Microsoft’s Patch Tuesday Fixes 64 Bugs Under Attack
Microsoft, in its March Edition of Patch Tuesday, has released patches for two Win32k bugs as well as 4 additional bugs that were already known.
The Win32k bugs connected to how Microsoft handles object of memory, were both known to be an elevation of privilege flaws and were rated important.
Microsoft wrote in its security bulletin that an attacker who could successfully exploit the two bugs assigned as CVE-2019-0808 and CVE-2019-0797 could run arbitrary code in kernel mode.
From then on, the attacker could install programs, delete, change or view data, or create new accounts with full user rights.
One of the bugs was discovered and reported by Google Threat Analysis Group, while the other was spotted by Kaspersky Lab. This also implied that both of them as actively being exploited in the wild.
One of the four additional already known bugs that were patched was the NuGet Pack Manager that allowed an attacker to alter a package folder structure.
When this is done, the attacker could modify files and folders that are unpacked, and send the altered package to innocent users of the package manager.
Patch Tuesday also fixed DHCP Client Remote Code Execution flaws. It was a critical rated bug since they do not require user interaction.
This is the third month in a row that Microsoft has patched bugs in Windows DCHP Server and Windows DCHP Client. These bugs could allow a hacker to execute codes in the DCHP Client of targeted systems.
One of the most notable patches was for the Chakra scripting engine memory, which if exploited, could allow an attacker to gain the same rights as the user.
In cases where the user is logged in with administrative rights, the attacker could gain control of the entire system.
In entirety, Patch Tuesday fixed 64 bugs – 45 rated important, one rated moderate, one low in severity bug, and 17 critical bugs in Adobe Flash Player, Microsoft Edge, Microsoft Office, Visual Studio, Skype for Business, Internet Explorer and many more.
