Patch Tuesday June edition

Patch Tuesday Information

Lately, Microsoft have been release a new Patch Tuesday with a total of 51 of vulnerabilities for the CVE-listing. In the latest Patch Tuesday, it has included 11 fixes on High vulnerabilities in Windows Operating SystemThe June edition of Patch Tuesday includes 11 fixes for critical vulnerabilities that been found in Windows, including Microsoft’s solution for the recently-disclosed Spectre Variant 4 chip design flaw.

The critical vulnerabilities that everyone need to be aware of in this latest Patch Tuesday is  CVE-2018-8225 (Windows DNSAPI Remote Code Execution Vulnerability). This vulnerabilities that mentioned here is a vulnerabilities that related to remote code execution vulnerability which it exists in Windows Domain Name System (DNS) DNSAPI.dll. The Impact of this vulnerabilities is that the attacker could run malicious code such as arbitrary code in the Local System Account if they successfully exploit this weakness

ANother Vulnerabilities

The another critical patches that been included is such as following:

  1.  CVE-2018-8267, is a vulnerabilities that related to remote code execution from a memory corruption flaw in the Windows scripting engine that have been allowed to compromised
  2. (CVE-2018-8110, CVE-2018-8111, andCVE-2018-8236) is a vulnerabilities where it is about remote code execution holes in Edge,
  3. (CVE-2018-8249 and CVE-2018-0978)   is a vulnerabilities that related to two remote code execution bugs in IE
  4. (CVE-2018-8229 and CVE-2018-8227) is a vulnerabilities that been related to Edge’s Chakara Scripting engine which  have been spotted for hosting on two of its own remote code execution vulnerbailities

Source: SCmagazine Spectre variant 4 fix included in Microsoft Patch Tuesday rollout

Author: Wan Ariff

He brings with him working experience in Information Security filed which specializing in Penetration Testing and Digital Forensic. His passion is more to IT Security

Leave a Reply

Your email address will not be published. Required fields are marked *