Sunday, September 8, 2024
HomeComputer SecurityMicrosoft Released Security Updates with the Patch for Recent Windows Zero-day Flow

Microsoft Released Security Updates with the Patch for Recent Windows Zero-day Flow

Published on

Microsoft released security updates under this month patch Tuesday release for various Microsoft products along with the recently discovered Windows  Zero-day vulnerability.

Microsoft fixed almost 62 vulnerabilities that affected its product including   ASP.NET,  Microsoft Edge, Microsoft Office,  Microsoft.Data.OData, Adobe Flash Player,  .NET Framework, Microsoft Office, Skype for Business and Microsoft Lync, Visual Studio, PowerShell Editor Services.

This Patch release fixed all the security fixes for vulnerabilities that affect Windows 10 including the Windows Task Scheduler Zero day flaw.

- Advertisement - EHA

Out of the 62 Microsoft security updates CVEs, 17 are listed as Critical, 43 are rated Important, and one is rated as Moderate in severity.

In this case, Four of these bugs are listed as publicly known at the time of release and one of these is reported as being actively exploited which is reveal by the security researchers in Twitter.

Browser bugs again feature prominently in this month’s release with 19 patches for browser-related issues and 14 Information disclosure bugs being addressed across various components.

Microsoft Released Security Updates List

CVETitleSeverity
CVE-2018-8440Windows ALPC Elevation of Privilege VulnerabilityImportant
CVE-2018-8475Windows Remote Code Execution VulnerabilityCritical
CVE-2018-8457Scripting Engine Memory Corruption VulnerabilityCritical
CVE-2018-8409ASP.NET Core Denial of ServiceImportant
CVE-2018-0965Windows Hyper-V Remote Code Execution VulnerabilityCritical
CVE-2018-8367Chakra Scripting Engine Memory Corruption VulnerabilityCritical
CVE-2018-8420MS XML Remote Code Execution VulnerabilityCritical
CVE-2018-8461Internet Explorer Memory Corruption VulnerabilityCritical
CVE-2018-8332Win32k Graphics Remote Code Execution VulnerabilityCritical
CVE-2018-8391Scripting Engine Memory Corruption VulnerabilityCritical
CVE-2018-8421.NET Framework Remote Code Execution VulnerabilityCritical
CVE-2018-8439Windows Hyper-V Remote Code Execution VulnerabilityCritical
CVE-2018-8447Internet Explorer Memory Corruption VulnerabilityCritical
CVE-2018-8456Scripting Engine Memory Corruption VulnerabilityCritical
CVE-2018-8459Scripting Engine Memory Corruption VulnerabilityCritical
CVE-2018-8464Microsoft Edge PDF Remote Code Execution VulnerabilityCritical
CVE-2018-8465Chakra Scripting Engine Memory Corruption VulnerabilityCritical
CVE-2018-8466Chakra Scripting Engine Memory Corruption VulnerabilityCritical
CVE-2018-8467Chakra Scripting Engine Memory Corruption VulnerabilityCritical
CVE-2018-8479Azure IoT SDK Spoofing VulnerabilityImportant
CVE-2018-8269Odata Denial of Service VulnerabilityImportant
CVE-2018-8335Windows SMB Denial of Service VulnerabilityImportant
CVE-2018-8436Windows Hyper-V Denial of Service VulnerabilityImportant
CVE-2018-8437Windows Hyper-V Denial of Service VulnerabilityImportant
CVE-2018-8438Windows Denial of Service VulnerabilityImportant
CVE-2018-8410Windows Registry Elevation of Privilege VulnerabilityImportant
CVE-2018-8462DirectX Graphics Kernel Elevation of Privilege VulnerabilityImportant
CVE-2018-8428Microsoft SharePoint Elevation of Privilege VulnerabilityImportant
CVE-2018-8431Microsoft SharePoint Elevation of Privilege VulnerabilityImportant
CVE-2018-8441Windows Subsystem for Linux Elevation of Privilege VulnerabilityImportant
CVE-2018-8455Windows Kernel Elevation of Privilege VulnerabilityImportant
CVE-2018-8463Microsoft Edge Elevation of Privilege VulnerabilityImportant
CVE-2018-8468Windows Elevation of Privilege VulnerabilityImportant
CVE-2018-8469Microsoft Edge Elevation of Privilege VulnerabilityImportant
CVE-2018-8271Windows Information Disclosure VulnerabilityImportant
CVE-2018-8315Microsoft Scripting Engine Information Disclosure VulnerabilityImportant
CVE-2018-8336Windows Kernel Information Disclosure VulnerabilityImportant
CVE-2018-8419Windows Kernel Information Disclosure VulnerabilityImportant
CVE-2018-8424Windows GDI Information Disclosure VulnerabilityImportant
CVE-2018-8433Microsoft Graphics Component Information Disclosure VulnerabilityImportant
CVE-2018-8429Microsoft Excel Information Disclosure VulnerabilityImportant
CVE-2018-8434Windows Hyper-V Information Disclosure VulnerabilityImportant
CVE-2018-8442Windows Kernel Information Disclosure VulnerabilityImportant
CVE-2018-8443Windows Kernel Information Disclosure VulnerabilityImportant
CVE-2018-8444Windows SMB Information Disclosure VulnerabilityImportant
CVE-2018-8445Windows Kernel Information Disclosure VulnerabilityImportant
CVE-2018-8446Windows Kernel Information Disclosure VulnerabilityImportant
CVE-2018-8452Scripting Engine Information Disclosure VulnerabilityImportant
CVE-2018-8354Scripting Engine Memory Corruption VulnerabilityImportant
CVE-2018-8366Microsoft Edge Information Disclosure VulnerabilityImportant
CVE-2018-8392Microsoft JET Database Engine Remote Code Execution VulnerabilityImportant
CVE-2018-8393Microsoft JET Database Engine Remote Code Execution VulnerabilityImportant
CVE-2018-8430Word PDF Remote Code Execution VulnerabilityImportant
CVE-2018-8331Microsoft Excel Remote Code Execution VulnerabilityImportant
CVE-2018-8337Windows Subsystem for Linux Security Feature Bypass VulnerabilityImportant
CVE-2018-8435Windows Hyper-V Security Feature Bypass VulnerabilityImportant
CVE-2018-8449Device Guard Security Feature Bypass VulnerabilityImportant
CVE-2018-8470Internet Explorer Security Feature Bypass VulnerabilityImportant
CVE-2018-8425Microsoft Edge Spoofing VulnerabilityImportant
CVE-2018-8426Microsoft Office SharePoint XSS VulnerabilityImportant
CVE-2018-8474Lync for Mac 2011 Security Feature Bypass VulnerabilityModerate

