Security News > 2015 > July > Microsoft plugs another Windows zero-day with emergency patch (Help Net Security)
2015-07-21 09:23
Microsoft has released an emergency update that plugs a critical zero-day vulnerability (CVE-2015-2426) that affects all supported versions of Windows and could allow attackers to remotely execute cod...
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/1RKd4nWpsC0/secworld.php
Related news
- Microsoft October 2024 Patch Tuesday fixes 5 zero-days, 118 flaws (source)
- Week in review: Microsoft fixes two exploited zero-days, SOC teams are losing trust in security tools (source)
- Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 91 flaws (source)
- Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 89 flaws (source)
- Microsoft patches Windows zero-day exploited in attacks on Ukraine (source)
- Microsoft: Windows Recall now can be removed, is more secure (source)
- Recall the Recall recall? Microsoft thinks it can make that Windows feature palatable (source)
- Microsoft overhauls security for publishing Edge extensions (source)
- Microsoft fixes Windows KB5043145 reboot loops, USB and Bluetooth issues (source)
- What Is Inside Microsoft’s Major Windows 11 Update? (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-07-20 | CVE-2015-2426 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft products Buffer underflow in atmfd.dll in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted OpenType font, aka "OpenType Font Driver Vulnerability." | 9.3 |