This month’s Patch Tuesday entry patched a number of significant vulnerabilities, including CVE-2018-8225, a remote code execution vulnerability that occurs when the Windows Domain Name System (DNS) component DNSAPI.dll fails to handle DNS responses properly.

An attacker exploiting this vulnerability can use a variety of methods such as man-in-the-middle attacks or DNS server manipulation to execute code at the local level.

The June Patch Tuesday addresses another critical remote code execution vulnerability, CVE-2018-8231, which affects the HTTP Protocol stack component Http.sys used to process HTTP requests at high speed. Microsoft notes that exploitation of this vulnerability involves an unauthenticated attacker sending a specially crafted packet to a targeted Http.sys server.

If successful, the attacker then gains control of the targeted system…

Lese weiter auf: June Patch Tuesday: Microsoft Addresses DNS-related Vulnerability, Adobe Patches Critical Flash Player Flaw
Quelle: TrendLabs Malware Blog

Kommentare und Fragen
Möchtest Du zu diesem Artikel ein Kommentar abgeben oder hast dazu eine Frage, dann mach dies bitte immer auf der Herausgeberseite!
Aktuelles von TrendLabs Malware Blog
DSGVO-Informationen by TRADAR

Diese Information erscheint unabhängig vom Artikel!

Glaubst Du, dass Deine Freunde diese Information noch nicht kennen? Teile es mit ihnen.