Delaware, USA – July 11, 2018 – This month Microsoft released updates for 15 of its products fixing 53 security flaws, almost half of which are related to remote code execution. They fixed 14 different Memory Corruption Vulnerabilities in Microsoft Scripting Engine and 9 important and critical security flaws in Microsoft Explorer and Edge browsers. Also, high-risk vulnerabilities were also patched in Microsoft Office and .NET Framework. As always, earlier this day Adobe released a fresh update for Adobe Flash Player closing two vulnerabilities and great patch to fix over 100 vulnerabilities in Acrobat and Acrobat Reader. Yesterday’s patch bundles don’t contain fixes for any zero-day vulnerabilities in Microsoft and Adobe products.
Another good news: Microsoft expanded the list of dangerous file types that can be embedded in Office documents via Object Linking and Embedding feature. Now the list consists of 108 extensions, including .SettingContent-ms. This time, unlike the situation with DDE exploitation, the company decided not to wait for large-scale campaigns and marked the extension as dangerous only two weeks after the emergence of the working exploitation chain. The popularity of Windows and the number of discovered vulnerabilities make it the system of choice for cyber attacks and malware; therefore it is necessary not only to install updates timely but also to enable continuous monitoring of security events. Windows Security Monitor helps SIEM to perform profiling and statistical analysis of MS Windows security events to detect violation of security policies, configuration errors and surges of security events.