Microsoft December Patch Tuesday Addresses Nine Critical Vulnerabilities Including A Zero-Day

  • 132
  •  
  •  
  •  
  •  
  •  
  •  
    132
    Shares

This week, Microsoft has rolled out the last scheduled updates for this year. Nonetheless, it again has released a fix for a zero-day actively exploited in the wild. The Microsoft December Patch Tuesday Update brought fixes for nine critical vulnerabilities in different programs, including a zero-day flaw. It also patched several important vulnerabilities in different applications including MS Office apps.

Zero-Day Fixed With Microsoft December Patch Tuesday Update

This week, Microsoft December Patch Tuesday updates fixed a plethora of critical and important security flaws. These also include a zero-day bug already known and exploited by criminal hackers.

The vulnerability included a Windows Kernel Elevation of Privilege vulnerability that could potentially let an attacker execute arbitrary code on a target system in kernel mode. As described in Microsoft’s security advisory,

“An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.”

To exploit this bug, an attacker could simply log on to the target system. Then, via a maliciously crafted app, the attacker could gain complete control of the device.

The credit for identifying this bug (CVE-2018-8611) goes to Kaspersky Lab researchers, who reported the third consecutive Windows zero-day discovery to Microsoft. They believe that several threat actors have already exploited the vulnerability, including FruityArmor and SandCat. The researchers Boris Larin and Igor Soumenkov have elaborated their findings in a separate report. As stated,

“CVE-2018-8611 is a race condition that is present in the Kernel Transaction Manager due to improper processing of transacted file operations in kernel mode.”

Brief About Other Bug Fixes

Apart from the above zero-day vulnerability, the Microsoft Patch Tuesday December 2018 update also brought fixes for nine critical vulnerabilities. Allegedly, five out of these nine include memory corruption flaws in the Chakra scripting engine leading to remote code execution. Whereas, the other four vulnerabilities were found in the Microsoft .NET framework, Windows DNS servers, Internet Explorer and Microsoft Edge.

In addition to the critical security flaws, Microsoft also patched around 29 important remote code execution vulnerabilities. Some of these include flaws in Microsoft Excel (CVE-2018-8597 and CVE-2018-8636), Microsoft Word (CVE-2018-8590), Microsoft PowerPoint (CVE-2018-8628) and Microsoft Outlook (CVE-2018-8587).

The following two tabs change content below.
Avatar

Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]
Avatar

Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

Do NOT follow this link or you will be banned from the site!