On July 11, Microsoft released patches for 54 vulnerabilities in its software products, including 26 on Windows systems. All supported versions were updated, including Windows 7, Windows 8. 1 and Windows 10, each has been closed critical vulnerabilities. There are at least 19 of them, they all make remote code execution possible.

The main vulnerability of this month is under the number CVE-2017-8589. It affects all versions of Windows, including Windows 7, 8. 1, 10, Windows Server 2008, 2008 R2, 2012, and 2016. The vulnerability is located in the Windows Search service and can be used through the SMB attack, although it has nothing to do with the vulnerability used by extortionists WannaCry and Petya. That vulnerability was closed in March updates.

Microsoft claims that the new vulnerability allows you to gain complete control over the system by sending a special message to the Windows Search service.

Another critical vulnerability of CVE-2017-8463 affects Windows Explorer in all versions. Hackers should make users think that a malicious program is a folder. You can do this via e-mail or instant messages.

The use of these vulnerabilities has not yet been fixed, but this may change after the appearance of these patches. After installing them, you will need to restart the computer.