Microsoft today, on its year-end December Patch Tuesday, released security updates to patch a total 39 vulnerabilities its Windows operating systems and applications—10 of which are rated as critical and other important in severity.
One of the security vulnerabilities patched by the tech giant this month is listed as publicly known at the time of release, and one is a zero-day reported as being actively exploited in the wild by multiple hacking groups, including FruityArmor and SandCat APTs.
Discovered and reported by security researchers at Kaspersky, the zero-day attack exploits an elevation-of-privilege (EoP) bug in the Windows Kernel (ntoskrnl.exe) that could allow malicious programs to execute arbitrary code with higher privileges on the targeted systems.
The vulnerability, tracked as CVE-2018-8611 and classified important in severity, resides in the Kernel Transaction Manager, which occurs due to improper processing of transacted file operations in kernel mode.
The flaw affects almost all versions of Windows operating system—Windows 7 through Server 2019.
images from Hacker News