Palo Alto's Unit 42 discovered 10 'Important' Microsoft bugs

News by Robert Abel

All but one of the bugs were remote code execution (RCE) flaws - the exception was an escalation of privilege vulnerability bug caused by a Windows Error Reporting Elevation of Privilege Vulnerability

Palo Alto’s Unit 42 researchers discovered 10 new Microsoft vulnerabilities all of which had a Maximum Severity Rating of "Important."

"The severity of the vulnerabilities discovered were all rated ‘Important,’" according to a blog post on 20 June, which said that one vulnerability had been addressed in this month's Microsoft Security Response Center (MSRC) update release and the other nine in the May 2019 updates. 

All but one of the bugs were remote code execution (RCE) flaws – the exception was an escalation of privilege vulnerability bug caused by a Windows Error Reporting Elevation of Privilege Vulnerability, the post said.  

Eight of the RCE flaws dealt with Jet Database Engine Remote Code Execution vulnerabilities while one was a Microsoft Office Access Connectivity Engine RCE Vulnerability.

This article was originally published on SC Media US.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews

Interview - Everyone has an Achilles heel: The new security paradigm

How can we defend networks now that the perimeter has all but disappeared?
Brought to you in partnership with ExtraHop