Security News > 2018 > August > August 2018 Patch Tuesday: Microsoft fixes two actively exploited zero-days
In the August 2018 Patch Tuesday, Microsoft has plugged over 60 vulnerabilities, two of which are being actively exploited in the wild. In addition to those, the company has also released a critical update advisory that addresses vulnerabilities found and patched in Adobe Flash. Exploited zero-days The two patched zero-days are: CVE-2018-8414 – A vulnerability in Windows Shell that can be triggered by a user opening a specially crafted file and could allow the attacker … More → The post August 2018 Patch Tuesday: Microsoft fixes two actively exploited zero-days appeared first on Help Net Security.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/KJISm-XN1FQ/
Related news
- Microsoft August 2024 Patch Tuesday fixes 9 zero-days, 6 exploited (source)
- Microsoft September 2024 Patch Tuesday fixes 4 zero-days, 79 flaws (source)
- Patch Tuesday for September 2024: Microsoft Catches Four Zero-Day Vulnerabilities (source)
- Microsoft confirms IE bug squashed in Patch Tuesday was exploited zero-day (source)
- Microsoft discloses Office zero-day, still working on a patch (source)
- August 2024 Patch Tuesday forecast: Looking for a calm August release (source)
- Week in review: Tips for starting your cybersecurity career, Patch Tuesday forecast (source)
- Microsoft fixes 6 zero-days under active attack (source)
- Microsoft Issues Patches for 90 Flaws, Including 10 Critical Zero-Days (source)
- Microsoft Patched 6 Actively Exploited Zero-Day Flaws (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-08-15 | CVE-2018-8414 | Improper Input Validation vulnerability in Microsoft Windows 10 and Windows Server A remote code execution vulnerability exists when the Windows Shell does not properly validate file paths, aka "Windows Shell Remote Code Execution Vulnerability." This affects Windows 10 Servers, Windows 10. | 9.3 |