Microsoft has released a total of 68 patches, including 21 for critical leaks, during its monthly patched or patch tuesday . One is actively used in attacks, just like one less serious leak.
At the attacked vulnerability, also known as CVE-2018-8174 it is a leak in the VBScript Engine in various versions of Windows, including Windows 10. This allows a remote attacker to execute code with the rights of the logged in user. If it is an administrator, it is possible to take over the system, according to Microsoft. An attacker could exploit the vulnerability through a website or an Office document with malicious [VBScript code]
The second attacked leak, which did not get the designation ‘critical’ and that the attribute ] CVE-2018-8120 bears, let an attacker according to Microsoft obtain higher rights to a system, after which he can take over. However, this is only relevant for Windows 7 systems and different versions of Windows Server 2008. Many of the other critical vulnerabilities addressed by Microsoft are related to scripting engines in Microsoft’s browsers. Several overviews can be found, for example from Talos or Trend Micro .
Among the vulnerabilities included is also CVE-2018-8897 which is discoverers in a technical analysis has been described. A Cert-warning states that the leak has to do with ‘the interpretation by developers of existing documentation of certain interrupt- or exception instructions of the Intel-architecture’. An attacker could use the leak to read sensitive data in the memory, according to the warning. Not only Microsoft would have been hit by the leak, but also Apple and various Linux distributions.
There are already several patches available, including for MacOS and the Linux kernel, The Register notes . The site writes that it appears that the leak was not caused by an error by Intel, but that it would be due to kernel developers. Intel has published an updated version of its manual for developers with clarifications.