Microsoft patches exploited new Windows zero-day

By on
Microsoft patches exploited new Windows zero-day

In-the-wild vulnerability rated important, not critical.

Microsoft has fixed its fourth zero-day flaw in four months through its regular monthly 'Patch Wednesday' update.

Given the Common Vulnerabilties and Exposures (CVE) index key of CVE-2018-8611, the kernel privilege escalation bug in the Windows kernel was caused by incorrect handling of objects in memory.

Exploiting the vulnerability allowed attackers to run arbitrary code in Windows kernel mode with the highest system privileges, and could be used to establish persistence on target computers.

"To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application to take control of an affected system,” Malwarebytes' APAC SE manager Brett Callaughan explained.

However, there are other factors to consider that could make the vulnerability more dangerous, he added.

"From the information available right now this vulnerability could be exploited when the user is already logged in through another attack method, like a malicious email attachment or a drive-by-download then the potential for a piece of arbitrary code to be executed by a user not just an attacker is highly probable," he said.

"The risk is exacerbated because this vulnerability affects numerous versions of the Windows operating system, both desktop and server."

Since details of the vulnerability are being published currently, it is important to patch against the flaw before attackers build it into their arsenals and start exploiting it, Callaughan added.

Today's Patch Wednesday contains fixes for nine flaws rated as critical, all of which are remotely exploitable.

Five of these are found in Microsoft's Chakra Javascript engine, part of the default Windows Edge web browser that the company revealed this week it intends to drop in favour of Chrome.

The Windows DNS Server, .NET programming framework, text-to-speech feature and the Internet Explorer all have remotely exploitable vulnerabilities fixed in today's set of updates.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © . All rights reserved.

Most Read Articles

Log In

  |  Forgot your password?