Microsoft releases 18 security bulletins, 9 rated critical, many bugs disclosed/exploited

Ms. Smith – Network World

Patch Tuesday

Be prepared for restarts and big day of patching after Microsoft skipped Patch Tuesday in February. For March, Microsoft released 18 security bulletins split into nine critical and nine important security updates.

Rated critical

MS17-006 patches 12 security issues in Internet Explorer. One of three information disclosure flaws has been publicly disclosed but is not being exploited, one of the three memory corruption bugs has been publicly disclosed but is not being exploited, and one of them has not been publicly disclosed but is being exploited. Both of the browser spoofing vulnerabilities have been publicly disclosed as has the Internet Explorer elevation of privilege flaw. The patch also addresses a scripting engine information disclosure bug and two scripting engine memory corruption flaws.

MS17-007 is the fix for a whole pile of problems in Microsoft Edge – 32 of them! Of those that have been publicly disclosed, two are listed as Microsoft browser spoofing vulnerabilities, one is called Microsoft Edge spoofing vulnerability, one is a Microsoft browser memory corruption vulnerability, and one is a Microsoft browser information disclosure flaw. Microsoft has each marked as not being exploited despite being publicly disclosed.


The remaining 18 scripting engine memory corruption vulnerabilities…

Leave a comment

Your email address will not be published.

Loading ...