Microsoft issued a security advisory for a remote code execution (RCE) vulnerability that exists on the Windows Host Compute Service Shim (hcsshim) library, an open source tool used to import Docker containers and run on Windows systems.
Microsoft has released two additional Windows security updates that address the Spectre side-channel vulnerabilities that were revealed in January this…
Late last month, a new vulnerability dubbed “Total Meltdown” was discovered after Microsoft issued patches to fix the previous Meltdown vulnerabilities.
Microsoft issued April 2018 Security Updates that include at least 63 vulnerability fixes, 22 of them rated critical. The updates address multiple Microsoft products to include Windows, Internet Explorer, Edge, Office, Office Services and Web Apps, ChakraCore, Visual Studio, Malware Protection Engine and Adobe Flash.
Microsoft issued new security guidance on the Credential Security Support Provider protocol (CredSSP) vulnerability (CVE-2018-0886) that could allow remote code execution. As part of the updates, Microsoft plans to soon prevent un-patched RDP clients (that uses CredSSP) from authenticating to Windows.