Microsoft patches 66 bugs and 24 of them were rated as critical. Among that 24 critical bug, a bug in the SharePoint is noted as worthy of attention. CVE-2018-1034, privilege elevation bug in the SharePoint. “An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server,” Microsoft said. They also warned users of five Graphics Remote Code Execution bugs (CVE-2018-1010, -1012, -1013, -1015, -1016) knotted to the Windows Font Library. “Each of these patches covers a vulnerability in embedded fonts that could allow code execution at the logged-on user level. Since there are many ways to view fonts – web browsing, documents, attachments – it’s a broad attack surface and attractive to attackers,” Zero Day Initiative team noted.
Subscribe to:
Post Comments (Atom)
How Malware Uses GetThreadContext() to Detect Debuggers – And How to Bypass It?
Introduction In the world of malware reverse engineering , understanding how malware detects debuggers is crucial. One of the most common ...
-
Introduction In the world of malware reverse engineering , understanding how malware detects debuggers is crucial. One of the most common ... -
Discover the Best Papers on Reverse Engineering Reverse engineering has always been a fascinating and vital aspect of cybersecurity. Wheth...
No comments:
Post a Comment