Microsoft fixes 50 vulnerabilties in Windows, Office, Edge and Explorer
Click here to post a comment for Microsoft fixes 50 vulnerabilties in Windows, Office, Edge and Explorer on our message forum
FM57
Did anybody ever sum up the total of vulnerabilities found in Windows since, say, 3.1 ?
I would looove to know that ridiculous number
Fox2232
That would be very boring number. But with each of fix, MS knows since when they had such vulnerability in system.
Much more interesting would be graph over time showing number of unpatched security holes.
But I doubt MS is suicidal enough to release such graph.
sverek
M$ should take red pill and release source code.
Angantyr
Is there a reason why the protections against the execution side channel vulnerability CVE-2018-3639 are disabled by default?
Robbo9999
Good point, and I noticed this too. That's another new version of the Spectre vulnerability that was found in May this year. Intel/Microsoft think that the risk of infection from this exploit is low, and I don't know if there is a performance cost associated with it's enabling. You have to edit the registry to enable the protection, so they've made it difficult to do, most people won't enable the protection. I wrote a post on this yesterday on notebookreview forums (some more detail in there):
http://forum.notebookreview.com/threads/cpu-vulnerabilities-meltdown-and-spectre-kernel-page-table-isolation-patches-and-more.812424/page-98#post-10744872
schmidtbag
I have a really hard time believing Internet Explorer would have any vulnerabilities. I'm pretty sure this is fake news.
/s
I'm more interested in the known vulnerabilities that were never fixed.
sykozis
I know... The idea that IE would have a vulnerability is blasphemous!!!
MS will never commit suicide like that....
sverek
There is no way, Javascript can take any file from client system and send it to the server!
