Microsoft Patches Over 50 Security Vulnerabilities Today – Windows 10 Builds 16299.64 and 15063.728 Start Rolling Out
It's Patch Tuesday which means it's time to update your Windows devices. Microsoft has started to roll out Windows 10 cumulative updates carrying security fixes to numerous issues. The fixes are available to both the PC and Mobile devices. This is the second wave of updates coming to Windows devices this month, as the company already released updates to Windows 10 earlier this month.
Today's update brings fixes to over 53 security vulnerabilities, covering Internet Explorer, Microsoft Edge, Windows, Microsoft Office, ASP.NET Core, and Chakra Core. 20 of these are rated critical, with 30 rated as important. "There’s definitely a malware vibe to this month’s release, as many of the updates directly relate to techniques used to spread the unwanted software," Zero Day Initiative said in an email to Wccftech.
It should be noted that at least three of these vulnerabilities that Microsoft has fixed have been publicly disclosed, which means it will become easier for attackers to use them. Tracked as CVE-2017-11827, CVE-2017-8700, and CVE-2017-11848, the issues can lead to code execution and information disclosure. One of the issue fixed with today's updates include CVE-2017-11877 that fixes an Excel security feature bypass vulnerability that fails to enforce Macro settings, which are often used by attackers.
"Macros have been used by malware authors for years - the most famous (Melissa) dating all the way back to 1999," Dustin Childs, communications manager for the ZDI wrote in an email to Wccftech. "Word and Excel check for the existence of macros, but CVE-2017-11877 details how this check is bypassed in Excel."
It could allow a malware writer to embed a malicious macro in an Excel spreadsheet. The macro would execute once the spreadsheet was opened by the target victim.
It is critically important to install these security updates as soon as they are made available since criminals wait for these disclosures to power the next wave of malware as a huge number of machines never gets patched.
What does today's update brings to Windows 10 Fall Creators Update
Here is the complete list of performance and feature issues that have been addressed with today's cumulative build 16299.64 (KB4048955):
You can head over to this listing for problems fixed in Windows 10 Creators Update (KB4048954). For information on security bugs that Microsoft has patched today, go to this portal. Please note that Microsoft has also included security patches released by Adobe to over 80 issues.