Microsoft has recently released its Patch Tuesday update for August 2018, effectively addressing a total of 60 vulnerabilities across various platforms. Among these, 19 are marked as critical, raising alarms for IT departments globally. The updates affect key components such as Microsoft Windows, the Edge browser, Internet Explorer, and multiple Microsoft applications including Office, .NET Framework, Exchange Server, SQL Server, and Visual Studio.
Notably, two vulnerabilities included in this update are already recognized as being actively exploited in the wild. The advisory from Microsoft highlights that all 19 critical vulnerabilities could allow for remote code execution (RCE), posing significant risks to systems if successfully targeted. In addition to the critical vulnerabilities, Microsoft has addressed 39 other important flaws, alongside one moderate and one low-severity issue.
Among the critical vulnerabilities, the Internet Explorer Memory Corruption Vulnerability (CVE-2018-8373) stands out as it affects all supported versions of Windows. Attackers can exploit this vulnerability by persuading users to visit specially crafted web pages, potentially compromising their systems. Microsoft’s advisory indicates that malicious actors could embed harmful content within ActiveX controls or Microsoft Office documents, further increasing risks.
Another significant issue is the Windows Shell Remote Code Execution Vulnerability (CVE-2018-8414), which arises from poor validation of file paths. This flaw allows attackers to execute arbitrary code by tricking users into opening specially crafted files via email or websites. Similarly, Microsoft SQL Server 2016 and 2017 are exposed due to a remote buffer overflow vulnerability, enabling attackers to execute arbitrary code with the privileges of the SQL Server Database Engine service account.
Further threats include a vulnerability in Windows 10’s PDF library (CVE-2018-8350), which can be exploited simply by viewing a malicious website, allowing remote code execution. Additionally, the Microsoft Exchange Memory Corruption Vulnerability (CVE-2018-8302) permits attackers to execute arbitrary code by sending specially crafted emails, impacting users running Exchange Server 2010, 2013, and 2016.
Lastly, a critical vulnerability in the Windows font library (CVE-2018-8344) highlights how embedded fonts can be misused to take control of affected systems. This issue affects various versions of Windows, including Windows 10, 8.1, 7, and Windows Server editions.
To mitigate these vulnerabilities, Microsoft recommends that users apply the security patches promptly. For those looking to install security updates, the process can be initiated through Settings, navigating to Update & Security, and selecting Windows Update.
As cyber threats continue to evolve, it remains essential for businesses to stay informed and proactive in implementing necessary updates and protections. By utilizing the MITRE ATT&CK framework, organizations can better understand the tactics such as initial access, persistence, and privilege escalation that may be employed by adversaries in such attacks.
This ongoing vigilance is critical for protecting sensitive business data and maintaining robust cybersecurity defenses.