Patch Tuesday: Explore with caution and mind the Edge…

Patch Tuesday: Explore with caution and mind the Edge…

Patch Tuesday: Explore with caution and mind the Edge…

Browser bugs are the focus for this month’s Microsoft Patch Tuesday release. A total of 53 bugs rated as 17 critical vulnerabilities and 10 of these belong to Internet Explorer alone. The rest are made up of 34 important vulnerabilities, 1 moderate and 1 low.

Let’s take a closer look:

CVE-2018-8278 – Microsoft Edge Spoofing Vulnerability

This highlights Microsoft Edge and Internet Explorer bugs that could see a hacker design a malicious website that depicts itself as legitimate. The attacker couldn’t force a user to click on the website but instead could strike by sending a convincing email or instant message with the link to the malicious website. The CVEs address how IE and Edge handle HTML content.

CVE-2018-8313 & CVE-2018-8314 – Windows Elevation of Privilege Vulnerability

Microsoft have rated these as a 1 on the Exploitability Index. In this instance, a privilege escalation within the Windows Kernel API could see hackers hijack system functionality, interject cross-process communication or impersonate processes. As ever with elevation privilege bugs, a hacker would need an authenticated, local user account to run any kind of process.

CVE-2018-8280 – Chakra Scripting Engine Memory Corruption Vulnerability

If the user is logged on with administrative access, exploiting this vulnerability could give the attacker the same access privileges. Conditions permitting, the attacker could take control of the affected system, install programs, create local accounts, view, change and delete data.

On the 3rd party front, Adobe Flash have pushed out and update for what they have described as a critical vulnerability. According to Ivanti, Flash is one of the most targeted applications and it’s important that any Flash update is applied to systems with urgency. Adobe Acrobat have released a huge patch that addresses 107 common vulnerabilities and exposures. One such vulnerability could manifest by opening an infected PDF, and in doing so, a user could potentially initiate the execution of malicious code. As ever, our Vulnerability Management team are rolling out updates for this issue in tandem with July’s Patch schedule.

Looking ahead to Tuesday the 17th of July, Oracle will be releasing their updates including Java. It’s no secret to attackers that Java can go unpatched due to specific application processes. This makes it imperative that we take Java updates seriously and get this patch applied to Phase 0 machines as soon as it’s made available.

For those that haven’t been outlined above, July’s patch release culminates in Kernel updates as well as Microsoft Office fixes that tackle issues with Skype for Business and Sharepoint. To summarise, the Cumulative OS patches, Adobe Flash and Java will be right at the top of our Vulnerability Management team’s list as we continue to maintain our patch cadence throughout July, and beyond.

Patrick Collins, Vulnerability Management

Leave a Reply

Your email address will not be published. Required fields are marked *