What if we said that you could be hacked in over a hundred ways right now? Sounds like an exaggeration, yet in April 2017 alone, major software vendors provided security updates patching hundreds of security vulnerabilities – many of which are considered Critical or Remotely Exploitable.
Most people now own multiple devices or computers, and may fail to recognize the multiple attack surfaces available in that diverse selection. For example, you may own an iPhone, an Android tablet, a Laptop (or two) and a PC. Running on these devices may be Adobe Acrobat, Adobe Flash, Java Runtime Environment and other common software. Multiply this by any additional members of your household and we increase the attack surface exponentially. So many attack vectors which require your attention.
Here is a quick look at just a few of the most common software updates in the last 30 days.
Microsoft Windows and Office
On the second Tuesday of every month, Microsoft issues security patches for each of its supported operating systems for both standard and Server editions. This month, on April 11, Microsoft issued 196 Critical updates affecting every version of Windows, from Vista to Windows 10, and Server 2008 to Server 2016. Also updated were all supported versions of Internet Explorer, Edge, .NET and the Adobe Flash plugin distributed by Microsoft. Several fixes included in these patches are considered a response to a recent release of NSA hacking tools and malware by the hacking group known as Shadow Brokers.
In addition to Windows patches, Microsoft provided 14 updates for all supported versions of Office and Outlook (versions 2007, 2010, 2013 and 2016). These fixes include a remote code execution vulnerability in Outlook and vulnerability fix, to bypass Outlook security features which could allow execution of malicious code on the user’s system in (Read more...)
This is a Security Bloggers Network syndicated blog post authored by Patrick Knight. Read the original post at: Cylance Blog