This month’s Patch, er sorry, Update Tuesday includes fixes for 50 high-impact vulnerabilities in Microsoft Windows – 11 of which were rated Critical and 39 Important.
The majority of the Critical bugs patched in this update affect the Edge browser, while most of the Important bugs belonged to Windows 10.
One of the more interesting Windows 10 fixes in this update was a Cortana bug (CVE-2018-8140) that allowed an attacker to bypass the Windows lock screen entirely, accessing private data on the machine, and even running executables.
An Elevation of Privilege vulnerability exists when Cortana retrieves data from user input services without consideration for status. An attacker who successfully exploited the vulnerability could execute commands with elevated permissions.
It’s worth noting that Cortana is automatically enabled on the default settings for Windows 10, including the lock screen. With about 150 million people using Cortana today, by Microsoft’s estimates, this vulnerability could affect a lot of people (although an attacker needs to be near enough to a vulnerable machine for it to hear them, obviously).
Apple fanboys would do well to remember that Siri is no stranger to lock screen bugs should they be tempted to throw any stones from the comfort of their glass houses!
Thankfully, there’s now a patch. If you aren’t planning to patch any time soon you can disable Cortana access on the lock screen.
The fallout from Spectre and its progeny continues, and this Update includes mitigations against Speculative Store Bypass (CVE-2018-3639); however, anyone who wants to deploy these protections will need to enable them manually as Microsoft says they aren’t enabled by default in this update.
Other bug fixes include additional protections for Windows 2008 through Windows 10 against Meltdown (CVE-2017-5754) and two variants of Spectre: CVE-2017-5715 aka Spectre variant two, and CVE-2018-3639 aka SpectreNG.