Security News > 2018 > October > October 2018 Patch Tuesday: Microsoft fixes 49 flaws, one APT-wielded zero-day
2018-10-10 09:24
With the October 2018 Patch Tuesday release Microsoft has fixed 49 vulnerabilities, 12 of which are rated “critical.” Previously known flaws and an actively exploited zero-day The only zero-day in this batch is CVE-2018-8453, an elevation of privilege vulnerability affecting Windows. Attackers must first gain access to the system, but then this vulnerability allows them to run arbitrary code in kernel mode and, ultimately, to install programs; view, change, or delete data; or create new … More → The post October 2018 Patch Tuesday: Microsoft fixes 49 flaws, one APT-wielded zero-day appeared first on Help Net Security.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/62IbvPgu8GU/
Related news
- Microsoft March 2024 Patch Tuesday fixes 60 flaws, 18 RCE bugs (source)
- March 2024 Patch Tuesday: Microsoft fixes critical bugs in Windows Hyper-V (source)
- April 2024 Patch Tuesday forecast: New and old from Microsoft (source)
- Microsoft April 2024 Patch Tuesday fixes 150 security flaws, 67 RCEs (source)
- Microsoft Fixes 149 Flaws in Huge April Patch Release, Zero-Days Included (source)
- Week in review: Attackers use phishing emails to steal NTLM hashes, Patch Tuesday forecast (source)
- Microsoft waited 6 months to patch actively exploited admin-to-kernel vulnerability (source)
- March Patch Tuesday sees Hyper-V join the guest-host escape club (source)
- DarkGate Malware Exploited Recently Patched Microsoft Flaw in Zero-Day Attack (source)
- Patch actively exploited Microsoft SharePoint bug, CISA orders federal agencies (CVE-2023-24955) (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-10 | CVE-2018-8453 | Improper Resource Shutdown or Release vulnerability in Microsoft products An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. | 7.2 |