Today is “Patch Tuesday” and Neowin and Bleeping Computer have the list of fixes that are included for these patches for Windows 11 and 10. Those articles are worth a read.
Tom Marsland, VP of Technology, Cloud Range, and Board Chairman of VetSec had these comments:
“Today’s Patch Tuesday from Microsoft fixes a publicly disclosed zero-day, a design issue in the Domain Name System Security Extensions (DNSSEC) that could be exploited to cause a denial-of-service attack in vulnerable DNS resolvers. According to researchers that found the vulnerability (which had been present in DNSSEC for the better part of two decades), an attacker “could completely disable large parts of the worldwide Internet.”
This patch Tuesday fixed quite a few remote code execution vulnerabilities, however, the vulnerabilities do require local access to the vulnerabilities in question. These attacks could’ve taken the form of tricking users into opening malicious documents, or other forms of social engineering to exploit these systems and applications, which includes SharePoint, Visual Studio, Microsoft Office, and Microsoft Outlook.
While most of these items patched are not seeing exploits in the wild, it is important for system administrators and security personnel to make a judicious effort to patch systems as soon as possible after this release.”
I would encourage you to read those so that you can see what’s been fixed and deploy these fixes when you can. Because installing these patches are an easy way to keep yourself secure.
Related
This entry was posted on June 11, 2024 at 3:33 pm and is filed under Commentary with tags Microsoft. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Today Is Patch Tuesday…. It’s Patching Time!
Today is “Patch Tuesday” and Neowin and Bleeping Computer have the list of fixes that are included for these patches for Windows 11 and 10. Those articles are worth a read.
Tom Marsland, VP of Technology, Cloud Range, and Board Chairman of VetSec had these comments:
“Today’s Patch Tuesday from Microsoft fixes a publicly disclosed zero-day, a design issue in the Domain Name System Security Extensions (DNSSEC) that could be exploited to cause a denial-of-service attack in vulnerable DNS resolvers. According to researchers that found the vulnerability (which had been present in DNSSEC for the better part of two decades), an attacker “could completely disable large parts of the worldwide Internet.”
This patch Tuesday fixed quite a few remote code execution vulnerabilities, however, the vulnerabilities do require local access to the vulnerabilities in question. These attacks could’ve taken the form of tricking users into opening malicious documents, or other forms of social engineering to exploit these systems and applications, which includes SharePoint, Visual Studio, Microsoft Office, and Microsoft Outlook.
While most of these items patched are not seeing exploits in the wild, it is important for system administrators and security personnel to make a judicious effort to patch systems as soon as possible after this release.”
I would encourage you to read those so that you can see what’s been fixed and deploy these fixes when you can. Because installing these patches are an easy way to keep yourself secure.
Share this:
Like this:
Related
This entry was posted on June 11, 2024 at 3:33 pm and is filed under Commentary with tags Microsoft. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.