Call us today on: +44 (0)203 88 020 88
SecureTeamSecureTeamSecureTeamSecureTeam
  • Home
  • Our Services
    • Infrastructure Testing
      • Internal Network Penetration Test
      • External Network Penetration Test
      • Wireless Network Penetration Test
      • Vulnerability Assessment
      • Network Segregation Test
      • Voice over IP (VoIP) Penetration Test
    • Application Testing
      • Web Application Penetration Test
      • Mobile Application Penetration Test
      • Desktop Application Security Assessment
      • Citrix Breakout Test
    • Configuration Review
      • Windows Server Build Review
      • Linux Server Build Review
      • Citrix Configuration Review
    • Information Assurance
      • ISO 27001 Gap Analysis
    • Cyber Essentials
  • News
  • Articles
  • About
    • About SecureTeam
    • STORM Appliances
      • Installing a STORM Device
      • Returning a STORM Device
    • White-Label Consultancy
    • Jobs
    • Cookie Policy
    • Privacy Notice
    • Website Terms & Conditions
  • Contact Us

News

Home  >  News  >  Vulnerabilities  >  Death by PowerPoint and other vulnerabilities
NextPrevious
microsoft patch tuesday december

Death by PowerPoint and other vulnerabilities

News, Vulnerabilities | 20 December, 2018 | 0

Microsoft’s December 2018 patch Tuesday release includes fixes for several critical vulnerabilities including one in PowerPoint which affects all versions since PowerPoint 2010.

The PowerPoint bug (CVE-2018-8628) would allow an attacker to create a specially-crafted file, which when opened by PowerPoint, would enable the attacker to run arbitrary code as the logged-in user.   According to Microsoft:

“If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.”

With the Christmas season’s imminent arrival, many organisations see an increase in fun and light-hearted end of year emails.  This may make it more likely that staff could be tricked into opening an attachment in an email containing a malicious PowerPoint file and so fall victim to an attack. This is further complicated for those organisations that operate a change freeze during the Christmas peak processing season and so are forced to delay the installation of some patches.

Christmas Email Safety Reminder

Now would be an apposite time to remind your staff and users to take care before opening unexpected email attachments by asking themselves the following questions:

  • Does the FROM email address domain match the usual address this sender uses?
  • Does the CONTENT feel right – does the grammar and tone match the usual communications from this person?
  • Am I EXPECTING this email and the attachment from the sender?
  • Is the sender someone I TRUST and do they usually send me this kind of email?
  • Is the email free from any promise of something EMBARRASSING, titillating or an implied THREAT if not opened?

If you cannot answer YES to these questions, do not open the attachment until you have spoken to the sender by phone to confirm the email is valid and safe.

December Patch Tuesday

Other notable vulnerabilities patched in the December Microsoft patch Tuesday update include:

CVE-2018-8611– This zero day flaw in the Windows Kernel is already being exploited and allows an attacker to escalate their privilege on a host system running Windows 7 through 10 or Windows Server. This means any logged in user could use a specially crafted application to gain administrator privileges on the host system.

A remote code execution vulnerability in Internet Explorer (CVE-2018-8631) and Microsoft Edge (CVE-2018-8624) could allow an attacker to gain access to the users system with the same access rights as the logged in user simply by getting the user to visit a malicious or compromised web site.  The vulnerability allows arbitrary code to be executed on the users Windows computer.

Security breaches typically happen when several vulnerabilities are exploited, forming stepping stones which transport the attacker from the internet to your valuable internal systems.  What initially appear to be trivial vulnerabilities can be used to leverage more dangerous actions by an attacker.

For example, using just the vulnerabilities described above an attacker could trick a member of staff in your organisation to visit a malicious website through social engineering or a fraudulent spam email.  Then exploiting the Internet Explorer vulnerability described above, the attacker is able to execute code on the users workstation.  You may think this is a trivial risk as none of your users have administrator privileges and so are not able to change their system settings or install applications. However, the arbitrary code that is executed exploits the Windows Kernel vulnerability described above and now the attacker is able to use the host system with administrator privileges and leverage this to attack other devices on your network.

All of the updates mentioned in this article are fixing problems with how the code in question handles objects stored in memory and the vulnerabilities could corrupt the memory in such a way that an attacker could execute arbitrary code.

