Google’s Android and Microsoft have fixed 26 and 59 vulnerabilities respectively in their operating systems.
CVE-2019-2184, CVE-2019-2185, and CVE-2019-2186 are the most significant of these flaws in Google’s Media framework, which have been rated as critical.
“The most severe of these issues is a critical security vulnerability in the Media framework component that could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of a privileged process,” Google explains.
CVE-2019-2185 and CVE-2019-2186 also affect the latest platform iteration, Android 10. Nevertheless, their effect is alleviated owing to safety advances in the operating system, and they are thought to be only Medium risk on this version.
All three problems have been highlighted on devices running 2019-10-01 security patch level, which also comprises fixes for High severity flaws in Framework, Media framework, and System.
As for Microsoft, the software giant has issued 1 advisory and updates for 59 flaws, of which 8 have been rated as Critical.
All users are advised to install these security updates at the earliest in order to defend Windows from recognized security risks.
Two NTLM authentication susceptibilities exposed by security firm Preempt were patched on Tuesday that circumvent protections put in place by the software behemoth to avert NTLM relay attacks.
Preempt says that the flaws are grave as they could let an attacker compromise a complete domain through NTML relay attacks.