Microsoft Patch Tuesday includes fix for actively exploited zero-day

News by Robert Abel

Microsoft addressed nearly 40 vulnerabilities including and actively exploited zero-day, in its December 2018 Patch Tuesday release.

Microsoft addressed nearly 40 vulnerabilities including and actively exploited zero-day, in its December 2018 Patch Tuesday release.

Several of the issues were rated critical or important and or dealt with remote code execution flaws in Windows including one vulnerability that was actively being exploited in the wild.

"One of the most important flaws is a Windows Kernel Elevation of Privilege vulnerability (CVE-2018-8611), which has been exploited in the wild by attackers," Satnam Narang, senior research engineer at Tenable told SC Media. "While this vulnerability requires an attacker to have an established presence on the vulnerable system, security teams should prioritise it in their patching cycles."

Chris Goettl, director of product management, security, for Ivanti, agreed describing the flaw as allowing an attacker to execute an elevation of privilege enabling them to run arbitrary code in kernel mode.

"This vulnerability exists in all currently supported WindowsOperating systems from Windows 7 to Server 2019," Goettl said. "Exploitation has been detected on older OSs already, but the Exploitability Index is rated as a 1 for Windows 10 and Server 2019."

Microsoft also addressed issues in its Internet Explorer and its Edge browsers as well as in a flaw in PowerPoint which were all likely to be exploited by threat actors.

This article was originally published on SC Media US.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews