Mega Patch Tuesday Microsoft on Tuesday patched a wormable hole in its Windows Server software that can be exploited remotely to completely commandeer the machine without any authorization. It was one of hundreds of security bugs squashed today by Redmond along with Oracle, Adobe, VMware, SAP and Google.
Microsoft emitted fixes for 123 vulnerabilities in this month's Patch Tuesday batch. Some 18 of those CVE-listed security flaws are considered critical, meaning remote code execution (RCE) is possible without user interaction.
They include CVE-2020-1350, aka SIGred, a wormable remote code execution flaw in the way Windows Server handles incoming DNS requests. According to Dustin Childs of the Trend Zero Day Initiative (ZDI), the flaw is exploited ..
Support the originator by clicking the read the rest link below.
