What can we help you with?

Supercharged PAM

Combine the best of Session Management and Credential Management solutions at a new, incredible value!

Learn More Learn More
Chat with Sales Get Support

What is BeyondTrust?

Get a closer look inside the BeyondTrust identity & access security arsenal.

Learn More Learn More
Chat with Sales Get Support

Gartner Peer Insights

Find out how customers & analysts alike review BeyondTrust.

Learn More Learn More
Chat with Sales Get Support

Go Beyond Customer & Partner Conference

Our biggest customer conference of the year is happening in Miami and virtually on May 1-5, 2023.

Learn More Learn More
Chat with Sales Get Support

Watch Our Video

Find out more about our integrations.

Learn More Learn More
Chat with Sales Get Support

Leader in Intelligent Identity & Secure Access

Learn how BeyondTrust solutions protect companies from cyber threats.

Learn More Learn More
Chat with Sales Get Support
Chat with Sales Get Support

Patch Tuesday

Microsoft has patched 32 vulnerabilities this month, which is relatively light compared to the 50+ that they normally patch. One “zero-day” vulnerability was also patched in this update that allowed for privilege escalation. With the exception of that “zero-day” in the kernel, the most notable vulnerabilities were in Microsoft’s web browsers.

Internet Explorer and Edge

Microsoft’s browsers received a number of fixes this month, with two notable ones allowing for remote code execution. Edge received a fix for CVE-2018-8624, and Explorer received a fix for CVE-2018-8631 to address the remote code execution bugs. Attackers exploiting these vulnerabilities would gain rights equal to that of the current user.

Kernel

This month’s previously mentioned zero-day vulnerability, CVE-2018-8611, was actively exploited in the wild prior to patching. Unprivileged users could gain control over vulnerable systems after logging in locally. This could be used in conjunction with a remote attack to grant the remote attacker greater privileges.

Office

Office products received six fixes for the holiday season. Attackers exploiting these vulnerabilities could gain access to sensitive information, execute code with privileges equal to that of the current user, and cause denial of service conditions. As usual, MS Office products typically do not require a high level of privilege in order to complete their tasks. Be sure to run them with the principle of least privilege (PoLP) in mind.

Windows DNS

Similar to a few months ago, Windows DNS was patched for a remote code execution vulnerability. An attacker would exploit this vulnerability by crafting and sending a malicious request to the DNS server. The server would then be compromised at the Local System Account level. Microsoft has rated the chances of exploiting this particular vulnerability as less likely.

Adobe Flash Player

Adobe brought their holiday patches as early gifts this month, releasing an out-of-band patch for two remote code execution vulnerabilities that were being actively exploited in the wild. Attackers exploiting these vulnerabilities would gain rights equal to that of the current user. Adobe Flash has two more years of life left in it, as Adobe has promised to stop updating and distributing Flash Player by the end of 2020. Until then, it is important to update Adobe Flash Player or uninstall it altogether.

Author, BeyondTrust Research Team

Stay Up To Date

Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Up next

You May Also Be Interested In: