It’s a new month, it’s a new patch. Microsoft has come out swinging in the month of October, fixing a total of 49 security flaws in it’s products. Through out this article we will analyse what is affected and the most important patches that you need to worry about.
Microsoft released this month’s security updates, addressing the never ending patching that can leave anyone using a Microsoft product in the bellow list vulnerable. If you don’t understand and you use a Microsoft product, contact us right away. Here are the affected platforms;
- Microsoft Windows
- Edge Browser
- Internet Explorer
- MS Office
- MS Office Services and Web Apps
- SQL Server Management Studio
- Exchange Server
Now out of the 49 vulnerabilities that has been patched this month, 12 are rated as critical, 35 are rated as important, one moderate, and one is low in severity.
The most important thing to note is that 3 of the vulnerabilities are noted as “Publicly Known” at the time of release, meaning that this vulnerability has been circulating around the dark web and amongst hackers and 1 has actually been reported as being actively exploited in the wild.
Which flaw is under active attack?
According to the Microsoft advisory, and undisclosed group of attackers is actively exploiting an important elevation of privilege vulnerability (CVE-2018-8453). What does this mean? this means that a hacker can take full control over the targeted systems within the Microsoft Windows Operating System.
This flaw exists if your Win23k (Kernel-mode drivers) component fails to properly handle object in memory, allowing for a hackers to execute arbitrary code in the kernel mode using a specially crafted application.
There is also a vulnerability titled CVE-2018-8494 that resides int he parser component of the Microsoft XML core Services (MSXML), which can be exploited by passing malicious XML content via input.
An attackers can easily and remotely execute malicious code on a targeted computer and take full control of the system just by convinving users to view a specially crafted website designed to invoke MSXML through a web browser.
The 3 wild flaws
The details of one of the three publicly disclosed vulnerabilities was revealed late last month by a security researcher after the company faild to patch the bug within the 120-days deadline.
The vulnerability that has been marked as important runs within the Microsoft Jet Database Engine that cloud allow an attacker to remotely execute malicious code on ANY vulnerable windows computer.
For POCE code and more details regarding this vulnerability you can read this.
The other two vulnerabilities that are also marked as important and reside within the Azure IoT Hub Device CLient SDK (CVE-2018-8531) and the Windows KErnel (CVE-2018-8497), which leads to privilege escalation and remote code execution respectively.
The security updates also include patches for 9 critical memory corruption vulnerabilities—2 in Internet Explorer, 2 in Microsoft Edge, 4 in Chakra Scripting Engine, and 1 in Scripting Engine—all leads to remotely execution of code on the targeted system.
Besides this, Microsoft has also released an update for Microsoft Office that provides enhanced security as a defense in depth measure.
Users and system administrators are strongly advised to apply these security patches as soon as possible to keep hackers and cybercriminals away from taking control of their systems.
For installing security patch updates, directly head on to Settings → Update & security → Windows Update → Check for updates, or you can install the updates manually. If you are still having issues, reach out to us.
Other Articles You May Enjoy:
- New Zero-Day Vulnerability Affecting All Versions Of Windows!
- How Artificial Intelligence (AI) Can Help Your Business
- Newly Found Malware Combines Ransomware, Coin Mining and Botnet!
- Microsoft GO: What you need to know