Addressing remote code execution (RCE) vulnerabilities

Recently the guys at Rapid7 released a comment detailing their views on Microsoft’s patch Tuesday and how it looked into stopping another round of remote code execution attempts. Adam Nowak detailed:

“March continues this quarter’s trend with the majority of bulletins (8) addressing
remote code execution (RCE) vulnerabilities; the remaining address elevation of
privilege (4) and security feature bypass. All of the critical bulletins are remote
code execution issues affecting a variety of products and platforms including Edge,
Internet Explorer, Office, Office for Mac, Office Web Apps, SharePoint and releases
of Microsoft Windows (Client and Server).

This month Microsoft resolves 39 vulnerabilities across 13 bulletins, with MS16-023,
MS16-024, MS16-028, MS16-029, MS16-034 as the bulletins to watch out for, addressing
28 vulnerabilities. Since a wide range of products are affected this month almost
all Microsoft users should been alert. Fortunately at this time, no vulnerabilities
are known to have been exploited in the wild.

Users should be wary of untrusted sources as maliciously crafted content could allow
an attacker to remotely execute code in order to gain the same rights as your user
account. Your best protection against these threats is to patch as quickly as
possible.”

Image Source: Pixbay

James Stevenson

Im a Cyber Security enthusiast that loves all things to do with technology. I'm specifically interested in cyber security and ethical hacking.

You may also like...