Security News > 2023 > August > Microsoft, Intel lead this month's security fix emissions

The advisory for that flaw, ADV230003, is related to last month's CVE-2023-36884 in Microsoft Office, and as the IT giant notes, it's a "Defense in depth update." Installing the update "Stops the attack chain leading to the Windows Search security feature bypass vulnerability," we're told.

Finally the XMP-Toolkit-SDK update plugs an important security hole that could lead to application denial of service.

Exploitation could allow an unauthenticated attacker to run arbitrary queries against the back-end database via a proxy, Thomas Fritsch, an SAP security researcher at Onapsis, told The Register.

AMD today released nine security updates to fix 13 flaws.

Finally, Google pushed its Android August security updates yesterday to fix bugs affecting those devices.

"The most severe of these issues is a critical security vulnerability in the System component that could lead to remote code execution with no additional execution privileges needed," Google warned, adding that this vulnerability doesn't need any user interaction for exploitation.

News URL

https://go.theregister.com/feed/www.theregister.com/2023/08/08/microsoft_intel_august_patch_tuesday/