Many of the security problems come through vulnerabilities in the system, of course these have been flaws that can always be found in new software since as said they are new but as a result of this, cybercriminals manage to exploit them and reach up to the victim’s computer and being able to compromise privacy and security. Luckily, the manufacturers themselves release security patches. However, they are not always available or we do not always install them correctly.
That is why today we come to talk about several vulnerabilities that have emerged over time and to make people aware that they should be careful with these problems.
Internet Explorer vulnerabilities
In this case, we are facing the vulnerabilities CVE-2018-8174 and CVE-2016-0189. They affect Internet Explorer, which although it is not a very popular browser today, is present in most systems with Windows 10. The first could affect any Microsoft system. However, the company released patches in 2018 to fix it on all supported operating systems. This flaw, also known as Double Kill, would allow an attacker to enter the virtual memory of the system.
Windows Administrator CVE-2015-1769
This vulnerability also significantly affected Windows 10 users. It affected the file manager and allowed an attacker to exploit it simply by inserting a USB memory into the computer. In this way, it could achieve privilege escalation and deploy malicious code that put the security of the system at risk.
Microsoft Office 2016: CVE-2017-11882
This vulnerability affected Microsoft Office 2016. As we know, it is one of the programs most used by users in Windows 10. It was published in 2017 and took advantage of this problem to mine cryptocurrencies or carry out DDoS attacks, this vulnerability was what an attacker could configure a malicious Word file and thus deploy the threat. In this way it executes a script that compromises our system.
