The Windows 10 Mail app is getting new Fluent Design density elements

Share

"As it's a flaw in Microsoft's VBScript engine, there are a variety of potential attack vectors".

Security experts recommend all Windows users - individuals and businesses alike - patch this flaw as quickly as possible. Also that the complete session will soon be posted to Microsoft Build website.

Windows 10 updates
May Patch Tuesday Fixes Two Bugs Under Active Attack

Microsoft said attackers could exploit this bug by hosting an exploit in website ads or on a website, conning people into viewing malicious content within the Internet Explorer browser.

The attack exploit could also be targeted via malicious advertisements, or malvertising (see Online Advertising: Hackers' Little Helper).

Apple Removes Apps That Sell Data
Nonetheless, it's frustrating to see the company pull apps that they have already approved with little notice. Furthermore, location data can only be used for the goal of improving app performance and user experience.

Also on Tuesday, Microsoft patched a privilege elevation vulnerability in Win32k, a critical system file built into Windows. "This vulnerability allows an attacker who is logged onto a system to run a specially crafted file to gain privileged access to the system".

"To exploit this vulnerability, an attacker would first have to log on to the system", according to Microsoft's security advisory. The vulnerable version is 29.0.0.140, which requires an update to 29.0.0.171.

Payton College Prep tops 2018 list of Illinois' best high schools
How PMSA students compared with students across District 209 and the state in m ath and reading proficiency. News and World Report is out with its latest rankings, and Boston Latin School once again tops the list.

Build 17661 of the Skip Ahead, and Fast ring for Windows Insiders found out that the update is not available by default and you have to enable it manually.

Also on Tuesday, Microsoft issued an update for its Windows Server virtualization platform, Hyper-V. Another (CVE-2018-0959) addresses arbitrary code execution from a guest application on an operating system.

X-rays negative for Jazz star Donovan Mitchell
With James Harden sick, Paul stepped up with 41 points, 10 assists, and seven rebounds to seal a 4-1 series victory. Harden, the expected league MVP, had an uncharacteriscally quiet game - posting just 18 points from 22 shots.

Microsoft hasn't said how it's being exploited, but having this kind of vulnerability to hand is gold for cybercriminals, which is why it should also be on the immediate fix list for anyone running Windows 7. The flaw in Windows 10 and Windows Server, designated CVE-2018-8170, had been publicly reported but has not yet been seen in in-the-wild attacks. "That would definitely make it so that the OS updates this month are a high priority". "If you have encountered this issue, you can roll back to Windows 10, version 1709 and wait for the resolution before attempting to install the April 2018 Update again", Microsoft said. Microsoft's April 2018 update began rolling out to Windows 10 systems on April 30, but the update has caused some systems with Intel SSDs to enter a UEFI screen reboot or crash repeatedly.

Share