Hello, welcome to the Wednesday, August 15th, 2018 edition of the Sansanet Storms, Stormcast.

My name is Johannes Ulrich and I am recording from Jacksonville, Florida.

Of course, today we'll start with the Microsoft Patch Tuesday.

We got a total of 63 vulnerabilities addressed, so somewhat

average I believe.

What's not average is that actually two exploited vulnerabilities are being addressed in this

update.

The first one is yet another patch for the Settings.m.s file issue.

This was discovered a couple months ago and essentially what it refers to are these shortcuts

files for settings that can include code and can execute code. These are little XML files and Microsoft has already

addressed this in past patches. Pretty much as soon as this issue became public, we saw

malware that used office documents that embedded these files and the user initially didn't get any kind of warning or

so that the code was executed, not like macros or so, but the user first has to enable

macros for specific document.

Well, a Microsoft sort of addressed that in prior issues with this latest update, they sort of fix the last

hole here in that they now properly validate any paths inside the XML document. And that should

sort of put an end to these remote code execution exploits. The second public and already exploited vulnerability is a vulnerability in the Internet Explorer

scripting engine.

Now over the years of course there have been many, many flaws in the scripting engine, so this

is one more of course likely to get exploited via drive by exploits in order to infect and run code within the browser.

This one will only give access as the user running the browser.

Other than that, as usual, lots of browser and office vulnerabilities.

...