ASUS Crosshair X670E HERO review
Patriot Viper Venom DDR5 6200 CL40 review
AMD Ryzen 9 7900X processor review
AMD Ryzen 5 7600X processor review
AMD Ryzen 7 7700X review
AMD Ryzen 9 7950X review
DDR5 Ryzen 7 7700 DDR5 memory scaling review
Seasonic Arch Q503 chassis + Connect PSU review
GeForce RTX 4080/4090 announcements (preview)
Corsair HS55 Wireless Core Headset review
Microsoft patches actively exploited zero-day in IE as wel as 73 security issues
If you received a Windows update yesterday, it was related to this news-item. Microsoft patched an actively attacked vulnerability in Internet Explorer and 73 other vulnerabilities during yesterday’s Patch Tuesday of February.
The zero-day vulnerability in Internet Explorer was discovered by Google and allowed attackers to test for the presence of specific files on disk reports myce:
To become a victim of the attack, a user only had to visit a malicious website. While Microsoft reports the issue is actively attacked, it’s unknown where the attack took place, how it was discovered and what kind of files attackers were looking for. These kinds of “information disclosure” vulnerabilities have been abused in the past to collect all kinds of data on attacked systems. It e.g. allows attacker to check for specific security software or to check whether the system is part of a virtual machine or automated system used by security researchers.
Microsoft also patched four vulnerabilities this month of which details were already disclosed before the company released patches for them. According to Microsoft, none of the vulnerabilities have been targeted in an attack.
From those four, the first is an information disclosure attack in Windows which allows an attacker to read the contents of files on a computer. The second vulnerability was in Exchange Server and allowed an attacker to gain the same privileges as other users. This way the attacker could access the mailbox of other users and read their emails.
The other two vulnerabilities were in Microsoft’s Team Foundation server and allowed an attacker to read content for which he was not authorized, to execute malicious code and to perform all kinds of actions in name of other users, such as changing and deleting content.
Microsoft further patched vulnerabilities in Internet Explorer, Edge, Windows, Office ChakraCore .NET Framework, Exchange Server, Visual Studio, Azure IoT SDK, Microsoft Dynamics, Team Foundation Server and Visual Studio Code. On most computers the patches are automatically downloaded and installed.
Microsoft fixes connection problems with Windows Update - 02/07/2019 09:47 AM
Microsoft has been having DNS issues, with the result that Windows users did not get their updates. Microsoft has confirmed that the problems are solved and updates can be installed again. ...
Microsoft confirms problem with Windows 10 update halting systems from starting - 02/04/2019 10:10 AM
Microsoft has confirmed an issue with the latest update for Windows Defender for both Windows 10 and Windows Server 2016. The update was released earlier this week and due to the issue, some Windows 1...
Promo: Microsoft Windows 10 Pro and Office 2016 Pro for 34 USD - 02/01/2019 10:14 AM
URCDKey is a license site available for various platforms, whether for software or games. URCDKeys brings as a novelty the offer at a competitive price known Microsoft widow 10 Pro OEM or Microsoft O...
Microsoft will add ‘login with SMS code’ options on all Windows 10 versions - 01/07/2019 10:14 AM
Microsoft announced all Windows 10 versions will get the option to set up and sign in to the operating systems through SMS / text messages. By using this option, you can login without using a password...
Microsoft to launch 4K webcams in 2019 - 12/24/2018 10:54 AM
Hmm think Windows Hello here? A biometric authentication system can use your face, iris, and fingerprint, among other things, to log in on your Windows 10. Now it seems that Microsoft has a number o...
FM57
Senior Member
Posts: 220
Joined: 2016-12-28
Senior Member
Posts: 220
Joined: 2016-12-28
#5639496 Posted on: 02/14/2019 10:43 AM
HH:
"Aoccdrnig to rscheearch at Cmabrigde Uinervtisy, it deosn't mttaer in waht oredr the ltteers in a wrod are, the olny iprmoetnt tihng is taht the frist and lsat ltteer be at the rghit pclae. The rset can be a toatl mses and you can sitll raed it wouthit a porbelm. Tihs is bcuseae the huamn mnid deos not raed ervey lteter by istlef, but the wrod as a wlohe."
I know, I know, that happens when you rush to publish the news on the best site of the industry
HH:
"Aoccdrnig to rscheearch at Cmabrigde Uinervtisy, it deosn't mttaer in waht oredr the ltteers in a wrod are, the olny iprmoetnt tihng is taht the frist and lsat ltteer be at the rghit pclae. The rset can be a toatl mses and you can sitll raed it wouthit a porbelm. Tihs is bcuseae the huamn mnid deos not raed ervey lteter by istlef, but the wrod as a wlohe."
I know, I know, that happens when you rush to publish the news on the best site of the industry
mbk1969
Senior Member
Posts: 12810
Joined: 2013-01-17
Senior Member
Posts: 12810
Joined: 2013-01-17
#5639523 Posted on: 02/14/2019 12:26 PM
You want the team of IE to resolve issues in DX?
M$: If you have game problem I feel bad for you son, I got 73 security issues but DX ain't one.
You want the team of IE to resolve issues in DX?
schmidtbag
Senior Member
Posts: 6841
Joined: 2012-11-10
Senior Member
Posts: 6841
Joined: 2012-11-10
#5639691 Posted on: 02/14/2019 06:16 PM
This is one of the few cases where I'll give MS a pass for sloppy testing. Nobody should be using IE in the first place if security exploits are a concern to them.
This is one of the few cases where I'll give MS a pass for sloppy testing. Nobody should be using IE in the first place if security exploits are a concern to them.
fantaskarsef
Senior Member
Posts: 13536
Joined: 2014-07-21
Senior Member
Posts: 13536
Joined: 2014-07-21
#5639744 Posted on: 02/14/2019 08:11 PM
Liked for style points.
Liked for the second thought scare.
M$: If you have game problem I feel bad for you son, I got 73 security issues but DX ain't one.
Liked for style points.
You want the team of IE to resolve issues in DX?
Liked for the second thought scare.
Click here to post a comment for this news story on the message forum.
Posts: 6073
Joined: 2011-01-02
M$: If you have game problem I feel bad for you son, I got 73 security issues but DX ain't one.