Two of the most significant patients involved a zero-day vulnerability and a security advisor for dealing with the latest wave of Intel CPU flaws that came to light only a few hours before the patch release.
The zero-day vulnerability is an elevation privilege that exists in the way the Windows Error Reporting (WER) service interacts with files, according to Catalin Company, writing in an article on ZDNet.
For the zero-day vulnerability Microsoft is correcting the way WER handles files and made fixes for all supported Windows OS versions.
For the CPU vulnerability tracked as ADV190013, Microsoft said customers would need two types of updates, one for firmware and the second is an OS update.
Adobe and Apple also published security updates on the same day.
Source: ZDNet article, "Microsoft May 2019 Patch Tuesday arrives with fix for Windows zero-day, MDS attacks"
No comments:
Post a Comment