Wormable Windows Bug Opens Door to DoS, RCE

Microsoft’s May Patch Tuesday release addressed a modest 55 cybersecurity vulnerabilities, including just four critical bugs. It’s the smallest monthly update from the computing giant since 2020, but it does contain a patch for a concerning wormable vulnerability found in the Windows OS.

The good news is that none of the vulnerabilities are being actively exploited in the wild, according to Microsoft, though three are listed as publicly known.

The fixes address security flaws across Microsoft Windows, .NET Core and Visual Studio, Internet Explorer (IE), Microsoft Office, SharePoint Server, Open-Source Software, Hyper-V, Skype for Business and Microsoft Lync, and Exchange Server. Besides the four critical bugs, 50 are rated “important” and one is moderate in severity.

Read more…
Source: ThreatPost