Microsoft Releases Patch to Address Active Exploit
After learning about it from Google, Microsoft has moved to fix CVE-2018-8653. This flaw in Internet Explorer is being actively exploited in the wild.
According to the Microsoft release, this remote code execution issue “could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.”
The vulnerability effects Internet Explorer 11 on Windows 7 to 10 and Windows Server 2012, 2016, and 2019. For Explorer 10, it effects Windows Server 2012. For Explorer 9, it effects Windows Server 2008.
As it is being actively exploited, it’s critical to check that all systems have updated Internet Explorer.
Using Syxsense to Address This Issue
Syxsense is designed to facilitate and simplify any patching strategy. While you can run a comprehensive scan of all devices on a network, you can also run a targeted scan seeking a specific software. The console can easily display which devices are running which version of an application that might be at risk.
From there, it’s simple to set up a task that targets every device that requires the needed update.
With visual gadgets in both the device and task views, an IT manager can track the completion status of the deployment.
With everything being integrated, a report can be generated from the task information. Software can also be completely rolled back, if needed.