Microsoft Patched 12 Critical Bugs on November Updates
Microsoft patched 12 RCE, and zero-days bug on November Tuesday update
Here are Microsoft November updates rolling out and with this software giant, Microsoft has released the patch for several security bugs. On this November Tuesday updates, Microsoft has fixed 12 critical bugs and along with the zero-day which was exploited by various APTs.
The total number of bug fixed on this updates is 64, and 12 are critical bugs like Remote Code Execution, Privilege Escalation etc..
One of the Privilege escalation bug identified as CVE-2018-8592 have been patched with this update and it was an interesting bug was disclosed that would allow an escalation of privileges to someone who is upgrading Windows 10 to build 1809 and select the "Keep Nothing" option during the upgrade process.
12 Critical Bug Fixed in November 2018 Patch
As we have already said this update contains 12 Critical bugs and if they are exploited could allow a remote attacker to execute commands on a vulnerable computer and essentially take full control.
- CVE-2018-8476 is a remote code execution vulnerability in the Windows Deployment Services TFTP server. The bug lies in the way the TFTP server handles objects in memory. An attacker could exploit this vulnerability by supplying the user with a specially crafted request.
- CVE-2018-8553 is a remote code execution vulnerability in Microsoft Graphics Components that lies in the way Graphics Components handles objects in memory. An attacker can exploit this vulnerability by providing the user with a specially crafted file.
- CVE-2018-8544 is a remote code execution vulnerability that exists in the way that the VBScript engine handles objects in memory. An attacker needs to trick a user into visiting a specially crafted website on Internet Explorer in order to exploit this vulnerability. Alternatively, the attacker could also embed an ActiveX control marked "safe for initialization" in an application or Microsoft Office document that hosts Internet Explorer’s rendering engine.
- CVE-2018-8256 is a remote code execution vulnerability in PowerShell when it improperly handles specially crafted files. An attacker could execute malicious code on a vulnerable system. This update fixes the vulnerability by ensuring that PowerShell properly handles files.
- CVE-2018-8574 and CVE-2018-8577 are remote code execution vulnerabilities in Microsoft Excel that occurs when the software fails to properly handle objects in memory. An attacker could exploit this bug by tricking the user into opening a specially crafted Excel file, either as an email attachment or another method.
- CVE-2018-8582 is a remote code execution vulnerability in Microsoft Outlook when the software fails to properly parse specially modified rule export files. Users who have their settings configured to allow fewer user rights are less impacted by this vulnerability than those who operate with administrative user rights. Workstations and terminal servers that use Microsoft Outlook are also at risk. An attacker needs to convince a user to open a specially crafted rule export file in an email in order to trigger this bug.
- CVE-2018-8450 is a remote code execution vulnerability that exists when Windows Search handles objects in memory. An attacker could trigger this vulnerability by sending a specially crafted function to the Windows Search service, or via an SMB connection.
- CVE-2018-8570 is a remote code execution vulnerability in Internet Explorer that exists when the web browser improperly accesses objects in memory. An attacker could exploit this bug by hosting a malicious website on Internet Explorer and then convincing the user to visit the link.
You can get the Privilege escaltion bug which are less exploitable bug but it should be patched .
Along with this security patches, Microsoft have also fixed the issues caused by October updates. Till yet we haven't heard any bugs or lags on Novemeber updates, but will update the post as we gets...
So till then, update your Windows and other products and Stay safe...!