Patch for April 2018 Update sends Windows 10 into infinite boot loop


There's no official response or fix from Microsoft for now. The option to name the folder will be shown when you expand the folder that has several tiles in it. Victims that opened the Office document would silently be infected via a malicious webpage opened in the background.

Microsoft has expanded Search previews as of build 17666 to support apps, documents and more.

Security experts recommend all Windows users - individuals and businesses alike - patch this flaw as quickly as possible.

"This is the first time we've seen a URL moniker used to load an IE exploit, and we believe this technique will be used heavily by malware authors in the future", wrote security analysts from Kaspersky Labs. Also that the complete session will soon be posted to Microsoft Build website.

Just like it's the case with preview builds, Microsoft has considered the user feedback while developing the feature. It has been assigned the vulnerability identifier CVE-2018-1039. Any product from IE to Office that can execute VBscript or Javascript could be vulnerable to remote code execution.

Neither Kaspersky Lab nor Microsoft have disclosed details of the attack they have observed leveraging this vulnerability, though Microsoft noted in its bulletin that attackers exploiting this vulnerability can gain the same user rights as the logged in user.

The flaw was discovered and reported to it by Anton Cherepanov, a senior malware researcher at ESET, Microsoft says. Both Windows 7 (32/64-bit) and Server 2008 R2 are vulnerable to the Win32k bug.

"Two Microsoft vulnerabilities this month are known to be exploited in the wild".

Читайте также: Rumor: Twitter Is Testing An Encrypted Messaging Feature

At Build, the company revealed that the next Insider build of Windows 10 will not only let you Alt-Tab between running programs, but also browser tabs.

"CVE-2018-8174, on the other hand, affects all supported versions of Windows and could lead to arbitrary code execution", said Wiseman. Exchange administrators should note two patches, including one that addresses a spoofing vulnerability (CVE-2018-8153).

Also, Microsoft has fixed a spoofing vulnerability in its Azure IoT Device Provisioning AMQP Transport library. "To exploit this vulnerability, an attacker would need to perform a man-in-the-middle (MitM) attack on the network that provisioning was taking place".

This month's releases also contain an out-of-band patch for CVE-2018-8115, affecting the Windows Host Compute Service Shim library, which helps to launch Windows Server containers from providers like Docker.

Now that Microsoft has shipped the April 2018 Update for Windows 10, it's moving full speed ahead to the next version of Windows, Redstone 5, due this fall.

In addition, Hyper-V has been getting some attention lately as well.

The new face of Windows 10 experiences, Joe Belfiore sent out an equal parts confusing and cryptic tweet regarding Cloud Clipboard earlier today.

При любом использовании материалов сайта и дочерних проектов, гиперссылка на обязательна.
«» 2007 - 2018 Copyright.
Автоматизированное извлечение информации сайта запрещено.

Код для вставки в блог