Microsoft patches Internet Explorer zero-day 'Double Kill'

Share

Last month, Microsoft warned that that it would no longer be supporting Windows 10 version 1607, aka the "Anniversary Update", which was first introduced in August 2016, or older versions of the OS.

Microsoft also cites performance and stability issues as key components of the errors, so it's possible that users with the April update can unknowingly suffer from reduced performance if they have an Intel SSD installed in their system.

He added, "While the vulnerabilities are rated as exploitation less likely, it may be time to deploy Hyper-V updates as it has been getting more updates".

Be amazed by the new Dockable Control in Microsoft's sizzle video below. This option is similar to muting volume in Microsoft Edge. "Opening any malicious documents with "double kill" allows attackers to control victims' computers without their knowledge, making ransomware infection, eavesdropping and data leakage convenient and stealthy". In the preview Microsoft provided, File Explorer does look a lot sleeker than it does now.

Florida deputy airlifted to hospital after shooting in Highlands County
Also, the Sheriff's Office will hold its own candlelight vigil Wednesday at 8 p.m.at Fireman's Field at the Highlands Fairgrounds. Arrest records show Ables had about 2 years left of probation for spraying mace at Dolan's grandfather.

One of the things Microsoft talked about at Build was a potential change in the behavior of Sets.

Microsoft is also taking this very seriously, writing, "The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements". It has been assigned the vulnerability identifier CVE-2018-1039. This vulnerability only affects Windows 7, Windows Server 2008, and Windows Server 2008 R2, the bulletin said. In both cases attackers would need to have logged on or gained locally authenticated access to the system to exploit, according to Goettl.

If you are affected, please be assured that Microsoft is working on a solution which will be "provided in a near future Windows Update". "The update addresses this vulnerability by correcting how Win32k handles objects in memory", Microsoft says.

This month's releases also contain an out-of-band patch for CVE-2018-8115, affecting the Windows Host Compute Service Shim library, which helps to launch Windows Server containers from providers like Docker. An exploit known as Double Kill was reported by researchers at Chinese cybersecurity vendor Qihoo 360 in April; the Qihoo 360 Core Security research team reported an advanced persistent threat (APT) campaign was actively exploiting the Internet Explorer zero-day. For now, users with unspecified Intel SSDs will not receive the April update automatically, and they also can not install the update manually.

Share