Security updates releases on Microsoft Office: Ransomware discovered a wormable threat almost like WannaCry
www.office.com/setup - Microsoft has taken many steps to release the safety updates for widely-used Windows operating systems like Windows 2003 and XP. The organization took this move as a part of its May 14 Patch Tuesday, thanks to the invention of a worm able threat that would be a serious threat similar to the WannaCry ransomware attacks of 2017.
The WannaCry ransomware threat was quick to spread across the planet in May 2017 thanks to the vulnerability that was widespread among devices running older versions of Windows and Windows XP.
Microsoft released 16 updates that focus on a minimum of 79 security issues within the software and therefore the Windows. Now let’s have a glance at the CVE-2019-0708, CVE-2019-0863, and vulnerabilities.
The CVE-2019-0708 vulnerability is in remote desktop services into supported versions of Windows, including Windows Server 2008 R2, Windows 7, and Windows Server 2008. It is present in devices powered by Windows 2003 and Windows XP. www office com setup
To attack the device, an unauthenticated attacker fixes to the target system using Remote Desktop Protocol (RDP) and then sends specially crafted requests. This security update now corrects how Remote Desktop Services manages connection requests.
Though the susceptibility CVE-2019-0708 doesn't affect Microsoft’s latest operating systems, including, Windows 8, Windows 10, Windows 8.1, Windows Server 2016, Windows Server 2019, Windows Server 2012 R2, or Windows Server 2012.
The company hasn’t observed any evidence of attacks against this security flaw, but it's going to leave an imminent and high imminent threat.
One of the securities updates preset the zero-day vulnerability, CVE-2019-0863 within the error reporting service Window. An attacker who can successfully utilize this vulnerability can run random code in kernel mode. The attacker can then install programs; view, change, or delete data; or create new accounts with administrator privileges.
An attacker has to gain privileged execution on the victim’s system in order to exploit the vulnerability. Microsoft’s security update addresses this vulnerability by correcting the way Window Error Reporting (WER) handles files.
Office 365 and Microsoft Office, .NET Framework, SharePoint, and SQL server are some of the other Microsoft products that received covers. office.com/setup
Read More: Microsoft Enabling Remote Work For Its Employees:
The WannaCry ransomware threat was quick to spread across the planet in May 2017 thanks to the vulnerability that was widespread among devices running older versions of Windows and Windows XP.
Microsoft released 16 updates that focus on a minimum of 79 security issues within the software and therefore the Windows. Now let’s have a glance at the CVE-2019-0708, CVE-2019-0863, and vulnerabilities.
Remote desktop services vulnerability- CVE-2019-0708
The CVE-2019-0708 vulnerability is in remote desktop services into supported versions of Windows, including Windows Server 2008 R2, Windows 7, and Windows Server 2008. It is present in devices powered by Windows 2003 and Windows XP. www office com setup
To attack the device, an unauthenticated attacker fixes to the target system using Remote Desktop Protocol (RDP) and then sends specially crafted requests. This security update now corrects how Remote Desktop Services manages connection requests.
Though the susceptibility CVE-2019-0708 doesn't affect Microsoft’s latest operating systems, including, Windows 8, Windows 10, Windows 8.1, Windows Server 2016, Windows Server 2019, Windows Server 2012 R2, or Windows Server 2012.
The company hasn’t observed any evidence of attacks against this security flaw, but it's going to leave an imminent and high imminent threat.
Zero-day vulnerability CVE-2019-0863
One of the securities updates preset the zero-day vulnerability, CVE-2019-0863 within the error reporting service Window. An attacker who can successfully utilize this vulnerability can run random code in kernel mode. The attacker can then install programs; view, change, or delete data; or create new accounts with administrator privileges.
An attacker has to gain privileged execution on the victim’s system in order to exploit the vulnerability. Microsoft’s security update addresses this vulnerability by correcting the way Window Error Reporting (WER) handles files.
Office 365 and Microsoft Office, .NET Framework, SharePoint, and SQL server are some of the other Microsoft products that received covers. office.com/setup
Read More: Microsoft Enabling Remote Work For Its Employees: