Microsoft Releases Updates for 12 Critical Windows Vulnerabilities

The November 2018 Patch Tuesday rollout includes patches for no less than 62 vulnerabilities and no less than 12 of them are rated as Critical.

This means IT admins should prioritize the deployment of patches resolving these flaws, and one of the highlights is a public disclosure vulnerability in Windows 10.

Detailed in CVE-2018-8566, the issue also exists in Windows Server 2016 and Windows Server 2019, and it’s a Security Feature Bypass in BitLocker that would allow an attacker to access information which would otherwise be encrypted.

“To exploit the vulnerability, an attacker must gain physical access to the target system prior to the next system reboot. The security update fixes the vulnerability by ensuring Windows resumes BitLocker Device Encryption,” Microsoft explains, adding that although the flaw has been publicly disclosed, it’s not aware of any exploits.

No comments:

Post a Comment