Sunday, April 11, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Privacy

Microsoft Patch Tuesday — January 2019 Security Updates Released

January 9, 2019
in Internet Privacy
Microsoft Patch Tuesday — January 2019 Security Updates Released
586
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

Microsoft has issued its first Patch Tuesday for this year to address 49 CVE-listed security vulnerabilities in its Windows operating systems and other products, 7 of which are rated critical, 40 important and 2 moderate in severity.

Just one of the security vulnerabilities patched by the tech giant this month has been reported as being publicly known at the time of release, and none are being actively exploited in the wild.

You might also like

Hackers Tampered With APKPure Store to Distribute Malware Apps

[WHITEPAPER] How to Achieve CMMC Security Compliance for Your Business

Alert — There’s A New Malware Out There Snatching Users’ Passwords

All the seven critical-rated vulnerabilities lead to remote code execution and primarily impact various versions of Windows 10 and Server editions.

Two of the 7 critical flaws affect Microsoft’s Hyper-V host OS that fails to properly validate input from an authenticated user on a guest operating system, three affect the ChakraCore scripting engine that fails to properly handle objects in memory in Edge, one affects Edge directly that occurs when the browser improperly handles objects in memory, and one impacts the Windows DHCP client that fails to properly handle certain DHCP responses.

The publicly disclosed flaw but not exploited in the wild, identified as CVE-2019-0579 and rated as important, concerns a remote code execution (RCE) vulnerability in the Windows Jet Database engine that could be exploited to execute arbitrary code on a victim’s system by tricking him into opening a specially-crafted file.

Other “Important” vulnerabilities are addressed in the .NET framework, MS Exchange Server, Edge, Internet Explorer, SharePoint, the Office suite, Windows Data Sharing Service, Visual Studio, Outlook, and Windows Subsystem for Linux.

One of the MS Office flaws patched this month is an information disclosure bug (CVE-2019-0560) which exists when Microsoft Office improperly discloses the contents of its memory.

Attackers can exploit this vulnerability by tricking a user into opening a specially crafted Office document. Successful exploitation could allow an attacker to obtain information from the Office memory that can later be used to compromise a victim’s computer or data.

Microsoft credited Tal Dery and Menahem Breuer of Mimecast Research Labs for this vulnerability. To know more details about their findings, you can head on to an advisory and a blog post published by Mimecast.

Lock Screen Bypass Flaw in Skype for Android Also Patched

Another notable bug patched by Microsoft this month is a privilege vulnerability (CVE-2019-0622) vulnerability in Skype for Android that could have allowed hackers to bypass the lock screen and access personal data on an Android device—by merely answering a Skype call to that device.

The Skype flaw has been rated as ‘moderate’ and requires an attacker to have physical access to your device. A patch for this vulnerability was included in the December 23 release of Skype, but Skype for Android users need to manually update the app from Google Play.

Although Microsoft does not list this as publicly known, the researcher posted a YouTube video demonstrating the vulnerability back on December 31.

Though not part of this months patch update, users are also recommended to download the latest update to patch a memory corruption vulnerability (CVE-2018-8653) in Internet Explorer that Microsoft addressed by releasing an out of band patch in December, as the flaw continues to be exploited in the wild.

Users and system administrators are strongly recommended to apply the latest security patches as soon as possible to keep hackers and cybercriminals away from taking control of their systems.

For installing the latest security patch updates, head on to Settings → Update & Security → Windows Update → Check for updates, on your computer system or you can install the updates manually.


Credit: Source link

Previous Post

Artificial Intelligence and Art - Data Science Central

Next Post

Five tips for a safer online shopping experience

Related Posts

Hackers Tampered With APKPure Store to Distribute Malware Apps
Internet Privacy

Hackers Tampered With APKPure Store to Distribute Malware Apps

April 10, 2021
[WHITEPAPER] How to Achieve CMMC Security Compliance for Your Business
Internet Privacy

[WHITEPAPER] How to Achieve CMMC Security Compliance for Your Business

April 10, 2021
Alert — There’s A New Malware Out There Snatching Users’ Passwords
Internet Privacy

Alert — There’s A New Malware Out There Snatching Users’ Passwords

April 10, 2021
Cisco Will Not Patch Critical RCE Flaw Affecting End-of-Life Business Routers
Internet Privacy

Cisco Will Not Patch Critical RCE Flaw Affecting End-of-Life Business Routers

April 9, 2021
Gigaset Android Update Server Hacked to Install Malware on Users’ Devices
Internet Privacy

Gigaset Android Update Server Hacked to Install Malware on Users’ Devices

April 9, 2021
Next Post
Five tips for a safer online shopping experience

Five tips for a safer online shopping experience

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

Job Scope For MSBI In 2021
Data Science

Job Scope For MSBI In 2021

April 11, 2021
Basic laws of physics spruce up machine learning
Machine Learning

New machine learning method accurately predicts battery state of health

April 11, 2021
Can a Machine Learning Model Predict T2D?
Machine Learning

Can a Machine Learning Model Predict T2D?

April 11, 2021
Leveraging SAP’s Enterprise Data Management tools to enable ML/AI success
Data Science

Leveraging SAP’s Enterprise Data Management tools to enable ML/AI success

April 11, 2021
Machine Learning in Finance Market is exclusively demanding in forecast 2029 | Ignite Ltd, Yodlee, Trill A.I., MindTitan, Accenture, ZestFinance – KSU
Machine Learning

Machine Learning in Finance Market is exclusively demanding in forecast 2029 | Ignite Ltd, Yodlee, Trill A.I., MindTitan, Accenture, ZestFinance – KSU

April 10, 2021
Vue.js vs AngularJS Development in 2021: Side-by-Side Comparison
Data Science

Vue.js vs AngularJS Development in 2021: Side-by-Side Comparison

April 10, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • Job Scope For MSBI In 2021 April 11, 2021
  • New machine learning method accurately predicts battery state of health April 11, 2021
  • Can a Machine Learning Model Predict T2D? April 11, 2021
  • Leveraging SAP’s Enterprise Data Management tools to enable ML/AI success April 11, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates