Microsoft patches 66 bugs and 24 of them were rated as critical. Among that 24 critical bug, a bug in the SharePoint is noted as worthy of attention. CVE-2018-1034, privilege elevation bug in the SharePoint. “An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server,” Microsoft said. They also warned users of five Graphics Remote Code Execution bugs (CVE-2018-1010, -1012, -1013, -1015, -1016) knotted to the Windows Font Library. “Each of these patches covers a vulnerability in embedded fonts that could allow code execution at the logged-on user level. Since there are many ways to view fonts – web browsing, documents, attachments – it’s a broad attack surface and attractive to attackers,” Zero Day Initiative team noted.
Subscribe to:
Post Comments (Atom)
-
Today we received a linux malware sample for analysis. MD5: 26413FD652A4ABB3FCA4A936DE6A4736 remnux@remnux:~/Downloads$ file ntpd ntpd:... -
This site is found in many malware communication. So we are writing this post to clear the mist that it is not malicious. Please refer the ...
No comments:
Post a Comment