Microsoft issued 95 security fixes Tuesday as part of its weekly Patch Tuesday efforts, including two major vulnerabilities that were at risk of being exploited by hacking tools stolen from the U.S. National Security Agency.
The two most critical fixes addressed by the computing giant included a Windows Search Remote Code Execution Vulnerability identified as CVE-2017-8543 and an LNK Remote Code Execution Vulnerability identified as CVE-2017-8464.
The Windows Search Remote Code Execution Vulnerability was considered the more serious of the two issues as it allowed an attacker to target the Windows Search Service, a feature that allows users to perform a search across multiple Windows services and clients on a network.
“In an enterprise scenario, a remote unauthenticated attacker could remotely trigger the vulnerability through an SMB [sever message block] connection and then take control of a target computer,” a security bulletin published by Microsoft said.
Windows Server 2016, 2012 and 2008, as well as desktop operating systems like Windows 10, 7 and 8.1, all were vulnerable to the attack and will be protected by the company’s recent patch.
The LNK Remote Code Execution Vulnerability that was also the subject of a fix allowed an attacker, acting remotely, to execute malicious code that would gain access to the same user rights as the local user — including administrative rights to an account with that level of access.
The two critical fixes released Tuesday are aimed at stopping incidents like last month’s massive ransomware outbreak. The WannaCry attack, which infected hundreds of thousands of machines around the world, was possible due to the use of hacking tools stolen from the NSA that were used to exploit previously undisclosed exploits in Windows operating systems.
The NSA informed Microsoft of the security issue after the government agency learned the tools had been stolen and Microsoft was able to issue a patch for the issue a month prior to the WannaCry attack, but many did not update in time to protect against the ransomware.
Several other NSA exploits also were stolen by the Shadow Brokers, a group of anonymous hackers who announced their possession of exploits used by the U.S. intelligence community. It has been a concern that those exploits could lead to attacks similar to WannaCry.
Microsoft also issued patches to fix security vulnerabilities with Windows, Office, Skype, Internet Explorer and the Edge browser. Twenty-seven of the patches dealt with remote code execution issues that allow an attacker to control a victim’s computer remotely. Eighteen patches were rated critical by Microsoft.