MICROSOFT HAS UNLEASHED its September Patch Tuesday bug fix bonanza, patching 82 flaws in total.
Among the 82 fixes, 26 of which have been rated 'critical', includes a patch for an actively exploited zero-day vulnerability tied to Microsoft's .NET framework.
Security outfit FireEye uncovered the zero-day flaw, which could allow attackers to "take control of an affected system" to install programmes, delete data, or create new accounts with full user rights.
"An attacker who successfully exploited this vulnerability in software using the .NET framework could take control of an affected system," Microsoft said.
"An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights."
FireEye says that the exploit is being distributed via malicious Microsoft Office RTF document, which when opened, exploited a zero-day vulnerability in Microsoft's .Net framework to install the notorious FinSpy surveillance software, often to law enforcement agencies.
According to FireEye, the name of the document suggests the targets were Russian speaking. The spyware itself is sold by Gamma Group, a shady UK-German firm that offers the FinSpy or FinFisher 'lawful intercept' toolkit.
Microsoft's Patch Tuesday update also has a fix for BlueBorne, a widespread Bluetooth flaw discovered by security firm Armis that potentially "billions" of devices. Google has also patched the bug in its latest security update to Android, and iPhones and iPads running iOS 10 and above are protected against the threat.
In total, Microsoft released 81 security patches as part of its September Patch Tuesday affecting Windows, Internet Explorer, Edge, Exchange, .NET Framework, Office and Hyper-V. µ
Is restoring from backup really the better than prevention?
Allowed anyone to pinpoint locations visited by customers of SVR Tracking
Hackers gained access to systems using unsecured administrator's account
But Canonical's Mark Shuttleworth doesn't agree