BlackBerry recently released an Android security patch for Priv for the month of March. This update also addressed vulnerabilities that were affecting the Priv owners’ security. Elevation of Privilege Vulnerability in Conscrypt, Elevation of Privilege Vulnerability in Keyring Component, and Elevation of Privilege Vulnerabilities in Mediaserver were few of vulnerabilities that are fixed with the release of March update. And now a security patch for Microsoft Windows has also been released.
The security patch which was released on Tuesday target vulnerabilities which were affecting every version of Microsoft Windows including Windows 10. The company has rolled out three bulletins to fix the issues viz.,
Let us see what issues have been fixed with every security patch released for Microsoft Windows:
MS16-023 and MS16-024
Where MS16-023 addresses vulnerabilities in Internet Explorer, MS16-024 addresses vulnerabilities in Windows 10 browser, Microsoft Edge. The vulnerabilities present were allowing remote code execution when a specially crafted page was viewed on the Explorer/Microsoft Edge. If exploited, the attacker could get the same rights as the user.
This security patch addresses a vulnerability in Microsoft Windows. “The vulnerability could allow remote code execution if Microsoft Windows fails to properly validate input before loading certain libraries. However, an attacker must first gain access to the local system with the ability to execute a malicious application,” wrote Microsoft about the patch. The company further added, “The security update addresses the vulnerability by correcting how Windows validates input when loading certain libraries. For more information about the vulnerability.”
This security patch is said to be an important one for Microsoft Windows. These vulnerabilities were allowing remote code execution when a specially crafted document or web page which contained specially crafted embedded OpenType fonts was opened.
This update addressed the vulnerability which was affecting BlackBerry Priv as well. “The vulnerabilities could allow remote code execution if a user opens specially crafted media content that is hosted on a website,” wrote Microsoft about the issue. The company further added, “This security update is rated Critical for all supported editions of Windows 7, Windows Server 2008 R2, Windows Server 2012, Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10.” For more information, click here.
MS16-028 and MS-16-029 security patches also address remote code execution. Where MS16-028 is a security update for Microsoft Windows PDF Library, MS16-029 is is a security update for Microsoft Office.
For more technology news, you can subscribe to our newsletter. If you are a social media junkie and would like to receive updates on your timeline, then you can also like us on Facebook or follow us on Twitter.