Windows really needs an application firewall.
How long before exploits for these zero days are seen in the wild.
Paris because M$ have been caught with their pants down once again.
Microsoft on Tuesday patched a wormable hole in its Windows Server software that can be exploited remotely to completely commandeer the machine without any authorization. It was one of hundreds of security bugs squashed today by Redmond along with Oracle, Adobe, VMware, SAP and Google. Microsoft emitted fixes for 123 …
Depends how easy it is to exploit in the real world. The description states that the bug will result in the processor executing "arbitary code", but the important point is whether the attacker can know or control the place where such code will be executed, and whether the attacker will be able to reasonably reliably place their malicious code in that place. IOW can an attacker ensure that the "arbitary code" is *their* code?
Otherwise the attack is unlikely to do anything worse than crashing the system.
This post has been deleted by its author
Biting the hand that feeds IT © 1998–2021