09 Jan 2019

Microsoft’s monthly security updates known as Patch Tuesday has been released and this month saw 50 vulnerabilities across nine products, including the Windows OS, Internet Explorer, Microsoft Edge, ChakraCore, the .NET Framework, ASP.NET, Microsoft Visual Studio, Microsoft Exchange Server, and Microsoft Office and Microsoft Office Services and Web Apps

This month’s Patch Tuesday did not have any security updates for actively-exploited vulnerabilities. But still there are some bugs which the users must be aware of because they might give access to attackers to get control over your system by exploiting them by running malware on your PC or if you visit a malicious website.

Out of the vulnerabilities 17 are considered as “remote code execution” issues, which are bugs that let the attackers a direct path to execute code inside different Microsoft products or Windows components without having to get control of a system beforehand.

There are 7 vulnerabilities marked as “Critical,” which is the highest severity level assigned to security bugs. Out of these 3 affect the ChakraCore scripting engine included in Edge, 2 affects Microsoft’s Hyper-V server virtualization environment, 1 affects Edge directly, and the remaining one affects the ubiquitous Windows DHCP client.

It is important that this month’s patch update should not be missed by any Windows user as the Windows DHCP client is enabled on all Windows operating systems, and it is possible to remotely exploit this vulnerability.

More information regarding the vulnerabilities are available on Microsoft’s official Security Update Guide portal, that has an interactive filtering options so it is easier for the users to select the updates and patches necessary for the products they need to know of.

Leave your thought