back to article Microsoft's July Patch Tuesday fixes actively exploited bug

Despite worries that Patch Tuesday may not be as exciting now that Microsoft's Windows Autopatch is live — with a slew of caveats — the second Tuesday of this month arrived with 84 security fixes, including 4 critical bugs and one that's under active exploit.  Let's start with the one that miscreants have already found and …

  1. Pascal Monett Silver badge
    Holmes

    "usually a specially crafted Office or Adobe document"

    And once again the lesson is : don't open attachments from people you don't know.

    1. FILE_ID.DIZ
      FAIL

      Re: "usually a specially crafted Office or Adobe document"

      Well, the crims have thought about that.

      So, they break into someone's mailbox who you know, well because they didn't know that rule, and then email you a hot load.

      And in the words of that Faberge Organics ad... And they'll tell their friends- and so on, and so on

      All attachments should be suspect. Period.

      1. Richard 12 Silver badge

        Re: "usually a specially crafted Office or Adobe document"

        And remember, if someone has a big enough address book, the chances of the miscreant emailing a dodgy attachment to at least one recipient who is expecting an email with an attachment is also fairly high.

        So make sure the text and the filename match up.

        And when sending, the subject and body mist contain letters and or numbers describing the specific content attached.

        Never send "here's the file you wanted".

  2. Zippy´s Sausage Factory
    Windows

    So why on earth did they decide not to block all Office macros by default? I mean, it's not like they're getting a cut of the profits from antivirus firms, is it?

    And it's not that big a deal. I mean, even people who use them often (like me) don't really find it much of a hardship to turn them on when we need them.

    1. IGotOut Silver badge

      Dunno, maybe read the linked article?

  3. Filippo Silver badge

    Also, the hotspot feature now works again in Win10.

  4. Kev99 Silver badge

    You'd think after writing code for close to 40 years mictosoft would know how to write code that didn't have vulnerabilies, holes, and backdoors. But then again, we are talking about mictosoft.

  5. This post has been deleted by its author

  6. Wolfclaw
    FAIL

    Could be worse, just gone through W10 patching nightmare, KB5015807 + IE Enterprise mode site list + Application Guard = broken IE compatibility, resolution emergency removal of Application Guard via SCCM to estate. Not bad first patch after officially killing IE11 and Microsoft screw it up !!

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like

Biting the hand that feeds IT © 1998–2022