Your IT Consultant

Microsoft’s Patch Tuesday Fixes 47 Vulnerabilities

July 14, 2016

It's that time of month again. Recent updates from Microsoft fixes critical vulnerabilities in Windows, Edge, IE, Office and the .NET Framework. The patches address eleven security bulletins dealing with Microsoft products and the Adobe Flash Player. Probably one of the most serious updates is for the Print Spooler service flaw. The bug impacts all supported versions of Windows ever released. As reported in The Hacker News, "The "critical" flaw (CVE-2016-3238) actually resides in the way Windows handles printer driver installations as well as the way end users connect to printers. Users who are logged in with fewer user rights on the system are less impacted than users who operate with administrative user rights, such as some home accounts and server users."

Yet again, another reason to be logged in with a least privileged account. All too often, users take the easy way out and define their ID to have administrator rights. Bad move. Another bad move is to drag your feet when installing system and application updates. Remember that you should be applying patches within 48 hours of release as recommended in the Center for Internet Security (CIS) Controls for Effective Cyber Defense.

E-mail: Phone: 703.359.0700
Digital Forensics/Information Security/Information Technology
http://www.linkedin.com/in/johnsimek
http://www.senseient.com