On Windows
The second flaw affects the error reporting service in Windows. This allows attackers to use it to modify files that are normally inaccessible. Finally, the third exploit exploits a vulnerability in Internet Explorer 11. It can be used to execute JavaScript code with a higher level of privileges than usual.
And although all these exploits require direct access to a PC, the very fact that there are gaps is alarming. They are especially dangerous if the user becomes a victim of phishing or other similar methods of online fraud.
At the same time, it is noted that an independent check of exploits showed that they work in 32-bit and 64-bit versions of the OS. Recall that back in March, Google reported that a privilege escalation vulnerability in older versions of Windows was implemented using the Chrome browser.
Microsoft has not yet commented on the information, so it is not clear when the patch will appear. It is assumed that an official statement from Redmond will come in the coming days, so all that remains is to wait.
Source: 3dnews.ru