This calendar month Windows users in addition to organization administrators remove to instantly accept tending of a amount of 63 safety vulnerabilities, of which 12 are rated critical, 49 of import in addition to 1 moderate in addition to 1 depression inwards severity.
Two of the vulnerabilities patched past times the tech giant this calendar month are listed equally publicly known at the fourth dimension of release, in addition to 1 flaw is reported equally existence actively exploited inwards the wild past times multiple cybercriminal groups.
Zero-Day Vulnerability Being Exploited past times Cyber Criminals
The zero-day vulnerability, tracked equally CVE-2018-8589, which is existence exploited inwards the wild past times multiple advanced persistent threat groups was get-go spotted in addition to reported past times safety researchers from Kaspersky Labs.
The flaw resides inwards the Win32k ingredient (win32k.sys), which if exploited successfully, could let a malicious programme to execute arbitrary code inwards heart vogue in addition to get upwards its privileges on an affected Windows 7, Server 2008 or Server 2008 R2 to accept command of it.
"The exploit was executed past times the get-go phase of a malware installer inwards gild to arrive at the necessary privileges for persistence on the victim's system. So far, nosotros cause got detected a real express number of attacks using this vulnerability," Kaspersky said.
Two Publicly Disclosed Zero-Day Vulnerabilities
The other ii publicly known zero-day vulnerabilities which were non listed equally nether active assault reside inwards Windows Advanced Local Procedure Call (ALPC) service in addition to Microsoft's BitLocker Security Feature.
The flaw related to ALPC, tracked equally CVE-2018-8584, is a privilege escalation vulnerability that could hold upwards exploited past times running a peculiarly crafted application to execute arbitrary code inwards the safety context of the local organization in addition to accept command over an affected system.
Advanced local physical care for telephone telephone (ALPC) facilitates high-speed in addition to secure information transfer betwixt 1 or to a greater extent than processes inwards the user mode.
The minute publicly disclosed vulnerability, tracked equally CVE-2018-8566, exists when Windows improperly suspends BitLocker Device Encryption, which could let an assaulter amongst physical access to a powered-off organization to bypass safety in addition to arrive at access to encrypted data.
BitLocker was inwards headlines before this calendar month for a split upwards effect that could expose Windows users encrypted data due to its default encryption preference in addition to bad encryption on self-encrypting SSDs.
Microsoft did non fully address this issue; instead, the society only provided a conduct on how to manually modify BitLocker default encryption choice.
Nov 2018 Patch Tuesday: Critical in addition to Important Flaws
Out of 12 critical, 8 are retention corruption vulnerabilities inwards the Chakra scripting engine that resides due to the agency the scripting engine handles objects inwards retention inwards the Microsoft Edge meshwork browser.
All the 8 vulnerabilities could hold upwards exploited to corrupt memory, allowing an assaulter to execute code inwards the context of the electrical flow user. To exploit these bugs, all an assaulter needs to produce is tricking victims into opening a peculiarly crafted website on Microsoft Edge.
Rest iii vulnerabilities are remote code execution bugs inwards the Windows Deployment Services TFTP server, Microsoft Graphics Components, in addition to the VBScript engine. All these flaws reside due to the agency the affected software handles objects inwards memory.
The terminal critical vulnerability is equally good a remote code execution flaw that lies inwards Microsoft Dynamics 365 (on-premises) version 8. The flaw exists when the server fails to properly sanitize spider web requests to an affected Dynamics server.
If exploited successfully, the vulnerability could let an authenticated assaulter to run arbitrary code inwards the context of the SQL service concern human relationship past times sending a peculiarly crafted asking to a vulnerable Dynamics server.
