Microsoft released security patches for a slew of products today covering 61 vulnerabilities with 17 being rated critical focusing mainly on browsers, Windows and Office and it patched the ALPC zero-day that was reported last month.
All of the critical issues can lead to remote code execution if exploited, but the ALPC patch is probably the highest profile fix of the day as it is an elevation of privilege vulnerability that would “allow an attacker who successfully exploits this vulnerability could run arbitrary code in the context of the local system which pretty much gives them the run of the system,” said Chris Goettl, Ivanti’s director of product management for security.
The ALPC issue was almost immediately exploited with exploits coming days after it came to light.
Please register to continue.
Already registered? Log in.
Once you register, you'll receive:
The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.
Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.
SC Media’s essential morning briefing for cybersecurity professionals.
One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.