Itpa webheader

Microsoft, Adobe patch critical security flaws


By Dylan Bushell-Embling
Monday, 15 April, 2019


Microsoft, Adobe patch critical security flaws

Microsoft has used its monthly Patch Tuesday to issue fixes for more than 70 vulnerabilities found in various software, including at least two that are already being exploited in the wild.

The 15 patches include patches for two vulnerabilities that according to security company Rapid7 are zero day exploits that affect all supported versions of Windows.

The vulnerabilities can result in unauthorised elevation of privilege that could allow attackers to respectively run arbitrary code in kernel mode, and to install programs, view change and delete data, and create new accounts with full user rights.

The vulnerabilities require attackers to have first obtained local access to an affected system, but according to Rapid7, when combined with one of the remote code execution vulnerabilities also patched by Microsoft, could be used to obtain full control of a system as part of an exploit chain.

Microsoft has also issued patches for various software including its Internet Explorer and Edge web browsers, as well as Microsoft Office, Sharepoint and Exchange. These include 32 remote code execution vulnerabilities.

Meanwhile, Adobe has also issued fixes for several products, including Flash, Reader and Shockwave Player.

This includes an update to resolve multiple critical memory corruption vulnerabilities in Shockwave Player that could lead to arbitrary code execution attacks, which was issued on the same day as Adobe officially ended support for the obsolete program.

Image credit: ©James Thew/Dollar Photo Club

Information Technology Professionals Association (ITPA) is a not-for-profit organisation focused on continual professional development for its 18,700 members. To learn more about becoming an ITPA member, and the range of training opportunities, mentoring programs, events and online forums available, go to www.itpa.org.au.

Related News

Australian IT spending to grow 3% in 2019

The Australian IT spending market is on track to grow 3% in 2019 despite expected declines in...

Australian network gear market flat in 2018

The Australian networking infrastructure market stagnated with just 0.81% growth in 2018, due to...

New Australia–US cable commissioned

The consortium behind the Southern Cross Cable Network has contracted Alcatel Submarine Networks...


  • All content Copyright ¬© 2019 Westwick-Farrow Pty Ltd