It has been reported that Microsoft has released an out-of-band security update that fixes an actively exploited vulnerability in Internet Explorer. This vulnerability has been assigned ID CVE-2018-8653 and was discovered by Google’s Threat Analysis Group when they saw the vulnerability being used in targeted attacks. According to Microsoft’s security bulletin this is vulnerability in how the Internet Explorer scripting engine handles objects in memory.
Satnam Narang, Senior Research Engineer at Tenable:
“Microsoft has released an out-of-band patch to address a remote code execution vulnerability (CVE-2018-8653) in Internet Explorer that has been exploited in the wild. The vulnerability allows an attacker to assume privileges as the current user in order to execute arbitrary code. If the current user has administrative rights on a system, an attacker can take control of the victim’s system to implant malware, modify data and add additional user accounts. While details are not currently available, in most cases, attackers exploit similar vulnerabilities by sending convincing emails to their intended targets with a link to a specially crafted website containing the exploit code. The vulnerability affects Internet Explorer 11 from Windows 7 to Windows 10 as well as Windows Server 2012, 2016 and 2019. Internet Explorer 9 is affected on Windows Server 2008, while Internet Explorer 10 is affected on Windows Server 2012. As the flaw is being actively exploited in the wild, users are urged to update their systems as soon as possible to reduce the risk of compromise.”