Upvote Upvoted 7 Downvote Downvoted
Patch your PCs folks
posted in Off Topic
1
#1
0 Frags +

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8475

CVE-2018-8475 | Windows Remote Code Execution Vulnerability
Security Vulnerability

Published: 09/11/2018
MITRE CVE-2018-8475

A remote code execution vulnerability exists when Windows does not properly handle specially crafted image files. An attacker who successfully exploited the vulnerability could execute arbitrary code.

To exploit the vulnerability, an attacker would have to convince a user to download an image file.

The update addresses the vulnerability by properly handling image files.
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8475

[quote]CVE-2018-8475 | Windows Remote Code Execution Vulnerability
Security Vulnerability

Published: 09/11/2018
MITRE CVE-2018-8475

A remote code execution vulnerability exists when Windows does not properly handle specially crafted image files. An attacker who successfully exploited the vulnerability could execute arbitrary code.

To exploit the vulnerability, an attacker would have to convince a user to download an image file.

The update addresses the vulnerability by properly handling image files.
[/quote]
2
#2
tf2pickup.org
19 Frags +

I use arch btw

I use arch btw
3
#3
1 Frags +

x

x
4
#4
4 Frags +
Firedoes it not get downloaded via regular windows update?

Yes it will be. It may be queued or awaiting an automatic update check, so you may prefer to request a manual one.

[quote=Fire]does it not get downloaded via regular windows update?[/quote]

Yes it will be. It may be queued or awaiting an automatic update check, so you may prefer to request a manual one.
5
#5
15 Frags +

lmao who updates windows

lmao who updates windows
6
#6
7 Frags +
Firedoes it not get downloaded via regular windows update?

Yeah but most people click "remind me later" for at a least month before updating.

[quote=Fire]does it not get downloaded via regular windows update?[/quote]
Yeah but most people click "remind me later" for at a least month before updating.
7
#7
16 Frags +

it'll probably update for me right in the middle of scrims, no worries here

it'll probably update for me right in the middle of scrims, no worries here
8
#8
4 Frags +
wolsneRussianGuyovichTo exploit the vulnerability, an attacker would have to convince a user to download an image file.Is it image files as in .png/.jpeg or image files as in disk images?
There's a huge difference and the cve page doesn't specify which it is

image files, it's a cve in the GDI+ library which handles thumbnails, font rendering and so on for windows iirc

[quote=wolsne][quote=RussianGuyovich]
To exploit the vulnerability, an attacker would have to convince a user to download an image file.
[/quote]
Is it image files as in .png/.jpeg or image files as in disk images?
There's a huge difference and the cve page doesn't specify which it is[/quote]

image files, it's a cve in the GDI+ library which handles thumbnails, font rendering and so on for windows iirc
9
#9
8 Frags +

http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/7132968_orig.jpg?211

I have no fear

[img]http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/7132968_orig.jpg?211[/img]

I have no fear
Please sign in through STEAM to post a comment.