The June Windows patch and update has 39 important and 11 critical vulnerabilities addressed.
Of the 50 patch or updates the ones worrisome to researchers include CVE-2018-8225 and CVE-2018-8231.
CVE is a database of vulnerabilities. For 2018 there are over 12000 listed so far.
CVE-2018-8225 is a vulnerability in DNS (Domain Name System) that allows a reply to a DNS query to run malicious code in the context of the local system account. Very bad.
CVE-2018-8231 is a vulnerability in the HTTP protocol stack with a similar affect.
Some members avoid patching. This month's patch set may not be one to avoid or postpone.
No comments:
Post a Comment