Hello and welcome to this month’s blog on the Microsoft patch releases. This is a light month—the vendor is releasing only one bulletin covering a total of three vulnerabilities affecting Server Message Block (SMB).
Of those issues, two are “Critical” server-side, remotely exploitable code-execution vulnerabilities. These are rather serious issues that may allow remote attackers to completely compromise a vulnerable computer. Given the nature of these issues, developing viable exploits to execute code may prove difficult, but denial-of-service attacks will likely be trivial. The remaining issue, rated “Moderate”, is a remote denial-of-service vulnerability.
As always, customers are advised to follow these security best practices:
-Install vendor patches as soon as they are available. -Block external access at the network perimeter to specific sites and computers only. -Run all software with the least privileges...
