Security News > 2018 > August > August 2018 Patch Tuesday: Microsoft fixes two actively exploited zero-days

In the August 2018 Patch Tuesday, Microsoft has plugged over 60 vulnerabilities, two of which are being actively exploited in the wild. In addition to those, the company has also released a critical update advisory that addresses vulnerabilities found and patched in Adobe Flash. Exploited zero-days The two patched zero-days are: CVE-2018-8414 – A vulnerability in Windows Shell that can be triggered by a user opening a specially crafted file and could allow the attacker … More → The post August 2018 Patch Tuesday: Microsoft fixes two actively exploited zero-days appeared first on Help Net Security.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/KJISm-XN1FQ/
Related news
- Microsoft February 2025 Patch Tuesday fixes 4 zero-days, 55 flaws (source)
- Patch Tuesday: Microsoft Patches Two Actively Exploited Zero-Day Flaws (source)
- Microsoft March 2025 Patch Tuesday fixes 7 zero-days, 57 flaws (source)
- Patch Tuesday: Microsoft Fixes 57 Security Flaws – Including Active Zero-Days (source)
- February's Patch Tuesday sees Microsoft offer just 63 fixes (source)
- Microsoft’s Patch Tuesday Fixes 63 Flaws, Including Two Under Active Exploitation (source)
- Choose your own Patch Tuesday adventure: Start with six zero day fixes, or six critical flaws (source)
- April 2025 Patch Tuesday forecast: More AI security introduced by Microsoft (source)
- February 2025 Patch Tuesday forecast: New directions for AI development (source)
- Microsoft fixes two actively exploited zero-days (CVE-2025-21418, CVE-2025-21391) (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-08-15 | CVE-2018-8414 | Improper Input Validation vulnerability in Microsoft products A remote code execution vulnerability exists when the Windows Shell does not properly validate file paths, aka "Windows Shell Remote Code Execution Vulnerability." This affects Windows 10 Servers, Windows 10. | 8.8 |