UPDATED 20:31 EST / OCTOBER 09 2018

SECURITY

Microsoft fixes bug in Windows 10 update alongside monthly Patch Tuesday release

Microsoft Corp. today rereleased the October Windows 10 update after fixing a bug that deleted files, as it also issued its monthly Patch Tuesday software patches.

Windows 10 October 2018/1809 was pulled by Microsoft over the weekend after multiple users reported that the update resulted in the deletion of personal files such as those in Documents and sometimes even Pictures, Music and Videos.

In a blog post, Microsoft emphasized that the file deletion issue was only with a small number of users — specifically “one one-hundredth of 1 percent of version 1809 installs.” It described the bug as an issue where Known Folder Redirection was enabled but the files themselves remained  in the original “old” folder location versus being moved to the new, redirected location.

The rerelease of the update also includes fixes to address another issue in 1089 – KB4464330, a number of security issues.

Windows 10’s return came as Microsoft released a range of updates across its product portfolio in the October 2018 Patch Tuesday.

Glen Pendley, deputy chief technology officer at Tenable Inc., told SiliconANGLE that the release includes patches to address 50 different vulnerabilities, spanning across most OS versions, browsers and applications with 10 of the vulnerabilities marked as critical and 23 related to remote code execution.

“One of the most important vulnerabilities fixed in today’s Patch Tuesday release is the Microsoft JET Database Engine zero-day (CVE-2018-8423) which was disclosed last month,” Pendley explained. “The vulnerability was published along with a sample exploit code, leaving organizations everywhere exposed for the last several weeks.”

He suggested organizations update their systems immediately since the JET Database Engine software is ubiquitous, shipped on all Windows machines and used by a number of applications, including Microsoft Office.

“By exploiting this flaw, an attacker can send a user a specially crafted malicious file that, when opened, can cause the JET engine to execute an out-of-bounds write allowing for remote code execution,” he said. “Needless to say, a remote code execution flaw with a known public exploit should be prioritized and patched as soon as possible.”

Allan Liska, threat intelligence analyst at Recorded Future Inc., said enterprises should also pay attention to a fix for a memory corruption vulnerability that exists in Microsoft Edge, the ChakraCore Scripting Engine and Internet Explorer 11 (CVE-2018-8473 & CVE-2018-8460).

“This is a relatively easy to exploit remote code exploitation vulnerability, similar to those announced in June and August of this year,” Liska said. “The vulnerability allows attackers to create specially crafted websites that will exploit users with unpatched browsers and load malicious code, known as loaders, into memory which are used to install more malicious implants.”

Image: dcmot/Flickr

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU