Microsoft patches 66 bugs and 24 of them were rated as critical. Among that 24 critical bug, a bug in the SharePoint is noted as worthy of attention. CVE-2018-1034, privilege elevation bug in the SharePoint. “An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server,” Microsoft said. They also warned users of five Graphics Remote Code Execution bugs (CVE-2018-1010, -1012, -1013, -1015, -1016) knotted to the Windows Font Library. “Each of these patches covers a vulnerability in embedded fonts that could allow code execution at the logged-on user level. Since there are many ways to view fonts – web browsing, documents, attachments – it’s a broad attack surface and attractive to attackers,” Zero Day Initiative team noted.
Subscribe to:
Post Comments (Atom)
Operating system - Part 1:
In our blog, we published several articles on OS concepts which mostly on the perspective for malware analysis/security research. In few in...
-
Today we received a linux malware sample for analysis. MD5: 26413FD652A4ABB3FCA4A936DE6A4736 remnux@remnux:~/Downloads$ file ntpd ntpd:...
-
This site is found in many malware communication. So we are writing this post to clear the mist that it is not malicious. Please refer the ...
No comments:
Post a Comment