Security News > 2018 > November > November 2018 Patch Tuesday: Microsoft fixes 63 flaws, one actively exploited zero-day
As part of the November 2018 Patch Tuesday, Microsoft has released 62 security patches and several advisories. There are 12 critical vulnerabilities among those patched this month, but CVE-2018-8589, a Windows Win32k elevation of privilege flaw that’s being actively exploited by attackers, is not one of them. The attacks exploiting the flaw were flagged by Kaspersky Lab. “The exploit was executed by the first stage of a malware installer in order to gain the necessary … More → The post November 2018 Patch Tuesday: Microsoft fixes 63 flaws, one actively exploited zero-day appeared first on Help Net Security.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/1A0wiNsRoAs/
Related news
- Microsoft August 2024 Patch Tuesday fixes 9 zero-days, 6 exploited (source)
- Microsoft September 2024 Patch Tuesday fixes 4 zero-days, 79 flaws (source)
- Patch Tuesday for September 2024: Microsoft Catches Four Zero-Day Vulnerabilities (source)
- Microsoft confirms IE bug squashed in Patch Tuesday was exploited zero-day (source)
- Microsoft discloses Office zero-day, still working on a patch (source)
- August 2024 Patch Tuesday forecast: Looking for a calm August release (source)
- Week in review: Tips for starting your cybersecurity career, Patch Tuesday forecast (source)
- Microsoft fixes 6 zero-days under active attack (source)
- Microsoft Issues Patches for 90 Flaws, Including 10 Critical Zero-Days (source)
- Microsoft Patched 6 Actively Exploited Zero-Day Flaws (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-11-14 | CVE-2018-8589 | Unspecified vulnerability in Microsoft Windows 7 and Windows Server 2008 An elevation of privilege vulnerability exists when Windows improperly handles calls to Win32k.sys, aka "Windows Win32k Elevation of Privilege Vulnerability." This affects Windows Server 2008, Windows 7, Windows Server 2008 R2. | 7.2 |