DV Hardware - bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, hardware and technology!
   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
 
DarkVision Hardware - Daily tech news
May 22, 2019 
Main Menu
Home
Info
News archives
Articles
Howto
Reviews
 

Who's Online
There are currently 213 people online.

 

Latest Reviews
Ewin Racing Flash gaming chair
Arctic BioniX F120 and F140 fans
Jaybird Freedom 2 wireless sport headphones
Ewin Racing Champion gaming chair
Zowie P-TF Rough mousepad
Zowie FK mouse
BitFenix Ronin case
Ozone Rage ST headset
 

Follow us
RSS
 

Microsoft patches 75 bugs, including remote execution bugs for Edge/IE

Posted on Wednesday, March 14 2018 @ 19:43:56 CET by


MSFT logo
With yesterday's Patch Tuesday rollout, Microsoft smashed a total of 75 security vulnerabilities. Nasty ones included nine remote code execution bugs in Edge and Internet Explorer. Full details at The Register.
The fixed bugs include nine remote code execution (RCE) flaws in the Chakra scripting engine in Edge. Microsoft says the scripting bugs (such as CVE-2018-0874) would allow an infected webpage to run code with the logged-in user's clearance level.

The Edge scripting engine was also the subject of four memory corruption RCE flaws, as well as an information disclosure bug, CVE-2018-0839, that allows an attack page to view objects in memory.
ARS Technica adds that Microsoft dropped its mandatory antivirus requirement. This was a temporary measure introduced in the wake of the Meltdown and Spectre fixes. Microsoft now reverses this policy because incompatile AV software turned out to be extremely rare:
Microsoft found that certain antivirus products manipulated Windows' kernel memory in unsupported ways that would crash systems with the Meltdown fix applied. The registry entry was a way for antivirus software to positively affirm that it was compatible with the Meltdown fix; if that entry was absent, Windows assumed that incompatible antivirus software was installed and hence did not apply the security fix.

This put systems without any antivirus software at all in a strange position: they too lack the registry entries, so they'd be passed over for fixes, even though they don't, in fact, have any incompatible antivirus software.




 



 

DV Hardware - Privacy statement
All logos and trademarks are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2019 DM Media Group bvba