Microsoft has released an out-of-band patch for a zero-day vulnerability affecting the Internet Explorer web browser. CVE-2018-8653 is a memory corruption vulnerability that could allow remote attackers to execute arbitrary code on affected systems. Microsoft has reported active exploitation of this vulnerability in the wild. Organizations are encouraged to apply the patch released by Microsoft as soon as possible. 

What we’re doing about it

  • The eSentire Threat Intelligence Team is monitoring this issue for additional information
  • Current esRECON plugins detect CVE-2018-8653 in Windows products 

What you should do about it

 Update the Internet Explorer browser to the most recent version [1]

 Additional information

When successfully exploited, CVE-2018-8653 allows remote code in the context of the current user. 

Potential attacks may include malicious webpages delivered through email, social engineering or other redirection methods which result in malicious content rendered in vulnerable versions of Internet Explorer.   

Internet Explorer versions 9, 10 & 11 are affected [2]. 

 


Resources:

[1] CVE-2018-8653 | Scripting Engine Memory Corruption Vulnerability
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8653

[2] NATIONAL VULNERABILITY DATABASE,  CVE-2018-8653 Detail
https://nvd.nist.gov/vuln/detail/CVE-2018-8653

 

First Published: 20 December 2018
Last Updated: 24 December 2018

See the latest security advisories

Articles and reports written by eSentire staff and our Threat Intelligence Research Group.

Ready to get started?
We're here to help.

Get Started
Reach out to schedule a meeting and learn more about our Managed Detection and Response, Risk Advisory and Managed Prevention capabilities.