Microsoft has announced that they are patching 2 critical Windows vulnerabilities that are actively being used.
The first exploit (CVE-2018-8174) uses the VBScript engine that is built into all current versions of windows. This involves how memory is handled to allow attackers to execute code running with the logged in user privileges. If the user has administrator privileges, the attacker can take control of the system. Even if the user is logged in with limited rights, a second vulnerability can allow the attacker to escalate their privileges.
This attack is started when a user receives and opens an RTF document (e.g. opened in MS Word). This connects to a malicious webpage to download the actual code to run the memory bug, which then allows the attacker control of the system. The attack can also be triggered by viewing a malicious website or website advertisement in the IE browser.
The second vulnerability also allows for escalated privileges in a different Windows system. An attacker can use this to install programs, view, change or delete data, or create accounts with admin rights.
MS released a patch on Tuesday to address these vulnerabilities. Please make sure to leave your computer on to make sure the patches are installed. Your PC might reboot as a result of the installation. It is critical that you allow these patches to be installed. If you have any questions, please call the help desk.