Select Page

Times to gear up your systems and software.

Just a few minutes ago Microsoft released its latest monthly Patch Tuesday update for September 2018, patching a total of 61 security vulnerabilities, 17 of which are rated as critical, 43 are rated Important, and one Moderate in severity.

This month’s security updates patch vulnerabilities in Microsoft Windows, Edge, Internet Explorer, MS Office, ChakraCore, .NET Framework, Microsoft.Data.OData, ASP.NET, and more.

Four of the security vulnerabilities patched by the tech giant this month have been listed as “publicly known” and more likely exploited in the wild at the time of release.

CVE-2018-8475: Windows Critical RCE Vulnerability

One of the four publicly disclosed vulnerabilities is a critical remote code execution flaw (CVE-2018-8475) in Microsoft Windows and affects all versions Windows operating system, including Windows 10.

The Windows RCE vulnerability resides in the way Windows handles specially crafted image files. To execute malicious code on a target system, all a remote attacker needs to do is just convince a victim to view an image.

Given its severity and easiness of exploitation, you can expect an exploit targeting Windows users in coming days.

images from Hacker News