Security News > 2020 > February > Update Microsoft Windows Systems to Patch 99 New Security Flaws
A few hours after Adobe today released security updates for five of its widely-distributed software, Microsoft also issued its February 2020 Patch Tuesday edition with patches for a total of 99 new vulnerabilities.
All supported versions of Microsoft Windows also contain a critical RCE flaw that an attacker with a domain user account can exploit to execute arbitrary code on the targeted system with elevated permissions.
There's another critical vulnerability that exists in the way Microsoft Windows operating system parses LNK shortcuts, successful exploitation of which could allow a remote attacker to execute arbitrary code on the affected system and take full control of it.
"The attacker could present to the user a removable drive, or remote share, that contains a malicious.LNK file and an associated malicious binary. When the user opens this drive(or remote share) in Windows Explorer, or any other application that parses the.LNK file, the malicious binary will execute code of the attacker's choice on the target system," the advisory says.
For installing the latest security updates, you can head on to Settings Update & Security Windows Update Check for updates on your computer, or you can install the updates manually.
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/lcB0YtOgiXI/microsoft-windows-updates.html
Related news
- Microsoft: Windows 11 22H2 reaches end of support in 60 days (source)
- Microsoft is killing the Windows Paint 3D app after 8 years (source)
- AMD won’t patch Sinkclose security bug on older Zen CPUs (source)
- Windows 10 KB5041580 update released with 14 fixes, security updates (source)
- Microsoft August 2024 Patch Tuesday fixes 9 zero-days, 6 exploited (source)
- Windows Server August updates fix Microsoft 365 Defender issue (source)
- Microsoft patches scary wormable hijack-my-box-via-IPv6 security bug and others (source)
- Microsoft patches scary wormable hijack-my-box-via-IPv6 security bug and others (source)
- Microsoft retires Windows updates causing 0x80070643 errors (source)
- Zero-click Windows TCP/IP RCE impacts all systems with IPv6 enabled, patch now (source)