14 DAY TRIAL // The United States Computer Emergency Readiness Team (US-CERT) has released an advisory on vulnerabilities affecting Microsoft Windows and Windows Server.
The organization says “a remote attacker could exploit these vulnerabilities to take control of an affected system.”
The said vulnerabilities have already been fixed by Microsoft as part of the December 2018 Patch Tuesday cycle, and the company provides more information in CVE-2018-8611 and CVE-2018-8626 advisories.
First and foremost, CVE-2018-8611 is a Windows kernel elevation of privilege that affects all supported Windows client and server versions, including Windows 10 and Windows Server 2019.
“An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights,” Microsoft explains.
A successful attack requires a malicious actor to log on to the system and then run a crafted application that would provide full control over the affected machine. Microsoft says the flaw has already been exploited, but given it wasn’t publicly disclosed, the impact has been significantly reduced.
Patches available now
In the case of CVE-2018-8626, Microsoft is resolving a Windows DNS server heap overflow vulnerability that only exists in Windows 10, Windows Server 2012 R2, Windows Server 2016, and Windows Server 2019.
“A remote code execution vulnerability exists in Windows Domain Name System (DNS) servers when they fail to properly handle requests. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the Local System Account. Windows servers that are configured as DNS servers are at risk from this vulnerability,” Microsoft says.
The attack relies on malicious requests that are sent to a Windows DNS server even without authentication.
Patches for the two vulnerabilities can be downloaded right now from Windows Update on all supported Windows versions.