1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Patch Tuesday: Microsoft released 12 patches, 8 rated critical, 1 for a zero-day

Discussion in 'Network World' started by RSS, Dec 8, 2015.

  1. RSS

    RSS New Member Member

    Way to go! Congratulations on suffering through another year of deploying security patches. Microsoft released 12 security bulletins for the last Patch Tuesday of 2015, eight of which are rated as critical for remote code execution vulnerabilities. Hopefully none will result in exceedingly uncool changes like Microsoft snuck into Windows 10 last month to reset privacy settings and default programs.

    Although Microsoft regards MS15-135 only as “important,” it would be wise to jump on this one as it is the fix for a zero-day vulnerability in the Windows kernel that attackers are exploiting to escalate privilege, according to Qualys CTO Wolfgang Kandek. You wouldn’t know it by its Microsoft-rated “important” status, as Redmond’s security team mentioned that it resolves flaws in Windows kernel-mode drivers. Nils Sommer of bytegeist, working with Google Project Zero, is credited with reporting three CVE’s associated with this patch.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page