Microsoft has released the June 2018 Patch Tuesday security updates, and this month's release comes with fixes for 50 vulnerabilities.
No Windows zero-days this month
There are no Windows zero-days in this month's Patch Tuesday, but Microsoft patched CVE-2018-8267, a remote code execution vulnerability whose existence was publicly disclosed last week.
In addition to releasing the regular Patch Tuesday updates, Microsoft has also published KB4338110, a standalone security advisory that contains coding guidance for avoiding the creation of apps vulnerable to a padding oracle attack via the Cipher-Block-Chaining (CBC) mode when used with symmetric encryption algorithms.
Apps developed with this flaw allow an attacker to decrypt and tamper with encrypted data without knowing the encryption key, and the attack can be performed both locally and/or over a network.
Cr. techtalkthai, bleepingcomputer