Hello, welcome to the Wednesday, June 12, 2019 edition of the Sansand-Stormsanders Stormcast.

My name is Johannes Ulrich, and today I'm recording from Neptune, New Jersey.

Microsoft's patch Tuesday, of course, is at the top of the news.

Today, 88 total vulnerabilities being patched.

Most of the critical vulnerabilities are located in the

browser or the scripting engine which of course is sort of part of the browser. Some interesting

critical vulnerabilities outside of these browser vulnerabilities. The Microsoft Speech API has a remote code execution

vulnerability. Now in order to trigger this you would have to convince a victim to

actually try to convert a piece of text that you send them to speech using that API. In

addition we also have three critical vulnerabilities in Windows HyperV. These are remote code execution vulnerabilities.

Now, and then we also do have four Pro-Ridge escalation vulnerabilities that are rated important that already have been disclosed. I believe these are essentially these vulnerabilities disclosed by Sandbox Escaper over the last couple of weeks.

And as usual, we also got updates from Adobe.

One remote code execution vulnerability is patched in Flash Player. Probably at least as important are three code execution vulnerabilities in Cold Fusion.

So don't forget to patch this.

We have seen this often being exploited in the past.

And then we also have a couple of vulnerabilities being addressed in Adobe campaign classic.

Well, I don't think that tool is particularly that often used.

It's a business marketing tool, but if you use it, well, definitely do pay attention to it.

So in general, from the Adobe and Microsoft side, I would call this an overall average patch Tuesday.

And this month, Intel and SAP also joined the patching fund.

Nothing really all that terribly noteworthy from Intel, a number of firmer updates and the like.

As far as SAP is concerned, one of the vulnerabilities that they're addressing here, and they release the total of 11 security notes,

...