Microsoft October 2018 Patch Tuesday

Yesterday was the October 2018 Patch Tuesday, which means a lot of security updates are out for Microsoft products including Windows, Office, and Exchange Server. These updates fix known bugs and security vulnerabilities found within Microsoft’s products.

http://brn.firetrench.com

This Patch Tuesday fixes critical security vulnerabilities that when exploited could lead to code execution. These vulnerabilities are the most dangerous as if they are exploited could allow a remote attacker to execute commands on a vulnerable computer and essentially take full control.

Commenting on this, Glen Pendley, Deputy CTO, Tenable, said:

“Yesterday’s Microsoft Patch Tuesday release includes patches to address 50 different vulnerabilities, spanning across most OS versions, browsers (Edge and Internet Explorer), and applications like Sharepoint Enterprise server and SQL Server Management software. Ten of the vulnerabilities are marked as critical and 23 of the flaws allow for remote code execution.

“One of the most important vulnerabilities fixed in today’s Patch Tuesday release is the Microsoft JET Database Engine zero-day (CVE-2018-8423) which was disclosed last month. The vulnerability was published along with a sample exploit code, leaving organisations everywhere exposed for the last several weeks. As such, organisations are urged to update their systems immediately.

“The JET Database Engine software is ubiquitous. It’s shipped on all Windows machines and is leveraged by a number of applications, including Microsoft Office. By exploiting this flaw, an attacker can send a user a specially crafted malicious file that, when opened, can cause the JET engine to execute an out-of-bounds (OOB) write allowing for remote code execution. Needless to say, a remote code execution flaw with a known public exploit should be prioritised and patched as soon as possible.

“Also of note, CVE-2018-8453, which impacts Windows versions 7, 8.1, 10 and Server 2008, 2012, 2016 and 2019, has been patched. This vulnerability is known to have been exploited in the wild, meaning organisations should patch their systems immediately.”