Microsoft patches 74 issues, including 33 remote code execution bugs

Posted on Wednesday, April 10 2019 @ 11:39 CEST by Thomas De Maesschalck

The Register compiled the grand tally of this month's dose of Patch Tuesday. Microsoft addressed a total of 74 CVE-listed security bugs in Windows and Office products, including 33 bugs that could lead to remote code execution.

Some of the bugs in Microsoft's products are actively exploited in the wild:

Of the other flaws, experts are advising users and administrators to prioritize two fixes for bugs currently being targeted in the wild. CVE-2019-0803 and CVE-2019-0859 are a pair of elevation of privilege vulnerabilities in Win32k. Both require the attacker to already have access to the vulnerable PC, so you're really just seeing a bad situation get worse if this exploit is used.

"These bugs allow an attacker to elevate privileges and take over a system after they have access to that system," said Dustin Childs of the Trend Micro ZDI.

At the same time, Adobe also rolled out updates. The firm patched 21 remote code execution flaws in its PDF app, and plugged two remote code execution bugs in Flash Player.

About the Author

Thomas De Maesschalck

Thomas has been messing with computer since early childhood and firmly believes the Internet is the best thing since sliced bread. Enjoys playing with new tech, is fascinated by science, and passionate about financial markets. When not behind a computer, he can be found with running shoes on or lifting heavy weights in the weight room.

Loading Comments

Share this story!