Microsoft, Adobe Ship Critical Fixes

[sunnyd]

Story : https://krebsonsecurity.com/2017/06/microsoft-adobe-ship-critical-fixes/

Microsoft today released security updates to fix almost a hundred security flaws in its various Windows operating systems and related software. One bug is so serious that Microsoft is issuing patches for it on Windows XP and other operating systems the company no longer officially supports. Separately, Adobe has pushed critical updates for its Flash and Shockwave players, two programs most users would probably be better off without.

According to security firm Qualys, 27 of the 94 security holes Microsoft patches with today’s release can be exploited remotely by malware or miscreants to seize complete control over vulnerable systems with little or no interaction on the part of the user.

Microsoft this month is fixing another serious flaw (CVE-2017-8543) present in most versions of Windows that resides in the feature of the operating system which handles file and printer sharing (also known as “Server Message Block” or the SMB service).

SMB vulnerabilities can be extremely dangerous if left unpatched on a local (internal) corporate network. That’s because a single piece of malware that exploits this SMB flaw within a network could be used to replicate itself to all vulnerable systems very quickly.