Microsoft has released a set of security updates to patch a total of 81 CVE vulnerabilities in all supported versions of Windows and other Microsoft products.

The latest security update addresses 27 critical and 54 severe vulnerabilities, of which 38 vulnerabilities affect Windows, 39 could lead to remote code execution (RCE). These vulnerabilities can be used to distribute malware.

  • Information about the affected system

Windows Operating Systems

  • Propagation vectors

The most common means used to exploit these vulnerabilities with malware campaigns are:

Email

Contaminated removable media

  • How to avoid being a victim?
  • Do not open email attachments from unknown senders.
  • Keep your antivirus software up to date on your personal and corporate computer.
  • Immediately install all available updates on your operating system.
  • What impact would it have if the vulnerability is exploited?

Depending on the type of malware that is deployed exploiting the vulnerability, it can range from information leakage to encryption and data hijacking (Ransomware).

  • What to do if we have the vulnerability?

Install, as soon as possible, updates to Windows operating systems.

 

Source:

https://portal.msrc.microsoft.com/en-us/security-guidance

https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/5984735e-f651-e711-80dd-000d3a32fc99