Microsoft finally released the monthly updates yesterday security as part of Patch Tuesday.
This month, the company from Redmond fixed 64 vulnerabilities, 17 of which were critical. Among them were two zero days for the functional Windows system.
First 0DAY
The first zero day was published by Google last weekteam και σύμφωνα με την εταιρεία μπορούσε να αξιοποιηθεί σε συστήματα Windows των 32-bit.
Today, Microsoft provided update? security not only for Windows 7, but also for Windows Server 2008 systems, which are also affected by vulnerability CVE-2019-0808.
Second 0DAY
The second zero day was discovered by Kaspersky researchers and recorded as CVE-2019-0797. Just like the first one, it is a privilege elevation error (EoP) that can allow attackers to run code with administrator privileges.
This zero day affects all versions of Windows.
Other corrections
In addition to the two zero days, Microsoft corrected (again) three major vulnerabilities in the Windows DHCP client that allowed remote attackers to take control of vulnerable systems (CVE-2019-0697, CVE-2019-0698, and CVE-2019-0726).
So, according to the above, it is considered necessary to immediately upgrade your systems (although usually you do not do it immediately).