https://www.zdnet.com/article/microsoft-may-2019-patch-tuesday-arrives-with-fix-for-windows-zero-day-mds-attacks/
By Catalin Cimpanu
Zero Day
ZDNet.com
May 14, 2019
Today, Microsoft released its monthly batch of security updates known as Patch
Tuesday, and this month's security release includes fixes for 79
vulnerabilities in a wide range of Microsoft products.
The two headliners of this month's patches are CVE-2019-0863, a zero-day
vulnerability exploited in the wild, and ADV190013, a security advisory for
dealing with the latest wave of Intel CPU flaws that came to light only a few
hours before.
THE ZERO-DAY
The zero-day is an elevation of privilege vulnerability that exists in the way
the Windows Error Reporting (WER) service interacts with files.
Tracked as CVE-2019-0863 and discovered by security researchers from PolarBear
and Palo Alto Networks, this vulnerability has been used in the wild by hackers
to elevate access on compromised systems from a regular account to one with
admin access.
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
