Monthly Patches are out for Microsoft and Adobe.
Microsoft
Microsoft Monthly Patches are out, with 145 patched vulnerabilities, 10 rated Critical, 1 publicly disclosed vulnerability in Windows User Profile Service, and 1 exploited EoP vulnerability in Windows Common Log File System Driver. Highest CVSSv3 score of 9.8
More info. And here. And here.
An RCE vulnerability affects Remote Procedure Call Runtime. A remote attacker could exploit this vulnerability to achieve RCE with the same permissions as the RPC service. This vulnerability has the potential to be wormable. CVSSv3 score of 9.8
More info.
A Remote Code Execution vulnerability affects Windows Network File System. An attacker could send a specially crafted NFS protocol network message to a vulnerable Windows machine, which could allow RCE. CVSSv3 score of 9.8
More info.
Adobe has published updates for Commerce, Acrobat and Reader, After Effects, and Photoshop in their Monthly Patches. All the bulletins identify Critical vulnerabilities.
More info.
Comments