Windows security is a moving target, and you have to be constantly monitoring the latest vulnerabilities to see if your laptop or servers are secure. Kaspersky Lab’s recent announcement that Microsoft just patched a critical vulnerability in the Windows GDI in the latest round of updates was exploited by a group of malicious hackers to successfully execute malicious code is troubling.
The remote code execution flaw starts in how the Windows GDI handled objects in memory (CVE-2016-3393), and the issue has been addressed in critical bulletin (MS16-120). The vulnerability affected all supported versions of Windows operating system, Microsoft Office 2007 and Office 2010, Skype for Business 2016, Silverlight, .Net Framework, Microsoft Lync 2013, and Microsoft Lync 2010.
Now your responsibility is to make sure all your systems are successfully updated, because this isn’t a vulnerability found in a lab. This vulnerability was find in the wild, so it is a known attack vector. If a hacker can trick a user into visiting a malicious website and clicking on a link to malicious content, the PowerShell script could attack an un-patched system. The same attack could also be started with a traditional malicious email attachment or a simple file download.
While your organization may have different patching requirements than mine, all IT departments should prioritize patching critical updates and this is a critical update.