12.08.2018 (MS08-049) Vulnerabilities in Event System Could Allow Remote Code Execution (950974) This update resolves two privately reported vulnerabilities in Microsoft Windows Event System that could allow remote code execution.12.08.2018 (MS08-046) Vulnerability in Microsoft Windows Image Color Management System Could Allow Remote Code Execution (952954) This update resolves a privately reported vulnerability in the Microsoft Image Color Management (ICM) system that could allow remote code execution in the context of the current user.09.07.2018 MS13-053: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2850851) This security update resolves two publicly disclosed and six privately reported vulnerabilities in Microsoft Windows.11.02.2018 MS14-011: Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution (2928390) This security update resolves a privately reported vulnerability in the VBScript scripting engine in Microsoft Windows.12.01.2018 (MS10-001) Vulnerability in the Embedded OpenType Font Engine Could Allow Remote Code Execution (972270) This security update resolves a privately reported vulnerability in Microsoft Windows.13.04.2018 MS10-020: Vulnerabilities in SMB Client Could Allow Remote Code Execution (980232) This security update resolves one publicly disclosed and several privately reported vulnerabilities in Microsoft Windows.13.04.2018 MS11-020: Vulnerability in SMB Server Could Allow Remote Code Execution (2508429) This security update resolves a privately reported vulnerability in Microsoft Windows.10.04.2018 CVE-2012-0168 Microsoft Internet Explorer 6 through 9 allows user-assisted remote attackers to execute arbitrary code via a crafted HTML document that is not properly handled during a "Print table of links" print operation, aka "Print Feature Remote Code Execution Vulnerability."18.08.2018 CVE-2008-3703 The management console in the Volume Manager Scheduler Service (aka VxSchedService.exe) in Symantec Veritas Storage Foundation for Windows (SFW) 5.0, 5.0 RP1a, and 5.1 accepts NULL NTLMSSP authentication, which allows remote attackers to execute arbitrary code via requests to the service socket that create"snapshots schedules"registry values specifying future command execution. NOTE: this issue exists because of an incomplete fix for CVE-2007-2279.15.08.2018 SYM08-015: Veritas Storage Foundation for Windows Volume Manager Scheduler Service for Windows Security Update Circumvention It is possible to circumvent the security patch that resolved a previously identified authentication bypass, remote code execution vulnerability in the Veritas Storage Foundation for Windows v5.0 Volume Manager Scheduler Service.
Нет комментариев. Почему бы Вам не оставить свой?
Вы не можете отправить комментарий анонимно, пожалуйста зарегистрируйтесь.