Welcome back to this month’s Patch Tuesday. Microsoft has patched 62 vulnerabilities this month, including two that had details disclosed prior to patching, and one “zero-day” vulnerability in Windows that was actively being exploited. The bulk of the vulnerabilities focus on web browsers.
Internet Explorer and Edge
Microsoft’s browsers received a host of fixes this month. Eight vulnerabilities in the Chakra Scripting Engine were patched for Internet Explorer and Edge. Attackers may be able to execute arbitrary code by luring a victim to a website hosting maliciously crafted content. Attackers would gain the same user rights as the current user.
Kernel
Like last month, a vulnerability in the Windows Kernel was patched that was actively being exploited. The attacker would have to have been logged into the system, but it would allow them to elevate their privileges to system level. Attackers leveraged this vulnerability against Windows 7 and Server 2008 targets in the wild.
Office
As usual, MS Office was host to many vulnerabilities that were patched this month. Over 20 vulnerabilities were addressed in this month’s patches. Attackers exploiting these vulnerabilities could gain access to sensitive information, execute code with privileges equal to that of the current user, and cause denial of service conditions.
Adobe Flash Player
Adobe Flash Player was patched for an Out-of-Bounds read vulnerability that could allow for remote code execution. As usual, Microsoft has bundled the patch with their update service due to the frequency of discovery of Adobe Flash player vulnerabilities.
Bitlocker
A previously disclosed vulnerability in Windows Bitlocker encryption technology was patched this month. Attackers exploiting the vulnerability would have been able to bypass the encryption features to access protected data. Specifically, SSDs that were encrypted using BitLocker were suspended in a state that, if found powered off, would be readable without decryption.
Research Team, BeyondTrust
Identity security threats are escalating at an alarming rate. Driven by the rapid evolution of technology, the increasing sophistication of malicious actors, and an ever-expanding attack surface, it is more important than ever that organizations adopt robust identity security measures that are capable of keeping pace ever-evolving attacks.
The BeyondTrust research and detection engineering teams believe the best way to fully understand cybersecurity threats is to work closely with our customers and partners, conducting real world research into the attacks that matter most to them. By dissecting emerging attack methods and exploitation techniques of threat actors as well as conducting novel research the teams mission is to help organizations defend against identity threats.