Patch Tuesday: Windows Fonts Are A Surprising Target

Patch Tuesday: Windows Fonts Are A Surprising Target

Patch Tuesday: Windows Fonts Are A Surprising Target

Vendors have definitely delivered an April shower of vulnerabilities to address this month!

Microsoft has released a total of 67 CVE-listed vulnerabilities this month, covering the usual suspects: Edge, OS, Internet Explorer and Office. Of these 67 CVEs, 24 are listed as Critical, 42 are rated Important, and one is listed as Moderate in severity.

In parallel to patching Microsoft products, make sure you remember to patch Adobe products. With a total of 14 CVE’s spanning 5 of their products, 3 have been marked as critical. The most significant vulnerabilities relate to Adobe Flash, addressing Out-of-Bounds write and Use-After-Free vulnerabilities that could allow remote code execution. Thankfully our patching tool Ivanti makes it easy for us to patch Microsoft and third party vulnerabilities all in one go!

Some of the more interesting patches to take a look at this month:

CVE-2018-1010CVE-2018-1012CVE-2018-1013CVE-2018-1015CVE-2018-1016 – Microsoft Graphics Component

There’s an alarming total of five critical bugs flagged in the Windows Font Library this month. If compromised, each of those vulnerabilities could lead to a remote code execution via a specially-crafted website. This affects all versions of Windows operating systems to date so workstation-type devices and servers need patched now!

CVE-2018-8117 – Microsoft Wireless Keyboard 850 Security Feature Bypass Vulnerability

Imagine if a hacker could access your keyboard, logging every password you enter with each key stroke and even typing a few of his own! Imagine no more as Microsoft has brought that vulnerability to light. While unsettling, the good news is this bug isn’t easy to exploit – the attacker has to overcome the complex challenge of extracting the AES encryption key from the affected keyboard and has to be within wireless range of the device. Still, it’s best not to tempt fate if you have this keyboard so err on the side of caution and apply this patch.

CVE-2018-1034 – Microsoft SharePoint Elevation of Privilege Vulnerability

According to Microsoft, an authenticated attacker could exploit this escalation of privilege vulnerability by sending a specially crafted web request to an affected SharePoint server.
The attacker could then perform attacks on affected systems allowing unauthorized access to read and change permissions or content! To mitigate the risk, this security update ensures that the SharePoint Server properly sanitizes web requests.

CVE-2018-1038 – Windows Kernel Elevation of Privilege Vulnerability

This update was actually released between March and April, but it should be a top priority for anyone using Windows 7 x64 or Windows server 2008 R2 x 64 systems. According to Microsoft, an elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application to take control of an affected system.

Planning ahead

We’ll leave you with some sound advice from our good friends at Ivanti who have forecast a potential Java update in the pending Oracle critical quarterly updates on 17th April 2018.  They quote the recent SamSam Ransomware attacks as a warning why Java vulnerabilities are still a soft target – simply because attackers know that Java is one of those products that developers lag behind in updating, leaving a number of exploits open. So get ahead of the game and roll out those Java updates as they release. Just remember to have a strong testing environment in place for the more sensitive systems.

— Sophie McDonald, Options Security Specialist

Leave a Reply

Your email address will not be published. Required fields are marked *