1/8/2023 0 Comments Critical updates december 2015![]() I’m not sure why Microsoft included this is a separate bulletin, with a lower severity, since it seems to have a similar impact and mitigating factors as the flaws above. MS14-082 – Important – Office Code Execution Flaw – Word, an Office component, suffers from yet another code execution vulnerability, similar to the two described above.In short, if an attacker can get you to open a malicious Office file, she can exploit these flaws to execute code on your computer. MS14-081 – Critical – Two Word Remote Code Execution Flaws – Word suffers from two flaws involving how it handles specially crafted Office files.The remaining flaws allow attackers to spoof emails to appear to come from someone else, or to spoof links that appear to link to somewhere else. If an attacker can trick you into clicking a specially crafted link on a system you use for OWA, he could exploit these flaws to gain access to your email as you. The worst are a pair of cross-site scripting (XSS) flaws. MS14-075 – Important– Four Exchange Server Vulnerabilities – Microsoft’s email server, Exchange, suffers from four security flaws. ![]() If you have local administrator privileges, the attacker gains full control of your PC. If an attacker can get you to visit a site with malicious code, he could exploit these flaws to run code on your machine. These are the types of flaws typically used in drive-by download attacks.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |