Microsoft,as part of its August Patch Tuesday has released a large batch of 48 security updates consisting of 25 critical, 21 important and 2 moderate in severity for all supported versions Windows systems and other products.
These vulnerabilities impact various versions of Microsoft’s Windows operating systems, Internet Explorer, Microsoft Edge, Microsoft SharePoint, the Windows Subsystem for Linux, Adobe Flash Player, Windows Hyper-V and Microsoft SQL Server.
Some of these are:
CVE-2017-8620: Windows Search Remote Code Execution Vulnerability
This vulnerability affects all versions of Windows 7 and Windows 10, which could be used as a wormable attack like the one used in WannaCry ransomware, as it utilises the SMBv1 connection.
An attacker could remotely exploit the vulnerability through an SMB connection to elevate privileges and take control of the targeted Windows computer.
“A remote code execution vulnerability exists when Windows Search handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights,” Microsoft explains
CVE-2017-8633: Windows Error Reporting Elevation of Privilege Vulnerability
Another elevation of privilege vulnerability resides in Windows Error Reporting (WER) that could allow an attacker to run a specially crafted application to gain access to administrator privileges on the targeted system to steal sensitive information.
“This update corrects the way the WER handles and executes files,” the advisory says
CVE-2017-8627: Windows Subsystem for Linux DoS Vulnerability
Another important vulnerability is discovered in Windows Subsystem for Linux that could allow an attacker to execute code with elevated permissions.
“To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application. The security update addresses the vulnerability by correcting how Windows Subsystem for Linux handles NT pipes” the advisory says
Successful exploitation eventually could allow denial of service attack, leaving the targeted system unresponsive.
Microsoft has released patches for all the vulnerabilities and users are advies to install them immediately.