Microsoft released 1 2 on a major security bug fix patch-bug warning-the black bar safety net

ID MYHACK58:62201569891
Type myhack58
Reporter 佚名
Modified 2015-12-10T00:00:00


On Tuesday Microsoft announced that as part of its monthly security Bulletin part of all Windows users should update theiroperating system, the prevention from at least two major vulnerabilities. MS15-1 2 8 patched a series of memory crash vulnerability, the latter so that the hacker can install the program, preview, and delete data, and the use of user permissions to create a new account. This vulnerability initially affected Windows vista and later, it also spread to the Skype for Business 2 0 1 6, Microsoft Lync 2 0 1 0 and Lync 2 0 1 3, as well as Office 2 0 0 7 and Office 2 0 1 0 in.

Another major vulnerability MS15-1 2 4 affects all IE browsers support version, it makes the hack can be obtained and the current user is the same user privileges, affected by this vulnerability the greatest impact as an administrator using the computer of the user.

This time the Bulletin published some of the vulnerabilities also affect Microsoft Edge, the latter is Windows 1 0 use the latest browser.

The announcement represents the hack will be“the use of attack site”, and“these sites contain some of the for the above vulnerabilities and tampering of the content.” Hackers can get the user through the mail to open a specific web page.

The following is the other major vulnerability:

MS15-1 2 6 is Jscript and VBScript vulnerabilities in it so that the hackers can get the current user the same permissions. This vulnerability affects Windows vista and Windows Server 2 0 0 8 as well as Server Core installations.

MS15-1 2 7 fix for Windows DNS is a problem, which leads to the hackers by modifying Windows DNS server processing request, so as the Local System account to run the code. Only running Windows Server 2 0 0 8 and later versions of the machine will be affected.

[1] [2] next