Microsoft released Security patch for 53 Vulnerabilities in July 2018. So if you are not running an updated system go an update as fast as possible. Users are strongly advised to apply security patches as soon as possible to keep hackers and cybercriminals away from taking control of their computers. These vulnerabilities are so deadly. It will create a bad impact on your system.
2) Internet Explorer (IE)
5) NET Framework
8) Visual Studio
9) Microfost Office
11)Adobe Flash Player
Total 53 Vulnerabilities out of which 17 are critical, 42 important, 1 Moderator, 1 low in Severity.
In July 2018, there is no critical vulnerability patched in Microsoft Windows operating system and surprisingly, none of the flaw patched by the tech giant this month is listed as publicly known or under active attack.
Flaws Patched In Microsoft Products
Memory corruption is one of the major issues in most of the vulnerabilities founded in Internet Explorer(IE), Edge Browser and Chakra scripting engine. If these successfully exploited, it could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system of the current user.
If the current user is logged on with administrative user rights, then an attacker can successfully exploit the whole of the system and the vulnerabilities could take control of an affected system.
What Attacker Can Do?
An attacker could then install programs view, changes, or delete data, creating a new account with full user rights because the compromised system is also an administrator rights system.
Critical flaws (CVE-2018-8327), reported by researchers at Casaba Security, also affects PowerShell Editor Services that could allow a remote attacker to execute malicious code on a vulnerable system.
List of all Critical Vulnerabilities Microsoft has patched
Scripting Engine Memory Corruption Vulnerability (CVE-2018-8242
Edge Memory Corruption Vulnerability (CVE-2018-8262)
Edge Memory Corruption Vulnerability (CVE-2018-8274)
Scripting Engine Memory Corruption Vulnerability (CVE-2018-8275)
Scripting Engine Memory Corruption Vulnerability (CVE-2018-8279)
Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8280)
Scripting Engine Memory Corruption Vulnerability (CVE-2018-8283)
Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8286)
Scripting Engine Memory Corruption Vulnerability (CVE-2018-8288)
Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8290)
Scripting Engine Memory Corruption Vulnerability (CVE-2018-8291)
Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8294)
Scripting Engine Memory Corruption Vulnerability (CVE-2018-8296)
Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8298)
Microsoft Edge Memory Corruption Vulnerability (CVE-2018-8301)
Microsoft Edge Information Disclosure Vulnerability (CVE-2018-8324)
PowerShell Editor Services Remote Code Execution Vulnerability (CVE-2018-8327)
Microsoft also categorized 43 important flaws as below:
Microsoft Edge—Remote code execution (RCE), Information disclosure, spoofing, and security feature bypass flaws
Microsoft Internet Explorer (IE)— RCE and security feature bypass flaws
MS Office (Powerpoint, Word, Excel, Access, Lync, Skype)—security feature bypass, RCE, and elevation of privilege flaws
Windows 10, 8.1, 7 and Server 2008, 2012, 2016—Denial of Service, security feature bypass, elevation of privilege flaws
Microsoft .NET Framework—Elevation of privilege and RCE flaws
Microsoft SharePoint—Elevation of Privilege, and RCE flaws
chakra core—RCE, and security feature bypass vulnerabilities
Microsoft Visual Studio—RCE flaw
Expression Blend 4—RCE flaw
ASP .NET—security feature bypass flaws
Mail, Calendar, and People in Windows 8.1 App Store—information disclosure flaw.
Microsoft also pushed the security patch in Adobe Products.
For installing security updates, simply head on to Settings → Update & security → Windows Update → Check for updates, or you can install the updates manually.
We are Khanna Security Solution Pvt. Ltd Company deals in the Cyber Security. So if are facing these kinds of issues or want to learn more about these kinds of threat fell free to Contact Us
For More Security Related Blogs Click Here