Only one of these vulnerabilities, a remote code execution flaw (CVE-2018-8267) in the scripting engine, is listed as being publicly known at the time of release. However, none of the flaws are listed as under active attack.
Discovered by security researcher Dmitri Kaslov, the publicly known vulnerability is a remote memory-corruption issue affecting Microsoft Internet Explorer.
The flaw exists within the IE rendering engine and triggers when it fails to properly handle the error objects, allowing an attacker to execute arbitrary code in the context of the currently logged-in user.
Microsoft has also addressed an important vulnerability in its Cortana Smart Assistant that could allow anyone to unlock your Windows computer. You can head on to this article to learn how the bug can be used to retrieve confidential information from a locked system and even run malicious code.
The most critical bug Microsoft patched this month is a remote code execution vulnerability (CVE-2018-8225) exists in Windows Domain Name System (DNS) DNSAPI.dll, affecting all versions of Windows starting from 7 to 10, as well as Windows Server editions.
The vulnerability resides in the way Windows parses DNS responses, which could be exploited by sending corrupted DNS responses to a targeted system from an attacker-controlled malicious DNS server.
Successful exploitation of this vulnerability could allow an attacker to run arbitrary code in the context of the Local System Account.
Another critical bug is a remote code execution flaw (CVE-2018-8231) in the HTTP protocol stack (HTTP.sys) of Windows 10 and Windows Server 2016, which could allow remote attackers to execute arbitrary code and take control of the affected systems.
This vulnerability originates when HTTP.sys improperly handles objects in memory, allowing attackers to send a specially crafted packet to an affected Windows system to trigger arbitrary code execution.
No comments:
Post a Comment