SoylentNews is people
SoylentNews
Submission Preview
Microsoft Issues Emergency Update to Fix Critical IE Flaw Under Active Exploit
████ sub likely contains entire articles and possibly more, and probably needs a trimmin' ████
Submitted via IRC for Bytram
Microsoft issues emergency update to fix critical IE flaw under active exploit [arstechnica.com]
Microsoft has issued an emergency update that fixes a critical Internet Explorer vulnerability that attackers are actively exploiting on the Internet.
The memory-corruption flaw allows attackers to remotely execute malicious code when computers use IE to visit a booby-trapped website, Microsoft said Wednesday [microsoft.com]. Indexed as CVE-2018-8653, the flaw affects all supported versions of Windows. The vulnerability involves the way Microsoft's scripting engine handles objects in memory in Internet Explorer.
In a separate advisory [microsoft.com], Microsoft said the vulnerability is being used in targeted attacks, but the company didn't elaborate. Microsoft credited Clement Lecigne of Google's Threat Analysis Group with discovering the vulnerability. No other details were available about the vulnerability or exploits at the time this post was being reported.
Microsoft said that customers who have Windows Update enabled and have applied the latest security updates are automatically protected against exploits. Microsoft said it knows of no workarounds of mitigations. Windows users should ensure their computer installs the update as soon as possible, even if they don't normally use IE to browse sites.
AND
Google Finds Internet Explorer Zero-Day Exploited in Targeted Attacks | SecurityWeek.Com [securityweek.com]
An out-of-band update released by Microsoft on Wednesday for its Internet Explorer web browser patches a zero-day vulnerability exploited by malicious actors in targeted attacks.
Microsoft has credited Clement Lecigne of Google’s Threat Analysis Group for reporting the vulnerability, but neither Microsoft nor Google have shared any details about the attacks involving the flaw.
The security hole is tracked as CVE-2018-8653 [microsoft.com] and it has been described as a remote code execution vulnerability related to how the scripting engine used by Internet Explorer handles objects in memory.
“The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user,” Microsoft explained in an advisory. “An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.”
According to the tech giant, an attacker can exploit the vulnerability by getting the targeted user to visit a specially crafted website using Internet Explorer. The victim can be lured to the malicious site using social engineering tactics.
Microsoft says the flaw impacts Internet Explorer 9 on Windows Server 2008, Internet Explorer 10 on Windows Server 2012, and Internet Explorer 11 on Windows 10, Windows Server 2019, Windows Server 2016, Windows Server 2008 R2, Windows Server 2012 R2, Windows 7, and Windows 8.1.
Since there are no workarounds for addressing this vulnerability, users should install the updates provided by Microsoft as soon as possible.
“Customers who have Windows Update enabled and have applied the latest security updates, are protected automatically. We encourage customers to turn on automatic updates,” Microsoft said [microsoft.com].
Microsoft has patched a significant number of zero-day vulnerabilities [securityweek.com] this year, and since August it has resolved at least one zero-day every month. The list includes a flaw exploited by cybercriminals to deliver a RAT [securityweek.com] – Microsoft initially did not want to address this weakness –, Windows vulnerabilities disclosed [securityweek.com] by a researcher on Twitter, and several security bugs exploited in attacks aimed at the Middle East [securityweek.com].
With this month’s Patch Tuesday updates, the company fixed a Windows kernel privilege escalation flaw exploited by a new threat actor named SandCat [securityweek.com] and possibly other groups.
Related: Microsoft Patches Actively Exploited Windows Vulnerability [securityweek.com]
Related: Microsoft Patches Windows Zero-Day Exploited by 'FruityArmor' Group [securityweek.com]
2019 ICS Cyber Security Conference | Singapore [April 2019] [icscybersecurityconference.com]
Register an Invite to the CISO Forum at Half Moon Bay [cisoforum.com]
2018 ICS Cyber Security Conference | USA [Oct. 22-25] [icscybersecurityconference.com]
sponsored links
