82 security issues have been patched by Microsoft

Share if you likedShare on Facebook0Share on Google+0Tweet about this on TwitterShare on LinkedIn2

Microsoft has released a new patch that addresses a total of 82 vulnerabilities (September Patch Tuesday) for all supported versions Windows systems and other products. Between the patches, there is one zero-day vulnerability exploited in the wild.

The Zero-Day Vulnerability (CVE-2017-8759) is a remote code execution vulnerability that affects the .NET Framework. To exploit this vulnerability, an attacker would first need to convince the user to open a malicious document or application.

According to Microsoft:
“A remote code execution vulnerability exists when Microsoft .NET Framework processes untrusted input. An attacker who successfully exploited this vulnerability in software using the .NET framework could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.”

The vulnerability (CVE-2017-8759) has been discovered by two security researchers from FireEye and they reported it privately to Microsoft. It affects the .NET framework, specifically a SOAP WSDL (Web Services Description Language) parser. An attacker can exploit the security vulnerability for remote code execution by making the targeted user to open a specifically crafted document or application.

“FireEye recently detected a malicious Microsoft Office RTF document that leveraged CVE-2017-8759, a SOAP WSDL parser code injection vulnerability. This vulnerability allows a malicious actor to inject arbitrary code during the parsing of SOAP WSDL definition contents. FireEye analyzed a Microsoft Word document where attackers used the arbitrary code injection to download and execute a Visual Basic script that contained PowerShell commands.”

Share if you likedShare on Facebook0Share on Google+0Tweet about this on TwitterShare on LinkedIn2

Eslam Medhat

is a professional pen-tester with over 9 years of IT experience bringing a strong background in programming languages and application security, ranging from network and system administration to exploit research and development. He reported various vulnerabilities for high profile companies and vendors and was successfully acknowledged by them.

Leave a Reply