Security News > 2015 > July > Microsoft plugs another Windows zero-day with emergency patch (Help Net Security)
2015-07-21 09:23
Microsoft has released an emergency update that plugs a critical zero-day vulnerability (CVE-2015-2426) that affects all supported versions of Windows and could allow attackers to remotely execute cod...
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/1RKd4nWpsC0/secworld.php
Related news
- Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 91 flaws (source)
- Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 89 flaws (source)
- Microsoft patches Windows zero-day exploited in attacks on Ukraine (source)
- Microsoft plans to boot security vendors out of the Windows kernel (source)
- Microsoft announces new and improved Windows 11 security features (source)
- Microsoft Launches Windows Resiliency Initiative to Boost Security and System Integrity (source)
- Security? We've heard of it: How Microsoft plans to better defend Windows (source)
- Microsoft says premature patch could make Windows Recall forget how to work (source)
- New Windows zero-day exposes NTLM credentials, gets unofficial patch (source)
- Microsoft December 2024 Patch Tuesday fixes 1 exploited zero-day, 71 flaws (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-07-20 | CVE-2015-2426 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft products Buffer underflow in atmfd.dll in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted OpenType font, aka "OpenType Font Driver Vulnerability." | 0.0 |