Recently Patched CVE-2018-8611 Is Exploited By Cyber Criminals
Cyber criminals are becoming sophisticated and CVE-2018-8611 exploit is a big example of it. A vulnerability in the Windows OS was detected in October 2018 and reported to the Microsoft. Taking action, the giant company fixed this vulnerability immediately but it is again exploited by threat actors. According to a recent security report, the flaw in ntoskrnl.exe is being used in some malicious campaign. Report also reveal that the vulnerability mostly target African and Middle east countries. To gain privileges of CVE-2018-8611 the cyber offenders first infect the targeted computer. Using this security flaw the cyber crooks can get complete remote access over their target and execute every malicious and illegitimate process which they want.
Malicious Privileges Obtain From CVE-2018-8611 Vulnerability
When the objects in memory is not handled properly by Windows kernel then this vulnerability of privileges exists. A cyber criminal who has successfully exploited this security flaw become capable of executing several kind of malicious activities. Using CVE-2018-8611 flaw an attacker can successfully run the arbitrary code in the Kernel mode. Once they do it then they can install whatever software they want, access private data, make modification in important files, erase crucial data as well as create user account with full admin right. Not only this, report reveals that threat actors are using specially designed software with the help of this vulnerability on the affected system to control it.
Some Critical Vulnerabilities Patched Recently
CVE-2018-8611 is among those three consecutive vulnerabilities which is fixed by Microsoft to resolve Win32K elevation privilege bug. CVE-2018-8517 is such a flaw which is a DoS problem in Web application. It is built with .NET Framework and exist because not handling special web requests properly. Similarly ADV180031 is another vulnerability which was used in APT campaign against Russia. This Adobe Flash Player flaw was fixed by Microsoft on 5th December.
According to a security report, CVE-2018-8611 security flow provide such malicious power through which cyber crooks can easily attack any version of Windows. In addition to that threat actors can also some popular browser like Internet explorer or Microsoft edge. By gaining control over your browser they can monitor your online activities and also obtain your login details of online banking and other important sites.
Expert Recommend To Follow These Security Measures
Security expert encourage computer users to adhere security measures. By following security steps you can avoid such vulnerability and destroy the malicious intention of cyber criminals. Here are some security measures which you must follow :
- Always use a firewall to block all unsafe incoming connection from publicly available Internet services. You should set deny option for all incoming connection except the one which you need.
- Make sure to update all the software installed in your computer on regular basis. Because outdated programs are most likely to invaded by cyber criminals as they continuously experiment with those software.
- Install a highly advance security software in your system. The antivirus will detect presence of any malicious file which is dangerous for your computer and you can remove it to keep the system safe.