Computer News & Safety – Harry Waldron Rotating Header Image

Windows Security – New WIN10 and Server vulnerabilities JAN-2019

Microsoft & US CERT highlight 2 new vulnerabilities.  One impacts WIN7/8/10 and the other affects Windows server as noted below

The CERT Coordination Center (CERT/CC) has released information on vulnerabilities affecting versions of Microsoft Windows and Windows Server. A remote attacker could exploit these vulnerabilities to take control of an affected system.  The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review CERT/CC’s Vulnerability Notes VU#289907 and VU#531281 and Microsoft’s security advisories for CVE-2018-8611 and CVE-2018-8626 and apply the necessary updates.

VU#531281: Microsoft Windows DNS servers are vulnerable to heap overflow  Friday, January 4, 2019

VU#289907: Microsoft Windows Kernel Transaction Manager (KTM) is vulnerable to a race condition   Friday, January 4, 2019


Comments are closed.