Call us today on: +44 (0)203 88 020 88
SecureTeamSecureTeamSecureTeamSecureTeam
  • Home
  • Our Services
    • Infrastructure Testing
      • Internal Network Penetration Test
      • External Network Penetration Test
      • Vulnerability Assessment
    • Web Application Penetration Test
    • Configuration Review
      • Windows Build Review
    • Information Assurance
      • ISO 27001 Gap Analysis
    • Cyber Essentials Certification
  • News
  • Articles
  • About
    • About SecureTeam
    • Cookie Policy
    • Privacy Notice
    • Website Terms & Conditions
    • White-Label Consultancy
    • Jobs
  • Contact Us

News

Home  >  News  >  Vulnerabilities  >  Death by PowerPoint and other vulnerabilities
NextPrevious
microsoft patch tuesday december

Death by PowerPoint and other vulnerabilities

News, Vulnerabilities | 20 December, 2018 | 0

Microsoft’s December 2018 patch Tuesday release includes fixes for several critical vulnerabilities including one in PowerPoint which affects all versions since PowerPoint 2010.

The PowerPoint bug (CVE-2018-8628) would allow an attacker to create a specially-crafted file, which when opened by PowerPoint, would enable the attacker to run arbitrary code as the logged-in user.   According to Microsoft:

“If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.”

With the Christmas season’s imminent arrival, many organisations see an increase in fun and light-hearted end of year emails.  This may make it more likely that staff could be tricked into opening an attachment in an email containing a malicious PowerPoint file and so fall victim to an attack. This is further complicated for those organisations that operate a change freeze during the Christmas peak processing season and so are forced to delay the installation of some patches.

Christmas Email Safety Reminder

Now would be an apposite time to remind your staff and users to take care before opening unexpected email attachments by asking themselves the following questions:

  • Does the FROM email address domain match the usual address this sender uses?
  • Does the CONTENT feel right – does the grammar and tone match the usual communications from this person?
  • Am I EXPECTING this email and the attachment from the sender?
  • Is the sender someone I TRUST and do they usually send me this kind of email?
  • Is the email free from any promise of something EMBARRASSING, titillating or an implied THREAT if not opened?

If you cannot answer YES to these questions, do not open the attachment until you have spoken to the sender by phone to confirm the email is valid and safe.

December Patch Tuesday

Other notable vulnerabilities patched in the December Microsoft patch Tuesday update include:

CVE-2018-8611– This zero day flaw in the Windows Kernel is already being exploited and allows an attacker to escalate their privilege on a host system running Windows 7 through 10 or Windows Server. This means any logged in user could use a specially crafted application to gain administrator privileges on the host system.

A remote code execution vulnerability in Internet Explorer (CVE-2018-8631) and Microsoft Edge (CVE-2018-8624) could allow an attacker to gain access to the users system with the same access rights as the logged in user simply by getting the user to visit a malicious or compromised web site.  The vulnerability allows arbitrary code to be executed on the users Windows computer.

Security breaches typically happen when several vulnerabilities are exploited, forming stepping stones which transport the attacker from the internet to your valuable internal systems.  What initially appear to be trivial vulnerabilities can be used to leverage more dangerous actions by an attacker.

For example, using just the vulnerabilities described above an attacker could trick a member of staff in your organisation to visit a malicious website through social engineering or a fraudulent spam email.  Then exploiting the Internet Explorer vulnerability described above, the attacker is able to execute code on the users workstation.  You may think this is a trivial risk as none of your users have administrator privileges and so are not able to change their system settings or install applications. However, the arbitrary code that is executed exploits the Windows Kernel vulnerability described above and now the attacker is able to use the host system with administrator privileges and leverage this to attack other devices on your network.

All of the updates mentioned in this article are fixing problems with how the code in question handles objects stored in memory and the vulnerabilities could corrupt the memory in such a way that an attacker could execute arbitrary code.

For more information on the patches included in the Microsoft December update, see the release notes: https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/6c54acc6-2ed2-e811-a980-000d3a33a34d

Subscribe to our monthly cybersecurity newsletter
Stay up-to-date with the very latest cybersecurity news & technical articles delivered straight to your inbox
We hate spam as much as you do. We will never give your email address out to any third-party.
cyber security news, microsoft, vulnerability management, web browsers

Related Post

  • Cisco patches critical switch flaws

    By Mark Faithfull

    Several critical switch vulnerabilities that could allow an attacker to break network segmentation have been patched by Cisco. Dubbed CDPwn by the researchers at Armis who discovered the flaws, the vulnerabilities exists in a LevelRead more

  • Ragnarok ransomware exploits Citrix vulnerability

    By Mark Faithfull

    Ragnarok ransomware is leveraging unpatched Citrix ADC servers and Windows computers to attack its victims. Citrix have now released a patch for CVE-2019-19781 and made it available to all clients – regardless of the status ofRead more

  • Internet Explorer zero-day RCE attack

    By Mark Faithfull

    Microsoft has released details of a zero-day remote code execution vulnerability which is being actively exploited to attack Windows computers. It affects all versions of Internet Explorer running on Windows 7, 8.1 and 10. TheRead more

  • What is Cable Haunt?

    By Mark Faithfull

    Cable Haunt is a vulnerability in millions of cable modems which allows an attacker to execute arbitrary code on the modem. This vulnerability is interesting for two reasons – firstly the scale due to theRead more

  • Final Windows 7 Patches and critical security bug fixed

    By Mark Faithfull

    The last ever Windows 7 Patch Tuesday update also includes a fix to a long standing bug in the Windows cryptographic library (CryptoAPI) which could allow attackers to spoof digital certificates and conduct man-in-the-middle attacks.Read more

NextPrevious

Recent Posts

  • SUDO bug allows privilege escalation
  • Hue smart bulb RCE vulnerability patched
  • Cisco patches critical switch flaws
  • Ragnarok ransomware exploits Citrix vulnerability
  • Infrastructure Patching Problems

Tags

blockchain Bluetooth Chrome Cisco credential stuffing CREST cyber crime cyber essentials cyber security cyber security news Data Protection DNS Ethereum Exchange Server exim fileless formjacking GDPR Intel IoT Linux MacOS Meltdown microsoft OAuth patching PDF penetration testing phishing ransomware RDP Row Hammer security breach security testing SIEM Spectre supply chain attacks Sysinternals TPM UK Law VNC vulnerability management web applications web browsers wireless

Archives

  • February 2020
  • January 2020
  • December 2019
  • November 2019
  • October 2019
  • September 2019
  • August 2019
  • July 2019
  • June 2019
  • May 2019
  • April 2019
  • March 2019
  • February 2019
  • January 2019
  • December 2018
  • November 2018
  • July 2018
  • June 2018
  • April 2018
  • January 2018
  • October 2017
BCS Cyber Essentials Cyber Essentials Cyber Essentials PLUS
information. secured.
  • Home
  • Our Services
    • Infrastructure Testing
      • Internal Network Penetration Test
      • External Network Penetration Test
      • Vulnerability Assessment
    • Web Application Penetration Test
    • Configuration Review
      • Windows Build Review
    • Information Assurance
      • ISO 27001 Gap Analysis
    • Cyber Essentials Certification
  • News
  • Articles
  • About
    • About SecureTeam
    • Cookie Policy
    • Privacy Notice
    • Website Terms & Conditions
    • White-Label Consultancy
    • Jobs
  • Contact Us
SecureTeam
SecureTeam use cookies on this website to ensure that we give you the best experience possible. If you continue to use our site we will assume that you are happy with cookies being used.OkRead more