Call us today on: +44 (0)203 88 020 88
SecureTeamSecureTeamSecureTeamSecureTeam
  • Home
  • Our Services
    • Infrastructure Testing
      • Internal Network Penetration Test
      • External Network Penetration Test
      • Wireless Network Penetration Test
      • Vulnerability Assessment
      • Network Segregation Test
      • Voice over IP (VoIP) Penetration Test
    • Application Testing
      • Web Application Penetration Test
      • Mobile Application Penetration Test
      • Desktop Application Security Assessment
      • Citrix Breakout Test
    • Configuration Review
      • Windows Server Build Review
      • Linux Server Build Review
      • Citrix Configuration Review
    • Information Assurance
      • ISO 27001 Gap Analysis
    • Cyber Essentials
  • News
  • Articles
  • About
    • About SecureTeam
    • STORM Appliances
      • Installing a STORM Device
      • Returning a STORM Device
    • White-Label Consultancy
    • Jobs
    • Cookie Policy
    • Privacy Notice
    • Website Terms & Conditions
  • Contact Us

News

Home  >  News  >  Vulnerabilities  >  Death by PowerPoint and other vulnerabilities
NextPrevious
microsoft patch tuesday december

Death by PowerPoint and other vulnerabilities

News, Vulnerabilities | 20 December, 2018 | 0

Microsoft’s December 2018 patch Tuesday release includes fixes for several critical vulnerabilities including one in PowerPoint which affects all versions since PowerPoint 2010.

The PowerPoint bug (CVE-2018-8628) would allow an attacker to create a specially-crafted file, which when opened by PowerPoint, would enable the attacker to run arbitrary code as the logged-in user.   According to Microsoft:

“If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.”

With the Christmas season’s imminent arrival, many organisations see an increase in fun and light-hearted end of year emails.  This may make it more likely that staff could be tricked into opening an attachment in an email containing a malicious PowerPoint file and so fall victim to an attack. This is further complicated for those organisations that operate a change freeze during the Christmas peak processing season and so are forced to delay the installation of some patches.

Christmas Email Safety Reminder

Now would be an apposite time to remind your staff and users to take care before opening unexpected email attachments by asking themselves the following questions:

  • Does the FROM email address domain match the usual address this sender uses?
  • Does the CONTENT feel right – does the grammar and tone match the usual communications from this person?
  • Am I EXPECTING this email and the attachment from the sender?
  • Is the sender someone I TRUST and do they usually send me this kind of email?
  • Is the email free from any promise of something EMBARRASSING, titillating or an implied THREAT if not opened?

If you cannot answer YES to these questions, do not open the attachment until you have spoken to the sender by phone to confirm the email is valid and safe.

December Patch Tuesday

Other notable vulnerabilities patched in the December Microsoft patch Tuesday update include:

CVE-2018-8611– This zero day flaw in the Windows Kernel is already being exploited and allows an attacker to escalate their privilege on a host system running Windows 7 through 10 or Windows Server. This means any logged in user could use a specially crafted application to gain administrator privileges on the host system.

A remote code execution vulnerability in Internet Explorer (CVE-2018-8631) and Microsoft Edge (CVE-2018-8624) could allow an attacker to gain access to the users system with the same access rights as the logged in user simply by getting the user to visit a malicious or compromised web site.  The vulnerability allows arbitrary code to be executed on the users Windows computer.

Security breaches typically happen when several vulnerabilities are exploited, forming stepping stones which transport the attacker from the internet to your valuable internal systems.  What initially appear to be trivial vulnerabilities can be used to leverage more dangerous actions by an attacker.

For example, using just the vulnerabilities described above an attacker could trick a member of staff in your organisation to visit a malicious website through social engineering or a fraudulent spam email.  Then exploiting the Internet Explorer vulnerability described above, the attacker is able to execute code on the users workstation.  You may think this is a trivial risk as none of your users have administrator privileges and so are not able to change their system settings or install applications. However, the arbitrary code that is executed exploits the Windows Kernel vulnerability described above and now the attacker is able to use the host system with administrator privileges and leverage this to attack other devices on your network.

All of the updates mentioned in this article are fixing problems with how the code in question handles objects stored in memory and the vulnerabilities could corrupt the memory in such a way that an attacker could execute arbitrary code.

