Hello and welcome to this month’s blog on the Microsoft patch releases. This is a busy month—the vendor is releasing 13 bulletins covering a total of 26 vulnerabilities.
Eight of the issues are rated “Critical” and affect SMB Server, SMB Client, Windows, and Data Analyzer ActiveX control. An attacker could exploit the SMB Server issues remotely to gain complete control of an affected computer. However, to exploit the SMB Client issues to compromise a computer, the attacker must first entice a victim to connect to a malicious server.
The remaining issues, rated “Important” and “Moderate,” affect SMB Server, Windows, Windows Kernel, Office, PowerPoint, and Paint. Although the kernel issues are rated only “Important” by Microsoft, we consider them to be a high security risk because exploit code already exists for one of the issues.
As always, customers are advised to follow these security best practices:
- Install vendor patches as soon as they are...