Security News > 2018 > November > November 2018 Patch Tuesday: Microsoft fixes 63 flaws, one actively exploited zero-day
2018-11-14 15:34
As part of the November 2018 Patch Tuesday, Microsoft has released 62 security patches and several advisories. There are 12 critical vulnerabilities among those patched this month, but CVE-2018-8589, a Windows Win32k elevation of privilege flaw that’s being actively exploited by attackers, is not one of them. The attacks exploiting the flaw were flagged by Kaspersky Lab. “The exploit was executed by the first stage of a malware installer in order to gain the necessary … More → The post November 2018 Patch Tuesday: Microsoft fixes 63 flaws, one actively exploited zero-day appeared first on Help Net Security.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/1A0wiNsRoAs/
Related news
- Microsoft January 2025 Patch Tuesday fixes 8 zero-days, 159 flaws (source)
- What Is Patch Tuesday? Microsoft’s Monthly Update Explained (source)
- Week in review: Exploited Ivanti Connect Secure zero-day, Patch Tuesday forecast (source)
- January 2025 Patch Tuesday forecast: Changes coming in cybersecurity guidance (source)
- Microsoft fixes actively exploited Windows Hyper-V zero-day flaws (source)
- 3 Actively Exploited Zero-Day Flaws Patched in Microsoft's Latest Security Update (source)
- Patch Tuesday: January 2025 Security Update Patches Exploited Elevation of Privilege Attacks (source)
- Windows Patch Tuesday hits snag with Citrix software, workarounds published (source)
- Patch procrastination leaves 50,000 Fortinet firewalls vulnerable to zero-day (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-11-14 | CVE-2018-8589 | Unspecified vulnerability in Microsoft Windows 7 and Windows Server 2008 An elevation of privilege vulnerability exists when Windows improperly handles calls to Win32k.sys, aka "Windows Win32k Elevation of Privilege Vulnerability." This affects Windows Server 2008, Windows 7, Windows Server 2008 R2. | 7.8 |