Video: AMD and Microsoft join forces to block Spectre attacks.
Microsoft has fixes for 50 security flaws in its June Patch Tuesday update and has released quality improvements and fixes for Windows 10 version 1803 or the Windows 10 April 2018 Update.
The KB4284835 update moves Windows 10 version 1803 to OS Build 17134.112 and addresses an issue that caused systems to start up in a black screen: "This issue occurs because previous updates to the Spring Creators Update were incompatible with specific versions of PC tune-up utilities after installation."
This issue is separate to the black screen problems Avast users were struggling with last month after installing Windows 10 version 1803.
Among the other bug fixes, Microsoft has fixed an issue where firmware updates cause devices to go into BitLocker recovery mode when it's enabled, but Secure Boot is disabled or not present. This build now prevents firmware installation when a device is in this state.
Admins can install firmware by temporarily suspending BitLocker, installing firmware updates before the next OS startup, or by immediately restarting the device so that BitLocker doesn't remain in a suspended state.
Microsoft's June security patches, which are included in the new Windows 10 build, address flaws in Internet Explorer, Microsoft Edge, Windows, Office, the ChakraCore scripting engine, and the Adobe Flash Player flaw that was already being exploited in the wild.
There are 11 critical flaws and 39 flaws rated as important that are fixed, but only one of the bugs was publicly disclosed this month and none is known to be exploited.
Microsoft's advisory for CVE-2018-8267 notes that the flaw can be exploited through Internet Explorer or an Office document that hosts the IE rendering engine. A victim would need to visit a malicious or compromised website. Microsoft believes this bug is likely to be exploited.
Cisco's Talos Intelligence researchers highlighted three bugs that Windows users should patch promptly this month, including the publicly disclosed flaw and a remote code execution vulnerability within Windows Domain Name System (DNS), CVE-2018-8225.
"This vulnerability manifests due to DNSAPI.dll improperly handling DNS responses. This vulnerability could allow a remote attacker to execute arbitrary code within the context of the LocalSystem account on affected systems," wrote Talos researchers.
"An attacker could leverage a malicious DNS server and send specially crafted DNS responses to trigger this vulnerability." However, Microsoft notes exploitation of this bug is less likely.
The third key fix is for a remote code execution vulnerability affecting Chakra (CVE-2018-8229), which was found by Google Project Zero, and can be exploited through Edge. Microsoft believes this flaw is likely to be exploited.
Microsoft has also published new guidance on Windows mitigations for the Meltdown and Spectre flaws, and the related Spectre Variant 4 Speculative Store Bypass attack, CVE-2018-3639. To be fully protected, users and admins may have to take further action, Microsoft notes.
Already released mitigations for Windows 10 through to Windows 7 for Spectre variant 1, CVE-2017-5715, and Meltdown variant 3, CVE-2017-5754, are enabled by default.
On supported Windows Server systems, the mitigations are disabled by default and admins will need to take further steps to enable them.
Mitigations for variant 4 are only available for Windows 10, Windows Server 2016, Windows 7, and Windows Server 2008 R2. However, they're disabled by default.
The June update also addresses a Cortana elevation of privilege vulnerability that could allow an attacker to execute commands with elevated permissions.
Cortana retrieves data "from user input services without consideration for status", according to Microsoft.
An attacker who successfully exploited the vulnerability could execute commands with elevated permissions. However, the attacker would need physical access on a system with Cortana enabled.
Researchers from McAfee have posted a detailed account of how an attacker could use Cortana to search for sensitive information like stored passwords, and in some circumstances to execute code locally.
Previous and related coverage
Adobe issues security update for critical zero-day Flash Player flaw that attackers are exploiting via Excel docs.
Is third-party antivirus to blame for the latest Windows 10 update issues?
Your forum support for these products is up to your fellow problem-solvers now.
Microsoft patches two flaws that are already under attack, among the 67 bugs in May's Patch Tuesday update.
The latest Windows 10 cumulative update is causing some PCs to fail to boot, and the only solution is a system restore.
OS and hypervisor makers patch flaw that attackers could use to crash systems or read data from memory.