1 week ago

Microsoft Releases Patches for 16 Critical Flaws, Including a Zero-Day

Microsoft Issues Security Patches Critical Vulnerabilities

If you think which only CPU updates which address This specific year’s major security flaws—Meltdown along with Spectre—are the only ones you are advised to grab immediately, there are a handful of major security flaws which you should pay attention to.

Microsoft has issued its first Patch Tuesday for 2018 to address 56 CVE-listed flaws, including a zero-day vulnerability in MS Office related which had been actively exploited by several threat groups within the wild.

Sixteen of the security updates are listed as critical, 38 are rated important, one is usually rated moderate, along with one is usually rated as low in severity. The updates address security flaws in Windows, Office, Internet Explorer, Edge, ChakraCore, ASP.NET, along with the .NET Framework.

The zero-day vulnerability (CVE-2018-0802), described by Microsoft as a memory corruption flaw in Office, is usually already being targeted within the wild by several threat actor groups within the past few months.

The vulnerability, discovered by several researchers coming from Chinese companies Tencent along with Qihoo 360, ACROS Security’s 0Patch Team, along with Check Point Software Technologies, can be exploited for remote code execution by tricking a targeted user into opening a specially crafted malicious Word file in MS Office or WordPad.

According to the company, This specific security flaw is usually related to CVE-2017-11882—a 17-year-old vulnerability within the Equation Editor functionality (EQNEDT32.EXE), which Microsoft addressed in November.

When researchers at 0Patch were analysing CVE-2017-11882, they discovered a fresh, related vulnerability (CVE-2018-0802). More details of CVE-2018-0802 can be found in a blog post published by Check Point.

Besides CVE-2018-0802, the company has addressed nine more remote code execution along with memory disclosure vulnerabilities in MS Office.

A spoofing vulnerability (CVE-2018-0819) in Microsoft Outlook for MAC, which has been listed as publicly disclosed (Mailsploit attack), has also addressed by the company. The vulnerability does not allow some versions Outlook for Mac to handle the encoding along with display of email addresses properly, causing antivirus or anti-spam scanning not to work as intended.

Microsoft also addressed a certificate validation bypass vulnerability (CVE-2018-0786) in .NET Framework (along with .NET Core) which could allow malware authors to show their invalid certificates as valid.

“An attacker could present a certificate which is usually marked invalid for a specific use, yet the component uses the idea for which purpose,” describes Microsoft. “This specific action disregards the Enhanced Key Usage taggings.”

The company has also patched a total of 15 vulnerabilities within the scripting engine used by Microsoft Edge along with Internet Explorer.

All these flaws could be exploited for remote code execution by tricking a targeted user into opening a specially-crafted webpage which triggers a memory corruption error, though none of these has been exploited within the wild yet.

Meanwhile, Adobe has patched just one, out of bounds read flaw (CVE-2018-4871) This specific month which could allow for information disclosure, though no active exploits have been seen within the wild.

Users are strongly advised to apply October security patches as soon as possible to keep hackers along with cybercriminals away coming from taking control of their computers.

For installing security updates, simply head on to Settings → Update & security → Windows Update → Check for updates, or you can install the updates manually.

Article Categories:
Security Hacks

Leave a Comment

Your email address will not be published. Required fields are marked *

7 − four =