Microsoft patches actively exploited vulnerability, re-releases Windows 10 update
Microsoft Corp. today released a patch for a serious vulnerability that’s being actively exploited in the wild as well as re-releasing its troubled Windows 10 update.
Delivered as part of Microsoft’s monthly Patch Tuesday release, the patch addressed CVE-2018-8589, a vulnerability in Windows 7, Server 2008 and Server 2008 R2 versions that allowed an attacker to escalate privileges and run arbitrary code in the local system.
Discovered by Kaspersky Lab, the vulnerability is actively being used by a number of advanced persistent threat groups, groups that use network attacks to gain unauthorized access to a network that typically remains undetected for an extended period.
“The Elevation of Privilege vulnerability exists in Win32k.sys and could allow an attacker to run arbitrary code in the context of a local system,” Chris Goettl, director of product management, security at Ivanti Inc., told SiliconANGLE. “The CVE is rated as Important and the attacker would need to log on to the system to exploit the vulnerability, but when exploited the attacker would gain full control of the affected system.”
Alongside its Patch Tuesday release, Microsoft has taken another stab at releasing a stable Windows 10 update.
Problems with the update first emerged Oct. 7 when Microsoft withdrew the update after users reported that it deleted files. Microsoft claimed Oct. 9 it had fixed the issue, but it only re-released the update to beta testers participating in the Windows Insider program.
“In addition to extensive internal validation, we have taken time to closely monitor feedback and diagnostic data from our Windows Insiders and from the millions of devices on the Windows 10 October Update, and we have no further evidence of data loss,” John Cable, director of program management, Windows servicing and delivery, said in a blog post. “Based on this data, today we are beginning the re-release of the October Update by making it available via media and to advanced users who seek to manually check for updates.”
There was no word on when Microsoft might push the update out to all users, something it has done in the past, although Cable noted that Microsoft was slowing the rollout “to more carefully study device health data.” That includes checking Windows installations before running the update to make sure there are no compatibility issues.
Photo: U.S. Air Force
A message from John Furrier, co-founder of SiliconANGLE:
Show your support for our mission by joining our Cube Club and Cube Event Community of experts. Join the community that includes Amazon Web Services and Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger and many more luminaries and experts.
We really want to hear from you, and we’re looking forward to seeing you at the event and in theCUBE Club.