulnerabilities, including 19 critical flaws affecting the Internet Explorer and Edge web browsers.

Microsoft addressed several memory corruption flaws that can be exploited for remote code execution. Most of the vulnerabilities reside in the browser’s scripting engine, an attack can trigger them by tricking the victim into visiting a specially crafted website or a site that serves malicious ads.

Microsoft acknowledged researchers from Google, Palo Alto Networks, McAfee and Qihoo 360 for finding the issues.

The list of vulnerabilities fixed this month includes “important” information disclosure flaw tracked as CVE-2017-11927. The vulnerability affects the Windows its:// protocol handler, where the InfoTech Storage Format (ITS) is the storage format used in CHM files.

For more, click here.

Recommended Posts

WhatsApp down for millions of users globally: App not working for group and individual chats; Twitter gets flooded with memes

25 Oct 2022 - News, News Clipping

সাইবার-নিরাপত্তা-সূচকে-এগিয়েছে-বাংলাদেশ

30 Jun 2021 - CIRT In Media, News Clipping

Lazarus supply‑chain attack in South Korea [welivesecurity]

22 Nov 2020 - CIRT In Media, News Clipping