Hello, welcome to the Wednesday, October 10th, 2018 edition of the Sandinert Storm Center's

Stormcast. My name is Johannes Ulrich, and I'm recording from Honolulu, Hawaii.

And today, well, a Microsoft patched Tuesday, so let's start with this according to my count, we have

48 vulnerabilities being addressed by these updates.

In addition, there is an advisory regarding the Microsoft Office Defense in Depth update.

Now, there is interestingly no flash update this month.

We had a flash update a week or so ago, but

no flash update from Adobe today. Out of these vulnerabilities, three were known prior to the

patch being released and a fourth one had already been exploited. The exploited one is a pro-age escalation vulnerability in Windows 32K,

and that's one of those kernel driver issues.

Now, the vulnerability was probably published the most was this jet database engine vulnerability.

That one hasn't been exploited yet.

Exploitation of it would also be sort of tricky, so not really surprised that we haven't seen

that in the wild yet. There are also some Microsoft Exchange Remote Code Execution

vulnerabilities. When I saw this first, I was a little bit worried about this,

but this is really more of these DLL loading issues. So again, not really all that easy

and likely to see this exploited. Sort of an interesting vulnerability in particular, since

Microsoft thinks it's likely to get exploited is a security

feature bypass in DeviceGuard. DeviceGuard can be used to really lock down a Windows 10

system and prevent unauthorized code from running. So a lot of enterprises start to rely on that so definitely apply this patch if

device guard is an important feature for you probably less of an issue for home users in general

a lot of the usual stuff is some Microsoft office vulnerabilities lots of scripting engine issues and browser issues

...