May 2018: Two Zero-Day Microsoft Flaws Under Active Attack

Microsoft Patches Two Zero-Day Flaws Under Active Attack
Tuesday, May 08, 2018 Swati Khandelwal

CVE-2018-8120
Risk: Medium

Recommendations

Permit local access for trusted individuals only. Where possible, use restricted environments and restricted shells.
To exploit this vulnerability, an attacker requires local access to an affected computer. Grant local access for trusted and accountable users only.

CVE-2018-8174
Risk: High

Recommendations

Block external access at the network boundary, unless external parties require service.
If global access isn’t needed, filter access to the affected computer at the network boundary. Restricting access to only trusted computers and networks might greatly reduce the likelihood of successful exploits.

Run all software as a nonprivileged user with minimal access rights.
To reduce the impact of latent vulnerabilities, always run nonadministrative software as an unprivileged user with minimal access rights.

Do not accept or execute files from untrusted or unknown sources.
To reduce the likelihood of successful exploits, do not open or handle files from unknown or untrusted locations.

Do not follow links provided by unknown or untrusted sources.
Never follow links provided by unfamiliar or untrusted sources or visit sites of questionable integrity.

Advertisements

One Response to “May 2018: Two Zero-Day Microsoft Flaws Under Active Attack”

  1. computer repair Says:

    great issues altogether, you just gained a emblem new reader.
    What could you suggest in regards to your publish that you simply made some days ago?
    Any certain?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s


%d bloggers like this: