Windows Zero-Day Exploited in Attacks Aimed at Middle East


One of the vulnerabilities patched by Microsoft with its latest Patch Tuesday updates is a Windows zero-day exploited by an advanced persistent threat (APT) group in attacks aimed at entities in the Middle East.

The flaw, tracked as CVE-2018-8453, has been described by Microsoft as a privilege escalation issue related to how the Win32k component of Windows handles objects in memory. An authenticated attacker can exploit the vulnerability to take control of an affected system.

The vulnerability was reported to Microsoft by Kaspersky Lab after one of the security firm’s systems detected an exploitation attempt. Kaspersky said it had reported the vulnerability to Microsoft on August 17 – it’s unclear why Microsoft waited so long to release a fix.