Jump to content

Microsoft Patches Remote Code Execution Bugs in IE, Font Drivers, Windows Journal


Recommended Posts

Patch Tuesday is still with us until Windows 10. Here is today's batch and what they are.




"Patch Tuesday as we know it may be on its last legs, but it’s certainly not going quietly. A little more than a week after Microsoft announced how it would revamp patch distribution and security updates starting with Windows 10, the company today released its scheduled round of bulletins—13 in all, including three critical updates for vulnerabilities in Internet Explorer, Microsoft Font Drivers, and Windows Journal, all of which lead to remote code execution.


Today’s update runs the usual spectrum of products affected by the respective bulletins. The almost-habitual Internet Explorer cumulative update, MS15-043, is likely the highest priority; it patches 22 vulnerabilities that enable not only remote code execution, but also security feature bypasses, information disclosure and elevation of privileges. For Windows clients, most of the IE bugs are rated important by Microsoft; those rated critical include 14 memory corruption vulnerabilities in IE6-11. The bulletin also takes care of a number of ASLR bypass vulnerabilities in IE or VBScript and an IE Clipboard information disclosure issue."


See more details here: https://threatpost.com/microsoft-patches-remote-code-execution-bugs-in-ie-font-drivers-windows-journal/112762#sthash.M1K3iE9A.dpuf



Link to comment
Share on other sites

This month's Patch Tuesday list includes three Critical security updates:

Microsoft's Patch Tuesday menu for May consists of another long list of security updates for Windows, Office, and more. Only three of the Windows updates are rated Critical, however.


"Last week's headlines from the Microsoft Ignite conference breathlessly (and incorrectly) proclaimed that Patch Tuesday was dead.
As if to say, "I'm not dead yet," Microsoft's update servers delivered a heaping helping of Patch Tuesday fixes today, for Windows, Office, the .NET Framework, and Silverlight. On a Windows 8.1 System, I counted 19 updates for Windows, and a separate Windows 7 test system included 14 updates for Windows, another 11 for Office 2010, and an updated version of Silverlight.

For a detailed breakdown of which are which the full article is here: http://www.zdnet.com/article/may-2015-patch-tuesday/?tag=nl.e539&s_cid=e539&ttag=e539&ftag=TRE17cfd61

Link to comment
Share on other sites

Lots of zero-day exploits being patched on all operating systems. I wonder if the relatively-recent "rewards" system is responsible for this. Not too long ago developers tried to hide exploits and resented anyone finding them (and even telling them!). After the exploits were subsequently released - and used - in the wild the developers started to realize that the PR fallout from not bothering to patch against exploits that they had been told about - sometimes many times - was worse than doing the patches and just admitting that there were issues and here is a fix.



Link to comment
Share on other sites


This topic is now archived and is closed to further replies.

This topic is now closed to further replies.
RVers Online University


Our program provides accurate individual wheel weights for your RV, toad, and tow vehicle, and will help you trim the pounds if you need to.

Dish For My RV.

RV Cable Grip

RV Cable Grip

All the water you need...No matter where you go

Country Thunder Iowa

Nomad Internet

Rv Share

RV Air.

Find out more or sign up for Escapees RV'ers Bootcamp.

Advertise your product or service here.

The Rvers- Now Streaming

RVTravel.com Logo

  • Create New...