Patch/Configuration Management, Vulnerability Management

Microsoft, Oracle release security updates

Microsoft and Oracle issued security updates with Redmond, Wash., company patching a single issue in Windows Defender Application Control while Oracle’s update covered over 100 products and dozens of vulnerabilities.

The issue with Windows Defender, CVE-2019-1167, if exploited would allow an attacker to circumvent PowerShell Core Constrained Language Mode on the machine. However, Microsoft noted to be successful an attacker an attacker would need administrator access to the local machine where PowerShell is running in Constrained Language mode. The update corrects the problem.

Oracle’s July critical patch update advisory covered 121 different products with each being associated with multiple CVEs. Oracle previously released security alerts in May and June.  

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.