On Patch Tuesday this month, Microsoft has fixed a number of significant security flaws in its products and services to keep the user systems protected.
One of the critical security updates fixed this Patch Tuesday is CVE-2019-0676 that was affecting Internet Explorer. It was an information disclosure vulnerability that exists when IE improperly handles objects in memory.
“An attacker who successfully exploited this vulnerability could test for the presence of files on disk. For an attack to be successful, an attacker must persuade a user to open a malicious website,” explained Microsoft.
“The security update addresses the vulnerability by changing the way Internet Explorer handles objects in memory.”
Another important security fixes included CVE-2019-0630 and CVE-2019-0633 (Windows SMB Remote Code Execution Vulnerability). This vulnerability exists in the way Microsoft Server Block 2.0 (SMBv2) server handles certain requests.
Microsoft had also fixed Windows DHCP Server Remote Code Execution Vulnerability that could allow attackers to send specially crafted packets to a DHCP server and then run arbitrary code on the server.
Apart from these, the tech giant has released more security updates to prevent users from attacks. Last month, the company had also made some quality improvements and fixes, including addressing the issue that could cause Microsoft Edge to stop working with certain display drivers.
Also read: Azure IoT Edge now supports virtual machines