| Windows Deployment Services TFTP Server Remote Code Execution Vulnerability | CVE-2018-8476 | Critical |
| Microsoft Graphics Components Remote Code Execution Vulnerability | CVE-2018-8553 | Critical |
| Chakra Scripting Engine Memory Corruption Vulnerability | CVE-2018-8588 | Critical |
| Chakra Scripting Engine Memory Corruption Vulnerability | CVE-2018-8541 | Critical |
| Chakra Scripting Engine Memory Corruption Vulnerability | CVE-2018-8542 | Critical |
| Chakra Scripting Engine Memory Corruption Vulnerability | CVE-2018-8543 | Critical |
| Windows VBScript Engine Remote Code Execution Vulnerability | CVE-2018-8544 | Critical |
| Chakra Scripting Engine Memory Corruption Vulnerability | CVE-2018-8555 | Critical |
| Chakra Scripting Engine Memory Corruption Vulnerability | CVE-2018-8556 | Critical |
| Chakra Scripting Engine Memory Corruption Vulnerability | CVE-2018-8557 | Critical |
| Chakra Scripting Engine Memory Corruption Vulnerability | CVE-2018-8551 | Critical |
| Microsoft Dynamics 365 (on-premises) version 8 Remote Code Execution Vulnerability | CVE-2018-8609 | Critical |
| Azure App Service Cross-site Scripting Vulnerability | CVE-2018-8600 | Important |
| Windows Win32k Elevation of Privilege Vulnerability | CVE-2018-8589 | Important |
| BitLocker Security Feature Bypass Vulnerability | CVE-2018-8566 | Important |
| Windows ALPC Elevation of Privilege Vulnerability | CVE-2018-8584 | Important |
| Team Foundation Server Cross-site Scripting Vulnerability | CVE-2018-8602 | Important |
| Microsoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability | CVE-2018-8605 | Important |
| Microsoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability | CVE-2018-8606 | Important |
| Microsoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability | CVE-2018-8607 | Important |
| Microsoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability | CVE-2018-8608 | Important |
| Microsoft RemoteFX Virtual GPU miniport driver Elevation of Privilege Vulnerability | CVE-2018-8471 | Important |
| DirectX Elevation of Privilege Vulnerability | CVE-2018-8485 | Important |
| DirectX Elevation of Privilege Vulnerability | CVE-2018-8554 | Important |
| DirectX Elevation of Privilege Vulnerability | CVE-2018-8561 | Important |
| Win32k Elevation of Privilege Vulnerability | CVE-2018-8562 | Important |
| Microsoft SharePoint Elevation of Privilege Vulnerability | CVE-2018-8572 | Important |
| Microsoft Exchange Server Elevation of Privilege Vulnerability | CVE-2018-8581 | Important |
| Windows COM Elevation of Privilege Vulnerability | CVE-2018-8550 | Important |
| Windows VBScript Engine Remote Code Execution Vulnerability | CVE-2018-8552 | Important |
| Microsoft SharePoint Elevation of Privilege Vulnerability | CVE-2018-8568 | Important |
| Windows Elevation Of Privilege Vulnerability | CVE-2018-8592 | Important |
| Microsoft Edge Elevation of Privilege Vulnerability | CVE-2018-8567 | Important |
| DirectX Information Disclosure Vulnerability | CVE-2018-8563 | Important |
| MSRPC Information Disclosure Vulnerability | CVE-2018-8407 | Important |
| Windows Audio Service Information Disclosure Vulnerability | CVE-2018-8454 | Important |
| Win32k Information Disclosure Vulnerability | CVE-2018-8565 | Important |
| Microsoft Outlook Information Disclosure Vulnerability | CVE-2018-8558 | Important |
| Windows Kernel Information Disclosure Vulnerability | CVE-2018-8408 | Important |
| Microsoft Edge Information Disclosure Vulnerability | CVE-2018-8545 | Important |
| Microsoft SharePoint Information Disclosure Vulnerability | CVE-2018-8578 | Important |
| Microsoft Outlook Information Disclosure Vulnerability | CVE-2018-8579 | Important |
| PowerShell Remote Code Execution Vulnerability | CVE-2018-8256 | Important |
| Microsoft Outlook Remote Code Execution Vulnerability | CVE-2018-8522 | Important |
| Microsoft Outlook Remote Code Execution Vulnerability | CVE-2018-8576 | Important |
| Microsoft Outlook Remote Code Execution Vulnerability | CVE-2018-8524 | Important |
| Microsoft Word Remote Code Execution Vulnerability | CVE-2018-8539 | Important |
| Microsoft Word Remote Code Execution Vulnerability | CVE-2018-8573 | Important |
| Microsoft Excel Remote Code Execution Vulnerability | CVE-2018-8574 | Important |
| Microsoft Project Remote Code Execution Vulnerability | CVE-2018-8575 | Important |
| Microsoft Outlook Remote Code Execution Vulnerability | CVE-2018-8582 | Important |
| Windows Search Remote Code Execution Vulnerability | CVE-2018-8450 | Important |
| Microsoft Excel Remote Code Execution Vulnerability | CVE-2018-8577 | Important |
| Internet Explorer Memory Corruption Vulnerability | CVE-2018-8570 | Important |
| Microsoft JScript Security Feature Bypass Vulnerability | CVE-2018-8417 | Important |
| Windows Security Feature Bypass Vulnerability | CVE-2018-8549 | Important |
| Microsoft Edge Spoofing Vulnerability | CVE-2018-8564 | Important |
| Active Directory Federation Services XSS Vulnerability | CVE-2018-8547 | Important |
| Team Foundation Server Remote Code Execution Vulnerability | CVE-2018-8529 | Important |
| Yammer Desktop Application Remote Code Execution Vulnerability | CVE-2018-8569 | Important |
| Microsoft Powershell Tampering Vulnerability | CVE-2018-8415 | Important |
| .NET Core Tampering Vulnerability | CVE-2018-8416 | Moderate |
| Microsoft Skype for Business Denial of Service Vulnerability | CVE-2018-8546 | Low |
Users in addition to organization administrators are strongly advised to apply the higher upwards safety patches equally presently equally possible inwards gild to proceed hackers in addition to cyber criminals away from taking command of their systems.
For installing safety piece updates, caput on to Settings → Update & safety → Windows Update → Check for updates, or yous tin install the updates manually.