Also Read:

Debian Released Security Updates for July and Fixed Multiple Package Vulnerabilities

Apple Released Security Updates for iOS, macOS, Safari, iTunes – iOS 11.4.1 Released

Google Released Security Updates for More than 40 Android Security vulnerabilities

WordPress Update 4.9.7 – Critical Security Update to Resolve Bugs and Security Issues

VMware Released Security Updates for Critical Remote Code Execution Vulnerability

Microsoft Released Critical Security Updates with Patch for 50 Critical Vulnerabilities

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

BBTok Abuses Legitimate Windows Utility Command Tool to Stay Undetected

Cybercriminals in Latin America have increased their use of phishing scams targeting business transactions...

Predator Spyware Exploiting “one-click” & “zero-click” Flaws

Recent research indicates that the Predator spyware, once thought to be inactive due to...

Tropic Trooper Attacks Government Organizations to Steal Sensitive Data

Tropic Trooper (aka KeyBoy, Pirate Panda, and APT23) is a sophisticated cyberespionage APT group,...

NoiseAttack is a Novel Backdoor That Uses Power Spectral Density For Evasion

NoiseAttack is a new method of secretly attacking deep learning models. It uses triggers...

Free Webinar

Decoding Compliance | What CISOs Need to Know

Non-compliance can result in substantial financial penalties, with average fines reaching up to $4.5 million for GDPR breaches alone.

Join us for an insightful panel discussion with Chandan Pani, CISO - LTIMindtree and Ashish Tandon, Founder & CEO – Indusface, as we explore the multifaceted role of compliance in securing modern enterprises.

Discussion points

The Role of Compliance
The Alphabet Soup of Compliance
Compliance
SaaS and Compliance
Indusface's Approach to Compliance

More like this

PoC Exploit Released For 0-Day Windows Kernel Privilege Escalation Vulnerability

Microsoft released several patches for multiple vulnerabilities during the Patch Tuesday for August 2024....

Google Patches Actively Exploited Android 0-day Privilege Escalation Vulnerability

Google has released a patch addressing a critical zero-day vulnerability that has been actively...

North Korean Hackers Actively Exploiting Chromium RCE Zero-Day In The Wild

Microsoft has identified a North Korean threat actor, Citrine Sleet, exploiting a zero-day vulnerability...