Patch Tuesday August: Microsoft fixed two security vulnerabilities that affect all supported versions of Windows.
The company said Tuesday that an attacker could remotely exploit a remote code execution vulnerability rated "critical" by using the way Windows search handles objects in memory, allowing full control of the affected computer.
An attacker could then install whatever programs they want, read, change or even delete data, create new accounts with full user rights. According to the company, all an attacker has to do to gain access to all of the above is to send a specially crafted message in the Windows search service.
Microsoft added that an attacker could remotely trigger this defect via a connection SMB in a network. The vulnerability was discovered by researchers Trend Micro.
Each of the above vulnerabilities can affect any supported version of Windows, such as Windows Windows 7 and all versions of Windows 10 as well as Windows Server systems.
Although technical details or PoCs have not been made public for obvious reasons, Microsoft warns that there is a possibility of future attacks.
Another "critical" remote code execution flaw in the classic JET database engine could allow an attacker to take full control of a computer.
Microsoft has released updates for another 46 vulnerabilities as part of its regularly scheduled Patch Tuesday updates. More than half of the vulnerabilities that are fixed have been described as "critical".
August updates are available through Windows Update. Of course, it is recommended that you update your systems immediately, or finally get the decision to install Linux.
Before doing so please read the following article:
Which is the best Linux distribution for beginners on the platform