BREAKING NEWS!

It is Patch Tuesday. Microsoft has shipped a bundle of security updates for more than three dozen vulnerabilities in Windows and related software. One of the fix is for a flaw that was first patched in 2010. This was the vulnerability that led to the discovery of Stuxnet, the cyberweapon that was supposedly used in a joint project between the US and Israel aimed at delaying Iran’s nuclear program. Unfortunately, the fixed that Microsoft shipped back in 2010 to addressed this flaw did not work well. It left Windows users dangerously exposed all this time.

The latest Patch Tuesday comes with 14 update bundles to address at least 43 separate vulnerabilities in Internet Explorer, Exchange and Office and a host of other components.

The significance of these patches should not be taken lightly. Five of the patches released are considered most critical as the vulnerabilities it fixes can be exploited to compromise vulnerable systems through little or no action on the part of the user.

The fixes also address two other security issues of recent times. One is the Superfish malware and the FREAK SSL vulnerability. Freak is a flaw that allows an attacker who controls the local network to downgrade your computer’s encrypted communications to a lower level of security. As a result, attackers can eavesdrop on your browsing and modify or redirect your communications.

It seems there are no fixes from Adobe on Patch Tuesday. Nevertheless, one of the critical fixes released by Microsoft addresses a dangerous bug in the Adobe Font Driver on most versions of Windows.

You are advice to patch as soon as possible. Here’s the link for the full breakdown of the critical patches, https://technet.microsoft.com/en-us/library/security/ms15-020.aspx.

Source

Krebs on Security