Today Microsoft release security patches for a total of 67 vulnerabilities, including two zero-days that have actively been exploited in the wold by cybercrimials, including two publicly disclosed bugs. These patch updates address security flaws in Microsoft Windows, Outlook, .NET Framework, Microsoft Hyper-V, Internet Explorer, Microsoft Edge, Microsoft Office, Microsoft Office, ChakraCore, Azure IoT SDK, and more.
The 2 Zero-Days
1 ) Double Kill IE 0-day Vulnerability
Vulnerability 1 (CVE-2018-817) is an active attacking critical remote code executed vulnerability that was revealed by the Chinese security firm Qihoo 360 last month and at the time had all supported versions of Windows operating systems.
The vulnerability which has been dubbed “Double Kill” by researchers, is a use-after-free issue which resides in the way the VBScript Engine handles objects in the computer memory, it requires prompt attention as it could allow an attacker to remotely take control over an affected system be executing malicious code remotely through malicious office documentation, or the the compensation of websites.
“In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website. An attacker could also embed an ActiveX control marked ‘safe for initialization’ in an application or Microsoft Office document that hosts the IE rendering engine,” Microsoft explains in its advisory.
“The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.” – Says Qihoo.
The users with administrative rights on their systems are impacted servery more than the users with limited rights.
2 ) Win32k Elevation of Privilege Vulnerability.
Vulnerability 2 (CVE-2018-8120) which has been patched this month, is a privilege-escalation flaw that occurred in the WIN32k component of Windows when it fails to properly handle objects in computer memory. This has been rated as “Important”, and affects Windows Servers 2008, Windows 7, Windows Server 2008 R2. WIN32k has been reported to have had active threat actors, however, Microsoft has not provided any details about these in-the-wild exploits.
Affected Products + Security update Links
Product | Platform | Article | Download | Impact | Severity | Supersedence |
---|---|---|---|---|---|---|
Windows Server, version 1803 (Server Core Installation) | 4103721 | Security Update | ||||
Windows Server, version 1709 (Server Core Installation) | 4103727 | Security Update | 4093112 | |||
Windows Server 2016 (Server Core installation) | 4103723 | Security Update | 4093119 | |||
Windows Server 2016 | 4103723 | Security Update | 4093119 | |||
Windows Server 2012 R2 (Server Core installation) | 4103725 | Monthly Rollup | 4093114 | |||
4103715 | Security Only | |||||
Windows Server 2012 R2 | 4103725 | Monthly Rollup | 4093114 | |||
4103715 | Security Only | |||||
Windows Server 2012 (Server Core installation) | 4103730 | Monthly Rollup | 4093123 | |||
4103726 | Security Only | |||||
Windows Server 2012 | 4103730 | Monthly Rollup | 4093123 | |||
4103726 | Security Only | |||||
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 4103718 | Monthly Rollup | 4093118 | |||
4103712 | Security Only | |||||
Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 4103718 | Monthly Rollup | 4093118 | |||
4103712 | Security Only | |||||
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 | 4103718 | Monthly Rollup | 4093118 | |||
4103712 | Security Only | |||||
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 4134651 | Security Update | 4018556 | |||
Windows Server 2008 for x64-based Systems Service Pack 2 | 4134651 | Security Update | 4018556 | |||
Windows Server 2008 for Itanium-Based Systems Service Pack 2 | 4134651 | Security Update | 4018556 | |||
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 4134651 | Security Update | 4018556 | |||
Windows Server 2008 for 32-bit Systems Service Pack 2 | 4134651 | Security Update | 4018556 | |||
Windows RT 8.1 | 4103725 | Monthly Rollup | 4093114 | |||
Windows 8.1 for x64-based systems | 4103725 | Monthly Rollup | 4093114 | |||
4103715 | Security Only | |||||
Windows 8.1 for 32-bit systems | 4103725 | Monthly Rollup | 4093114 | |||
4103715 | Security Only | |||||
Windows 7 for x64-based Systems Service Pack 1 | 4103718 | Monthly Rollup | 4093118 | |||
4103712 | Security Only | |||||
Windows 7 for 32-bit Systems Service Pack 1 | 4103718 | Monthly Rollup | 4093118 | |||
4103712 | Security Only | |||||
Windows 10 Version 1803 for x64-based Systems | 4103721 | Security Update | ||||
Windows 10 Version 1803 for 32-bit Systems | 4103721 | Security Update | ||||
Windows 10 Version 1709 for 64-based Systems | 4103727 | Security Update | 4093112 | |||
Windows 10 Version 1709 for 32-bit Systems | 4103727 | Security Update | 4093112 | |||
Windows 10 Version 1703 for x64-based Systems | 4103731 | Security Update | 4093107 | |||
Windows 10 Version 1703 for 32-bit Systems | 4103731 | Security Update | 4093107 | |||
Windows 10 Version 1607 for x64-based Systems | 4103723 | Security Update | 4093119 | |||
Windows 10 Version 1607 for 32-bit Systems | 4103723 | Security Update | 4093119 | |||
Windows 10 for x64-based Systems | 4103716 | Security Update | 4093111 | |||
Windows 10 for 32-bit Systems | 4103716 | Security Update | 4093111 |
Share your thoughts in the Comments section: