While May brings a modest amount of updates from Microsoft, some important vulnerabilities deserve immediate attention, especially from companies. By all accounts, this is a very important priority this month CVE-2021-31166And Windows 10 and Windows Server, allowing an unauthorized attacker to remotely run malicious code at the operating system level. With this vulnerability, an attacker can compromise by sending well-designed data to a host.
“It boils down to this error, and Microsoft is calling for it to be written,” he said. Dustin’s Shields, With ZDI من Trend Micro a program. “Before you put this aside, you can configure Windows 10 as a web server, so this one is also vulnerable. Definitely put this at the top of your test and post list. “
Kevin Breen from High speed modulus However, 0.2 points from a valid CVSS score of 10 should suffice to determine the significance of the adhesive.
“For ransomware operators, this type of vulnerability is a prime target for exploitation,” Breen said. “Warmble’s exploits should always be a top priority, especially if they are intended for services designed to be public. Since this specific exploitation does not require any recognition, it will remain vulnerable to attackers and any company that uses the HTTP.sys protocol layer should prioritize this connection. ”
Breen also called for attention CVE-2021-26419 – a loophole in Internet Explorer 11 – Create a case explaining why IE should use the word “Internet Explorer”. To trigger this vulnerability, a user must visit a site controlled by the attacker, however Microsoft recognizes that it can be triggered by embedding ActiveX controls in office documents.
Brian said, “I have to die – I just don’t think so.” “If you are a company that requires IE11 to support legacy applications, consider implementing a user policy that restricts the domains that IE11 can access for only those legacy applications. Browsing the web must be done in a supported browser. “
Another interesting bug has been fixed this month CVE -2020-24587, Described as “vulnerability to disclosure of information on Windows wireless networks.” ZDI’s Childs said it could be very harmful.
“This connection fixes a loophole that allows the attacker to detect the contents of encrypted wireless packets on the infected computer,” he said. “It is not clear what the scope of such an attack would be, but some need for proximity must be taken into account. You’ll also notice that this CVE came from 2020, which means Microsoft has been working on this fix for some time. ”
Microsoft has also drilled four security holes Transport server Company email site, which was done recently The remaining four days were besieged by attacks on transmission defects As a result, hundreds of thousands of servers have been compromised around the world. An error has been added Tilt orange Responsible for the DEVCORE Research Team Exchange Server ProxyLogon detects a vulnerability Has been merged The band was released again in March.
“Although none of these flaws is significant in nature, it is a reminder that researchers and attackers still pay close attention to the Exchange server looking for additional vulnerabilities, so companies that haven’t yet updated their settings should do so soon. Satnam Narang, Personnel Research Engineer ten.
As always, it’s good for Windows users to get in the habit of updating at least once a month, but for regular users (read: not companies), it’s best to wait a few days for patches to be released, so Microsoft has time to get rid of any kinks in New shields.
Before updating, Please Make sure to back up your computer and / or important files. It is not uncommon for a Windows Update package to click or prevent the system from booting properly, and some updates have been known to erase or corrupt files.
So do help and back up yourself before installing any patches. Windows 10 also has some Built-in tools To help you do this on a file / folder basis or by making a full, bootable copy of your hard drive at the same time.
If you want to make sure Windows Update is set to pause, you can back up your files and / or system before the operating system decides to restart the links and install them on its own table. See this guide.
If you encounter any issues or problems establishing any connections during these months, please leave a comment below; Other readers have a better chance to try this, and they can link here with some helpful advice.