Microsoft has released their latest monthly Patch Tuesday update for September 2018, patching a total of 61 security vulnerabilities, out of which 17 are rated as critical, 43 are rated Important, and one Moderate in severity.
These security updates patch vulnerabilities in Microsoft Windows, Edge, Internet Explorer, MS Office, ChakraCore, .NET Framework, Microsoft.Data.OData, ASP.NET etc.
Four of the security vulnerabilities patched this month are listed as “publicly known” and more likely exploited in the wild at the time of release.
CVE-2018-8475: Windows Critical RCE Vulnerability
One of the publicly disclosed vulnerabilities is a critical remote code execution flaw (CVE-2018-8475) in Microsoft Windows and affects all versions of Windows OS, including Windows 10.
The Windows RCE vulnerability resides in the way Windows deals specially crafted image files. In order to execute a malicious code on a target system, a remote hacker has to just persuade a victim to view an image.
CVE-2018-8440: Windows ALPC Elevation of Privilege Vulnerability
An important zero-day vulnerability in Windows Advanced Local Procedure Call (ALPC) was revealed las week in Twitter and it is patched in the latest update.
This vulnerability (CVE-2018-8440) can permit a local attacker or malicious program to gain and run code with administrative system privileges on the targeted machines.
This flaw which is actively being exploited in the wild requires immediate attention. The proof-of-concept (PoC) exploit for this privilege escalation flaw in Windows is available on Github.
CVE-2018-8457: Scripting Engine Memory Corruption Vulnerability
The next publicly revealed vulnerability is a remote code execution vulnerability (CVE-2018-8457) in the scripting engine, which exists when the scripting engine fails to properly handle objects in memory in Microsoft browsers, allowing an unauthenticated, remote attacker to execute arbitrary code on a targeted system in the context of the currently logged-in user.
The vulnerability affects Microsoft Edge, Internet Explorer 11 and Internet Explorer 10.
Windows Hyper-V Remote Code Execution Vulnerabilities
The latest patch updates also include patches for two critical remote code execution vulnerabilities in Windows Hyper-V, a native hypervisor for running virtual machines on Windows servers.
The two flaws (CVE-2018-0965 and CVE-2018-8439) exist when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system.
Both RCE vulnerabilities can be exploited by a malicious guest user by running a specially crafted application on the virtual operating system to eventually execute arbitrary code on the host operating system.
Patch All Microsoft Software Vulnerabilities
Besides this, Microsoft has also pushed security updates to patch a critical remote code execution vulnerability in Adobe Flash Player.
Microsoft had marked the privilege escalation vulnerability (CVE-2018-15967) as a critical remote code execution flaw.
All the users are strictly recommended to apply all security patches at the earliest to keep malicious users away from taking control of their computers.
For installing security updates. Go to Settings → Update & security → Windows Update → Check for updates, or you can install the updates manually.
Technical Writer, Blogger,