Firma Microsoft wydała cztery aktualizacje dotyczące luk w oprogramowaniu firmy Microsoft. Wykorzystanie niektórych z tych luk może umożliwić osobie atakującej zdalnie przejąć kontrolę nad systemem. Zachęcamy administratorów do przeglądu Microsoft Security Bulletin i zastosowania niezbędnych aktualizacji.
| Bulletin ID | Bulletin Title and Executive Summary | Maximum Severity Rating and Vulnerability Impact | Affected Software |
| MS17-001 | Security Update for Microsoft Edge (3199709) This security update resolves a vulnerability in Microsoft Edge. This vulnerability could allow an elevation of privilege if a user views a specially crafted webpage using Microsoft Edge. An attacker who successfully exploited this vulnerability could gain elevated permissions on the namespace directory of a vulnerable system and gain elevated privileges | Important Elevation of Privilege | Microsoft Windows, Microsoft Edge |
| MS17-002 | Security Update for Microsoft Office (3214291) This security update resolves a vulnerability in Microsoft Office. The vulnerability could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. | Important Remote Code Execution | Microsoft Office, Microsoft Office Services and Web Apps |
| MS17-003 | Security Update for Adobe Flash Player (3214628) This security update resolves vulnerabilities in Adobe Flash Player when installed on all supported editions of Windows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows RT 8.1, Windows 10, and Windows Server 2016. | Critical Remote Code Execution | Microsoft Windows, Adobe Flash Player |
| MS17-004 | Security Update for Local Security Authority Subsystem Service (3216771) A denial of service vulnerability exists in the way the Local Security Authority Subsystem Service (LSASS) handles authentication requests. An attacker who successfully exploited the vulnerability could cause a denial of service on the target system’s LSASS service, which triggers an automatic reboot of the system. The security update addresses the vulnerability by changing the way that LSASS handles specially crafted authentication requests. | Important Denial of Service | Microsoft Windows |
+48 22242 1996
+48 571 207 996
cert@pse.pl 
klucz publiczny