Government of the Republic of Trinidad and Tobago
gov.tt

TTCSIRT-179.110518: TT-CSIRT Advisory – Microsoft Security Updates

TTCSIRT-179.110518: TT-CSIRT Advisory – Microsoft Security Updates

Microsoft has released a security update stating that a vulnerability has been discovered in Microsoft Edge which could allow for arbitrary code execution.

There are currently two ways in which it can be exploited:

1) File-based

a. An attacker crafts a malicious document file to leverage the issue and to carry out some actions on their behalf.

b. The attacker uses email or other means to distribute the malicious document and entices an unsuspecting user to open it.

c. When the victim opens the document file, the issue is triggered.

2) Web-based

a. The attacker crafts a malicious webpage to leverage this issue and to carry out some actions on their behalf. The page may include malicious code, replacement memory addresses, and possibly NOP instructions.

b. The attacker uses email or other means to entice an unsuspecting user to view the malicious page.

c. When the user views the page, this issue is triggered.

Further information on this vulnerability and how it can be mitigated can be found at https://www.cisecurity.org/advisory/a-vulnerability-in-microsoft-edge-could-allow-for-arbitrary-code-execution_2018-122/