For more information on the patches included in the Microsoft December update, see the release notes: https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/6c54acc6-2ed2-e811-a980-000d3a33a34d

Subscribe to our monthly cybersecurity newsletter
Stay up-to-date with the very latest cybersecurity news & technical articles delivered straight to your inbox
We hate spam as much as you do. We will never give your email address out to any third-party.
cyber security news, microsoft, vulnerability management, web browsers

Related Post

  • October Patch Tuesday includes critical Windows TCP/IP vulnerability

    By Mark Faithfull

    October’s security patch bundle from Microsoft resolves 87 vulnerabilities, 12 rated as critical.  One of these is a flaw in the Windows TCP/IP stack which can result in a server crash or remote code executionRead more

  • Microsoft Defender now updates OS image files

    By Mark Faithfull

    Whenever a new Windows device is booted from an image, there is a period of time when the machine is live and on the network, but it is missing operating system security patches and MicrosoftRead more

  • Critical Domain Controller Flaw Requires Urgent Patching

    By Mark Faithfull

    A critical vulnerability in Microsoft Netlogon was patched in the August patch cycle – but was so dangerous that details were not made public until September when (hopefully) many systems would have been patched.  IfRead more

  • Microsoft Launches Application Guard preview

    By Mark Faithfull

    Microsoft Application Guard helps protect against malware in Office documents by opening each document in its own segregated virtual machine. Microsoft says in the release notes: Application Guard is a virtualization-based sandbox that’s used toRead more

  • Derek attacks QNAP NAS Devices

    By Mark Faithfull

    The UK National Cyber Security Centre and CISA in the USA have issued a joint alert detailing the risk posed by the Qsnatch/Derek malware which attacks QNAP NAS devices. The National Cyber Security Centre statesRead more

NextPrevious

Recent Posts

  • WordPress force updates a million sites to fix SQLi flaw
  • Google Patches Chrome Zero-Day Vulnerability
  • Visual Studio RCE Vulnerability Patched
  • Sonicwall critical Firewall RCE vulnerability
  • What is a Network Access Seller?

Tags

Android blockchain Bluetooth Chrome Cisco credential stuffing cyber crime cyber essentials cyber security cyber security news Data Protection DNS Ethereum Exchange Server exim fileless formjacking GDPR Intel IoT Linux MacOS Meltdown microsoft patching penetration testing phishing ransomware RDP Row Hammer security breach Security operations security testing SIEM Spectre supply chain attacks Sysinternals Tomcat TPM UK Law VNC vulnerability management web applications web browsers wireless

Archives

  • October 2020
  • September 2020
  • August 2020
  • July 2020
  • June 2020
  • April 2020
  • March 2020
  • February 2020
  • January 2020
  • December 2019
  • November 2019
  • October 2019
  • September 2019
  • August 2019
  • July 2019
  • June 2019
  • May 2019
  • April 2019
  • March 2019
  • February 2019
  • January 2019
  • December 2018
  • November 2018
  • July 2018
  • June 2018
  • April 2018
  • January 2018
  • October 2017
BCS Cyber Essentials Cyber Essentials Cyber Essentials PLUS ISO 9001 ISO 27001
information. secured.
  • Home
  • Our Services
    • Infrastructure Testing
      • Internal Network Penetration Test
      • External Network Penetration Test
      • Wireless Network Penetration Test
      • Vulnerability Assessment
      • Network Segregation Test
      • Voice over IP (VoIP) Penetration Test
    • Application Testing
      • Web Application Penetration Test
      • Mobile Application Penetration Test
      • Desktop Application Security Assessment
      • Citrix Breakout Test
    • Configuration Review
      • Windows Server Build Review
      • Linux Server Build Review
      • Citrix Configuration Review
    • Information Assurance
      • ISO 27001 Gap Analysis
    • Cyber Essentials
  • News
  • Articles
  • About
    • About SecureTeam
    • STORM Appliances
      • Installing a STORM Device
      • Returning a STORM Device
    • White-Label Consultancy
    • Jobs
    • Cookie Policy
    • Privacy Notice
    • Website Terms & Conditions
  • Contact Us
SecureTeam
SecureTeam use cookies on this website to ensure that we give you the best experience possible. If you continue to use our site we will assume that you are happy with cookies being used.OkRead more