Tech & Science Mai-Patchday: Important Updates of Microsoft and Adobe

15:00  12 may  2021
15:00  12 may  2021 Source:   silicon.de

ROUNDUP: Several preview and insider updates for Windows 10

 ROUNDUP: Several preview and insider updates for Windows 10 © Provided by Dr. med. Windows Windows logo News on almost all channels: both in the Beta and Release Preview channel of the Windows Insider Program there are new updates that want to be tested. In addition, Microsoft has published a preview update for version 1909. Below the summary.

shutterstock-updates-tastatur-800 © Provided by Silicon Shutterstock Update Keyboard 800 Both companies also stuff Zero-Day holes in their products. Microsoft brings it to a total of 55 vulnerabilities in May. Among other things, Windows, Exchange Server, Office, Visual Studio and .NET are affected.

Microsoft has released the Mai security updates for Windows and other company's software products. They eliminate a total of 55 vulnerabilities , four of which are classified as critical. With the highest level of severity, Adobes PDF Applications Reader and Acrobat Zero-Day gap is also valued for which an update is also available.

But also Microsoft customers must deal with three dictionaries in May, which are already publicly known or hackers are actively exploited. They insert in .NET and Visual Studio, Exchange Server and the Common Utilities. Under certain circumstances may be able to easily insert and execute safety functions or achieve an unauthorized expansion of user rights.

Study: CIOs are pioneers of the new digital economy

 Study: CIOs are pioneers of the new digital economy when it comes to transformation and digitization, hardly a way leads to the Chief Information Officer. Customer-Experience Management, privacy and data security are among the central tasks. © t3n.de All-purpose weapon CIO: According to a current Adobe study, the CIO Publishers of the new digital economy are the CIO at the same time understood as internal change agents, the better framework conditions for the more and more important "work from anywhere "Environment and thus creating the satisfac

The Zero Day Initiative also classifies the vulnerability with the CV-2021-31166 identifier in HTTP Protocol Stack as particularly serious. "This patch fixes a mistake that could allow an unauthenticated attacker to run from the remote code with kernel rights. An attacker would only have to send a specially prepared package to an affected server. " Since Windows 10 can also be configured as a web server, the operating system is also affected.

Other Patches are available for Internet Explorer, Bluetooth Drivers, Dynamics, Office, Windows Codecs Library, Hyper-V, Skype for Business, and Windows Components OLE, RDP Client, SMB, SSDP Service, and Wireless Networking . For Windows 10, Microsoft offers the fixes as always in the context of new cumulative updates.

Adobe in turn stuffs a total of 14 holes in Reader and Acrobat , which is used by a "target-based attacks" on Windows users. Acrobat DC and Reader DC version 2021.001.20150 and earlier, Acrobat 2020 and Reader 2020 Version 2020.001.30020 and earlier as well as Acrobat 2017 and Reader 2017 Version 2017.011.30194.

For ten vulnerabilities Adobe awards the severity critical. They allow remote code execution or give storage contents price. The bugs were discovered by several independent security researchers as well as Cisco employees, Baidu Security and Haboob Labs.

Windows Patchday: Microsoft eliminates six active zero-day gaps .
© Provided by Silicon Shutterstock Update Keyboard 800 Two of them combine hackers with a zero-day gap in Chrome for targeted attacks. Overall, Microsoft stuffs 50 security holes in July. In addition to Windows and Office, SharePoint, Edge, Exchange Server and Dynamics 365. Microsoft has published the monthly security updates for Windows, Office and other products.

usr: 1
This is interesting!