Reports indicate that exploitation of a zero-day vulnerability CVE-2018-8440 was detected against Windows systems. Users are advised to take immediate action to patch the affected systems since there is elevated risk of cyber attacks for the vulnerabilities.
Microsoft Internet Explorer 9, 10, 11
Microsoft Windows 7, 8.1, RT 8.1, 10
Microsoft Windows Server 2008, 2008 R2, 2012, 2012 R2, 2016
Microsoft Windows Server, version 1709, version 1803
Depending on the vulnerability exploited, a successful attack could lead to remote code execution, denial of service, elevation of privilege, information disclosure, security feature bypass, tampering or spoofing.
Patches for affected products are available from the Windows Update/Microsoft Update Catalog. Users of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.