Delaware, USA – April 11, 2018 – Yesterday, at “April Patch Tuesday”, Microsoft released 65 security updates, including an update package for Adobe Flash Player. This month, 19 critical vulnerabilities have been closed, including the flaw in Microsoft Malware Protection Engine. Only one vulnerability was disclosed before the release of the patch, this vulnerability in Microsoft SharePiont (CVE-2018-1034) could lead to elevation of privileges, but Microsoft claims that there were no active attempts to exploit it.
Five patches were issued to fix vulnerabilities in Windows Graphics Component related to improper handling of embedded fonts. For their exploitation attacker needed simply to lure the victim to a website with a malicious font.
Security researcher Will Dormann, who discovered CVE-2018-0950 vulnerability, said that the security update released for it blocks only one of the attack vectors, but does not solve the problem as a whole.
Updates for Adobe Flash Player close 6 vulnerabilities, 3 of which are critical and could lead to remote code execution. Such vulnerabilities are quickly taken on board by attackers. So the exploit for CVE-2018-4878, for which the update was released in February, was recently included in ThreadKit – application for creating malicious documents.
After each portion of updates, Windows becomes a bit more protected, but you need constantly control its security. You can use Windows Security Monitor use case as a basis for monitoring Microsoft Windows and Active Directory security events.