For more information on the patches included in the Microsoft December update, see the release notes: https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/6c54acc6-2ed2-e811-a980-000d3a33a34d

Subscribe to our monthly cybersecurity newsletter
Stay up-to-date with the very latest cybersecurity news & technical articles delivered straight to your inbox
We hate spam as much as you do. We will never give your email address out to any third-party.
cyber security news, microsoft, vulnerability management, web browsers

Related Post

  • Exchange 0-day exploits need patching today

    By Mark Faithfull

    Microsoft has published details and out of cycle patches for several 0-day Exchange exploits under active attack. Microsoft Security Response Center advises: Due to the critical nature of these vulnerabilities, we recommend that customers apply the updates to affectedRead more

  • Critical Windows Fax Server Vulnerability Patched – and Why You Should Care

    By Mark Faithfull

    In the February 2021 Patch Tuesday security update Microsoft fixed 56 flaws, one zero-day vulnerability and two remote code execution vulnerabilities in the Windows Fax Service.  That’s right, someone can send you a fax andRead more

  • What is the Nat Slipstreaming2.0 Attack?

    By Mark Faithfull

    The NAT Slipstreaming2.0 attack exploits the standard support for VOIP routing in NAT routers/firewalls to expose all devices on the internal network to attack from the internet. A new variant of the NAT Slipstreaming attackRead more

  • November Patch Tuesday fixes 12 RCE vulnerabilities

    By Mark Faithfull

    The November security patch bundle from Microsoft fixes 112 security vulnerabilities in their products, including 12 Remote Code Execution vulnerabilities. Noteworthy vulnerabilities fixed this month include:   Windows Kernel Local Elevation of Privilege:  CVE-2020-17087 ObservedRead more

  • Windows 0-day vulnerability disclosed

    By Mark Faithfull

    Google’s Project Zero has disclosed the details of a Windows 0-day vulnerability under active attack which affects all versions from Windows 7 through to Windows 10. No patch is yet available from Microsoft but oneRead more

NextPrevious

Recent Posts

  • Rockwell Automation Critical Vulnerability in PLC
  • Exchange 0-day exploits need patching today
  • What is a pass the hash attack?
  • VMware patches critical RCE in vCenter Server
  • What is a dependency confusion attack?

Tags

Android Apple Bluetooth Chrome Cisco credential stuffing cyber crime cyber essentials cyber security cyber security news Data Protection DDoS DNS Exchange Server exim fileless formjacking GDPR Intel IoT Linux MacOS Meltdown microsoft ncsc patching penetration testing phishing ransomware RDP security breach Security operations security testing SIEM software development Spectre supply chain attacks Sysinternals Tomcat TPM Unix vulnerability management web applications web browsers wireless

Archives

  • March 2021
  • February 2021
  • January 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • August 2020
  • July 2020
  • June 2020
  • April 2020
  • March 2020
  • February 2020
  • January 2020
  • December 2019
  • November 2019
  • October 2019
  • September 2019
  • August 2019
  • July 2019
  • June 2019
  • May 2019
  • April 2019
  • March 2019
  • February 2019
  • January 2019
  • December 2018
  • November 2018
  • July 2018
  • June 2018
  • April 2018
  • January 2018
  • October 2017
BCS Cyber Essentials Cyber Essentials Cyber Essentials PLUS ISO 9001 ISO 27001
information. secured.
  • Home
  • Our Services
    • Infrastructure Testing
      • Internal Network Penetration Test
      • External Network Penetration Test
      • Wireless Network Penetration Test
      • Vulnerability Assessment
      • Network Segregation Test
      • Voice over IP (VoIP) Penetration Test
    • Application Testing
      • Web Application Penetration Test
      • Mobile Application Penetration Test
      • Desktop Application Security Assessment
      • Citrix Breakout Test
    • Configuration Review
      • Windows Server Build Review
      • Linux Server Build Review
      • Citrix Configuration Review
    • Information Assurance
      • ISO 27001 Gap Analysis
    • Cyber Essentials
  • News
  • Articles
  • About
    • About SecureTeam
    • STORM Appliances
      • Installing a STORM Device
      • Returning a STORM Device
    • White-Label Consultancy
    • Jobs
    • Cookie Policy
    • Privacy Notice
    • Website Terms & Conditions
  • Contact Us
SecureTeam