After a stressful month, Microsoft finally releases its patch on the 14th of March. Naturally, the number of fixed vulnerabilities is higher than usual as the patch combined updates from February as well. In total, 18 different bulletins are included and they all fix certain flaws that fluctuate from critical to important. Critical vulnerabilities are labeled like this because if exploited, they would allow hackers to gain remote access to a device and initiate malicious commands. As code execution has to be feared, Microsoft did not forget to solve flaws that could lead to disclosures of sensitive and personal data. Corporation addressed issues in Windows operating systems and a number of other software applications: Microsoft Edge & Explorer, Microsoft Office, Skype for Business, Microsoft Lync, Microsoft Silverlight, Microsoft Exchange, Adobe Flash Player. In all, over 130 vulnerabilities will no longer pose as a threat after you take advantage of this juicy patch Tuesday.
The patch of 14th of March addresses the biggest amount of vulnerabilities by far. 9 of them were deemed to be critical, meaning that fixing them was the priority for Microsoft. Let’s briefly review which flaws were specified as the most demanding.
Vulnerabilities that have been given an MS17-006 ID were identified to be relevant in a popular Internet Explorer browser. Before the flaw was fixed, it could have allowed hackers to gain administrative rights after users visit cleverly-designed, deceptive websites. Remote code execution is one of the most prevalent issues in the brand-new patch. Similar group of flaws, technically referred to as MS17-007, was detected in the Microsoft Edge browser. Both of the Microsoft’s browsers exposed users to malicious attacks that might have ended in remote code execution.
The set of flaws in Windows Hyper-V was labeled with a MS17-008 ID number. Instead of accessing websites that hackers construct for the sake of obtaining remote access to a device, weak spots in Microsoft Windows allowed deceitful applications to function in the same way that fake domains do. One way or another, vulnerabilities in Microsoft Windows PDF Library, Microsoft Uniscribe, Microsoft Graphics Component and Adobe Flash Player could have allowed hackers to get remote access to devices, review software, collect sensitive information and infect them with malware. Thankfully, as the change is already in the air, we do hope that every Microsoft Windows user will pay attention to this month’s Patch Tuesday.
In the report, every single bulletin is explained in more detail. If you are interested in learning more about about the patch, you can do it by reading the full article Microsoft wrote to inform about the things it managed to do. Quite frankly, the procedures, analyses and reparations that Microsoft complemented are impressive. Before the update was released, there was a debate about whether Microsoft will stick to its tradition of producing a monthly patch on Tuesdays. We are glad that the corporation silenced the critics and continued to release monthly updates.