Posted on Wednesday, December 13 2017 @ 11:17 CET by Thomas De Maesschalck
Yesterday was the monthly dose of Patch Tuesday updates. This time, Microsoft rolled out updates for 32 vulnerabilities in Windows, Office, Edge, and Internet Explorer. The Register has a nice summary
over here.
Leading this month's Patch Tuesday charge is CVE-2017-11927, a bug in Windows that can be exploited by an attacker to snatch a victim's NTLM hash, which could be cracked offline to reveal their password. A mark would have to be tricked into clicking on a link to a malicious website, SMB share, or UNC path, which would trigger exploitation via the little-used ITS protocol, a format used for serving compiled HTML help (CHM) files.
"In theory, you shouldn’t be able to access remote content using ITS outside of the Local Machine Zone thanks to a 2005 update," explained Dustin Childs from Trend Micro's Zero Day Initiative.
"It appears that has been circumvented by this bug, as it allows attackers who trick users into browsing to a malicious website or to malicious SMB destinations to leak info."
As always, you should apply these updates as soon as possible.
