Today’s VERT Alert addresses Microsoft’s October 2018 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-800 on Wednesday, October 10th.
This vulnerability, a privilege escalation in Win32k’s handling of objects in memory, has been exploited in the wild. According to ZDNet, the exploit has been used by a nation-state cyber-espionage group known as FruityArmor.
Microsoft has rated this as a 1 on the Exploitability Index (Exploitation More Likely) on their latest Windows release, while active exploitation has been detected on older releases.
This vulnerability can be exploited when a user opens a malicious Microsoft JET Database Engine file and Microsoft has acknowledged that it was publicly disclosed. The vulnerability was resolved by changing how the Microsoft JET Database Engine handles objects in memory.
Microsoft has rated this as a 2 on the Exploitability Index (Exploitation Less Likely).
This publicly disclosed vulnerability could allow an authenticated attacker to escalate their privileges via a flaw in how the Windows Kernel handles objects in memory.
Microsoft has rated this as a 1 on the Exploitability Index (Exploitation More Likely).
The final publicly disclosed vulnerability this month involves the way that objects are accessed in memory when using the Azure IoT Hub Device Client SDK with the MQTT protocol. An attacker could execute code in the context of the current user.
Microsoft has rated this as a 2 on the Exploitability Index (Exploitation Less Likely).
While historical Microsoft Security Bulletin groupings are gone, Microsoft vulnerabilities are tagged with an identifier. This list provides a breakdown of the CVEs on a per tag basis.
Tag | CVE Count | CVEs |
Windows Hyper-V | 2 | CVE-2018-8489, CVE-2018-8490 |
SQL Server | 3 | CVE-2018-8527, CVE-2018-8532, CVE-2018-8533 |
Microsoft Windows DNS | 1 | CVE-2018-8320 |
Microsoft (Read more...) |
*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Tyler Reguly. Read the original post at: https://www.tripwire.com/state-of-security/vert/vert-threat-alert-october-2018-patch-tuesday/
The European Medicines Agency (EMA) says it was hacked by persons unknown.
Leading UK Credit Card Consumer Finance Company Uses Advanced Graph Analytics to Intercept Fraudulent Credit Card Applications, Boost Anti-Fraud Efforts…
Digital+ Partners Leads Continuation Funding Round in Growing Automated Threat Analysis & Detection Provider, Closing its Series B Round at…
For three years OpenWRT had a severe validation problem with its download package manager, until a fuzz tester found and…
It’s time to say a final “Goodbye” to Flash. (Or should that be “Good riddance”?) With earlier this week seeing…
1. Be a student of (information security, network security, cyber security). Always strive to know what the latest tactics, trends,…