Windows 10: Active X Vulnerability Patch - Where is it?

For the Active X vulnerability, on the advisory website you state there's is a patch / upgrade released, without a download link - see https://msrc.microsoft.com/update-guide. Where is the patch? Office is badly affected. Are you guys doing this on purpose, telling there's a patch but not releasing it? This is not professional, and a distasteful way of wasting our time in the security community.

:)

 

Active X vulnerability

2 month ago my Kaspersky Antivirus picked up 9 vulnerabilities in my operating system, the vulnerabilities were active x related, at first I thought a windows update might have cause the changed settings, but a today (2 month later) it happened again, I
selected vulnerability scan and it immediately picked up the same problem I had 2 months ago, it was the same 9 vulnerabilities. one of the vulnerabilities were "microsoft internet explorer activex elements that are not marked as safe are allowed".

Does anyone know why or how this happened again? Kaspersky did not detect any viruses nor malware.

Sorry for my bad english.

 

Thecus Releases Patch to Resolve Bash Vulnerability

In order to combat recent bash vulnerability issues, Thecus today released a Bash patch for both Thecus OS5 and OS6 users. It is strongly recommended that all users update their NAS with this latest firmware. The patch will fix the GNU Bash Environment Variable Command Injection Vulnerability, also referred to as Shellshock (CVE-2014-6271, CVE-2014-7169, CVE-2014-7187, and CVE-2014-71861), which allows unauthorized users access to remote Unix/Linux-based systems.





For ThecusOS 6, users can download the OS6 Bash offline patch V1.0. The patch is applicable for the following units:

• N2310, N4310
• N2520, N2560, N4520, N4560

For ThecusOS 5 x64, users can update their firmware to v2.05.06 to apply the Bash patch. This firmware is applicable to the following units:

• N16000 series / N12000 series / N8900 series
• N10850 / N8850 / N6850
• N8810 series / N7710 series
• N8800PRO v2 / N7700 PRO v2
• N7510 / N5550 / N4800 series / N4510U series / N2800

For ThecusOS 5 x86, users can update their firmware to v5.03.02.8 to apply the Bash patch. This firmware is applicable to the following units:

• Thecus XXX series / 1U4600 / N0503 / N4200 series / N5500
• N7700 / N7700SAS / N7700+ / N7700PRO
• N8800 / N8800SAS / N8800+ / N8800PRO
• N4100PRO

 

Patching windows 10 vulnerabilities

Hi,

I'm new to windows and to the community so excuse me if I miss some community guidelines.

I've installed windows 10 (build number 14390) a few days ago, and today out of paranoia run a vulnerability scan using retina community. The report came out very colorful (6 high risk vulnerabilies) . I have almost nothing installed apart from the following:

• Visual Studio Code
• Visual Studio Community edition
• Cmder
• MongoDb/Nodejs with some Npm modules
• VLC

I was confused by the fact that almost all the vulnerabilities were Microsoft Office or Microsoft VB6 related and I don't have any of that installed.

Any idea where should I look for patches or how to proceed to fix those problems?

The report included links for Microsoft security bulletins related to each problem but I could not find any software I have installed in order to update it.

I think it goes without saying that I install all the updates Microsoft update finds daily.

Thank you for your time.