Microsoft has released two zero-days that have actively been exploited in the wild by cybercriminals. Microsoft has credited Qihoo 360 and Kaspersky Lab for reporting this vulnerability.
Both companies say the flaw has been exploited in targeted attacks, but no information is currently available.
Double Kill IE 0-day Vulnerability
(CVE-2018-8174) under active attack is a critical remote code execution vulnerability that was revealed by Chinese security firm Qihoo 360 last month and affected all supported versions of Windows operating systems.
Dubbed “Double Kill” by the researchers, the vulnerability is notable and requires prompt attention as it could allow an attacker to remotely take control over an affected system. This could be done by executing malicious code remotely through several ways, such as a compromised website, or malicious Office documents.
Win32k Elevation of Privilege Vulnerability
(CVE-2018-8120) patched this month is a privilege-escalation flaw that occurred in the Win32k component of Windows when it fails to properly handle objects in computer memory.
The vulnerability is rated “important,” and only affects Windows 7, Windows Server 2008 and Windows Server 2008 R2. The issue has actively been exploited by threat actors, but Microsoft did not provide any detail about the in-the-wild exploits.