Free Privileged Account Discovery Tool: Identify & secure credentials to stop lateral movement. Download Free

BeyondTrust
  • Products
    Privileged Password Management
    Discover, manage, audit, and monitor privileged accounts
    Password Safe DevOps Secrets Safe
    Endpoint Privilege Management
    Manage privileges on Windows, Mac, Linux, and Unix endpoints
    Windows and Mac Unix and Linux Active Directory Bridge
    Secure Remote Access
    Centrally manage and secure remote access for service desks and vendors
    Remote Support Privileged Remote Access
    BeyondInsight Analytics
    See All Solutions
  • Resources

    Universal Privilege Management

    Our innovative Universal Privilege Management approach secures every user, asset, and session across your entire enterprise.

    Watch Video

    Learn

    Case Studies
    Competitor Comparisons
    Datasheets
    Glossary
    Product Demos
    Whitepapers

    Attend

    Events
    Go Beyond
    Training
    Webinars

    Support

    Changelog
    Professional Services
    Technical Documentation
  • Blog
  • Partners
  • Contact
  • Support
  • Services
  • Training
  • Events
  • Company

December 2018 Patch Tuesday

December 14, 2018

  • Blog
  • Archive

Patch Tuesday

Microsoft has patched 32 vulnerabilities this month, which is relatively light compared to the 50+ that they normally patch. One “zero-day” vulnerability was also patched in this update that allowed for privilege escalation. With the exception of that “zero-day” in the kernel, the most notable vulnerabilities were in Microsoft’s web browsers.

Internet Explorer and Edge

Microsoft’s browsers received a number of fixes this month, with two notable ones allowing for remote code execution. Edge received a fix for CVE-2018-8624, and Explorer received a fix for CVE-2018-8631 to address the remote code execution bugs. Attackers exploiting these vulnerabilities would gain rights equal to that of the current user.

Kernel

This month’s previously mentioned zero-day vulnerability, CVE-2018-8611, was actively exploited in the wild prior to patching. Unprivileged users could gain control over vulnerable systems after logging in locally. This could be used in conjunction with a remote attack to grant the remote attacker greater privileges.

Office

Office products received six fixes for the holiday season. Attackers exploiting these vulnerabilities could gain access to sensitive information, execute code with privileges equal to that of the current user, and cause denial of service conditions. As usual, MS Office products typically do not require a high level of privilege in order to complete their tasks. Be sure to run them with the principle of least privilege (PoLP) in mind.

Windows DNS

Similar to a few months ago, Windows DNS was patched for a remote code execution vulnerability. An attacker would exploit this vulnerability by crafting and sending a malicious request to the DNS server. The server would then be compromised at the Local System Account level. Microsoft has rated the chances of exploiting this particular vulnerability as less likely.

Adobe Flash Player

Adobe brought their holiday patches as early gifts this month, releasing an out-of-band patch for two remote code execution vulnerabilities that were being actively exploited in the wild. Attackers exploiting these vulnerabilities would gain rights equal to that of the current user. Adobe Flash has two more years of life left in it, as Adobe has promised to stop updating and distributing Flash Player by the end of 2020. Until then, it is important to update Adobe Flash Player or uninstall it altogether.

BeyondTrust Research

Stay Up To Date

Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

You May Also Be Interested In:

Webcasts | February 09, 2021

Customer Webinar: Remote Support 21.1 Released!

Webcasts | February 24, 2021

Your PAM 2021 Blueprint: Securing Privileged Accounts for On-Premises and Cloud Assets

Whitepapers

Evolving Privileged Identity Management (PIM) In The 'Next Normal'

BeyondTrust Logo
  • Facebook
  • Twitter
  • LinkedIn

Keep up with BeyondTrust

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Customer Support
Contact Sales

Products

  • Endpoint Privilege Management
  • Password Management
  • Privileged Remote Access
  • DevOps Secrets Safe
  • Remote Support

Resources

  • Blog
  • Case Studies
  • Competitor Comparisons
  • Datasheets
  • Glossary
  • Videos
  • Webcasts
  • Whitepapers

About

  • Company
  • Careers
  • Contact
  • Events
  • Leadership Team
  • Partner Program
  • Press

Languages

  • English
  • German
  • French
  • Spanish
  • Korean
  • Portuguese
  • Japanese
  • Privacy
  • Security
  • Manage Cookies
  • WEEE Compliance

Copyright © 1999 — 2020 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.