Microsoft Patch Tuesday Resolves RCE Flaws in MSHTML

Share post:

Microsoft has issued over 60 security patches to address identified vulnerabilities, including a remote code execution (RCE) flaw in MSHTML that is used in a limited number of attacks on Windows systems and other serious bugs.

According to the Zero Day Initiative, 11 vulnerabilities were filed for a total of 86 CVEs, including 66 CVEs (three critical, one moderate, and the rest classified as important) and 20 CVEs patched earlier by Microsoft Edge (Chromium) in early September.

Some other known vulnerabilities patched by Microsoft include CVE-2021-38647, a critical bug that affects the Open Management Infrastructure(OMI) and allows attackers to conduct RCE attacks without authentication by sending malicious messages via HTTP to port 5986.

For more information, read the original story in ZDNet.

Featured Tech Jobs


Related articles

Cyber Security Today, Week in Review for Friday, December 1, 2023

This episode features a discussion on ransomware, the latest explanation from Okta of a support hack and a survey of infosec pros whose firms w

Cyber Security Today, Dec. 1, 2023 podcast – More on compromises

This episode reports on the sanctioning of the Sinbad crypto mixe

All Okta customer support users had their email addresses copied

Identity and access provider Okta now says the threat actor who accessed its customer help desk system last month got the names and email addresses of all contacts of organizations that use its support system. Originally, the company said that, after an investigation, it determined only one per cent of the contacts from its 18,000

Failure of technology to detect attacks is a prime cause of breaches: Survey

Despite the money being poured into cybersecurity by IT departments, the leading cause of breaches of security controls was the failure of technology to detect an attack, a new survey from Trellix suggests. Forty-two per cent of respondents to the international survey of infosec leaders whose organization had suffered a recent cyber attack said their

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways