<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:#954F72;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Calibri",sans-serif;
color:windowtext;}
span.apple-converted-space
{mso-style-name:apple-converted-space;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri",sans-serif;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-US" link="#0563C1" vlink="#954F72">
<div class="WordSection1">
<p class="MsoNormal"><span style="font-size:10.5pt;color:black">Hello IT Partners, Security SIG and IST Security FYI,
<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:10.5pt;color:black"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:10.5pt;color:black">On June 12, 2018, Microsoft released their monthly patches, including several relating to critical vulnerabilities. The<span class="apple-converted-space"> </span><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8225"><span style="color:#1155CC">most
concerning patch</span></a><span class="apple-converted-space"> </span>relates to a remote code execution vulnerability in the DNSAPI dynamic link library. The DNSAPI is used for Domain Name System (DNS) resolution and is a required component for a Windows-based
machine to communicate over a computer network.</span><span style="color:black"><o:p></o:p></span></p>
<p class="MsoNormal" style="caret-color: rgb(0, 0, 0);font-variant-caps: normal;orphans: auto;text-align:start;widows: auto;-webkit-text-size-adjust: auto;-webkit-text-stroke-width: 0px;word-spacing:0px">
<span style="font-size:10.5pt;color:black"> </span><span style="color:black"><o:p></o:p></span></p>
<p class="MsoNormal" style="caret-color: rgb(0, 0, 0);font-variant-caps: normal;orphans: auto;text-align:start;widows: auto;-webkit-text-size-adjust: auto;-webkit-text-stroke-width: 0px;word-spacing:0px">
<span style="font-size:10.5pt;color:black">This vulnerability allows an attacker to remotely execute code in the context of the local system account (NT Authority\SYSTEM) by forcing the target system to make a DNS query to a malicious DNS server. The responsive
DNS query is then relayed to the originally intended target DNS system and the vulnerability is exploited. DNS queries are one of the most common network activities performed, and an attacker may have several ways to trick a machine into initiating such a
malicious DNS query.<span class="apple-converted-space"> </span></span><span style="color:black"><o:p></o:p></span></p>
<p class="MsoNormal" style="caret-color: rgb(0, 0, 0);font-variant-caps: normal;orphans: auto;text-align:start;widows: auto;-webkit-text-size-adjust: auto;-webkit-text-stroke-width: 0px;word-spacing:0px">
<span style="font-size:10.5pt;color:black"> </span><span style="color:black"><o:p></o:p></span></p>
<p class="MsoNormal" style="caret-color: rgb(0, 0, 0);font-variant-caps: normal;orphans: auto;text-align:start;widows: auto;-webkit-text-size-adjust: auto;-webkit-text-stroke-width: 0px;word-spacing:0px">
<span style="font-size:10.5pt;color:black">No known exploits exist in the wild at time of publishing this report. Given the ease at which this vulnerability could be exploited and the impact upon exploitation, a concern exists that this threat could easily
be adapted into a wormable exploit. This outcome would likely result in exploitation that could occur at a rapid pace.</span><span style="color:black"><o:p></o:p></span></p>
<p class="MsoNormal" style="caret-color: rgb(0, 0, 0);font-variant-caps: normal;orphans: auto;text-align:start;widows: auto;-webkit-text-size-adjust: auto;-webkit-text-stroke-width: 0px;word-spacing:0px">
<span style="font-size:10.5pt;color:black"> </span><span style="color:black"><o:p></o:p></span></p>
<p class="MsoNormal" style="caret-color: rgb(0, 0, 0);font-variant-caps: normal;orphans: auto;text-align:start;widows: auto;-webkit-text-size-adjust: auto;-webkit-text-stroke-width: 0px;word-spacing:0px">
<span style="font-size:10.5pt;color:black">Platforms affected include all versions of the following operating systems: Windows 7, Windows 8, Windows 10, Windows Server 2008, Windows Server 2012, and Windows Server 2016.</span><span style="color:black"><o:p></o:p></span></p>
<p class="MsoNormal" style="caret-color: rgb(0, 0, 0);font-variant-caps: normal;orphans: auto;text-align:start;widows: auto;-webkit-text-size-adjust: auto;-webkit-text-stroke-width: 0px;word-spacing:0px">
<span style="font-size:10.5pt;color:black"> </span><span style="color:black"><o:p></o:p></span></p>
<p class="MsoNormal" style="caret-color: rgb(0, 0, 0);font-variant-caps: normal;orphans: auto;text-align:start;widows: auto;-webkit-text-size-adjust: auto;-webkit-text-stroke-width: 0px;word-spacing:0px">
<span style="font-size:10.5pt;color:black">For those subscribed to the MIT Windows Automatic Update Service (WAUS), these patches were released last Thursday and no further action needs to be taken. For all others,<span class="apple-converted-space"> </span>IS&T
strongly recommends that you install the June Cumulative Security Update and restart affected machines as soon as possible. There are no known workarounds short of disabling network interfaces on a vulnerable system. </span><span style="color:black"><o:p></o:p></span></p>
<p class="MsoNormal" style="caret-color: rgb(0, 0, 0);font-variant-caps: normal;orphans: auto;text-align:start;widows: auto;-webkit-text-size-adjust: auto;-webkit-text-stroke-width: 0px;word-spacing:0px">
<span style="font-size:10.5pt;color:black"> </span><span style="color:black"><o:p></o:p></span></p>
<p class="MsoNormal" style="caret-color: rgb(0, 0, 0);font-variant-caps: normal;orphans: auto;text-align:start;widows: auto;-webkit-text-size-adjust: auto;-webkit-text-stroke-width: 0px;word-spacing:0px">
<span style="font-size:10.5pt;color:black">If you have any questions or require assistance,<span class="apple-converted-space"> </span><a href="https://ist.mit.edu/help"><span style="color:#1155CC">contact the IS&T Service Desk</span></a>.</span><span style="color:black"><o:p></o:p></span></p>
<p class="MsoNormal" style="caret-color: rgb(0, 0, 0);font-variant-caps: normal;orphans: auto;text-align:start;widows: auto;-webkit-text-size-adjust: auto;-webkit-text-stroke-width: 0px;word-spacing:0px">
<span style="font-size:10.5pt;color:black"> </span><span style="color:black"><o:p></o:p></span></p>
<p class="MsoNormal" style="caret-color: rgb(0, 0, 0);font-variant-caps: normal;orphans: auto;text-align:start;widows: auto;-webkit-text-size-adjust: auto;-webkit-text-stroke-width: 0px;word-spacing:0px">
<span style="font-size:10.5pt;color:black">Further Reading</span><span style="color:black"><o:p></o:p></span></p>
<p class="MsoNormal" style="caret-color: rgb(0, 0, 0);font-variant-caps: normal;orphans: auto;text-align:start;widows: auto;-webkit-text-size-adjust: auto;-webkit-text-stroke-width: 0px;word-spacing:0px">
<span style="font-size:10.5pt;color:black"><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8225"><span style="color:#1155CC">https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8225</span></a></span><span style="color:black"><o:p></o:p></span></p>
<p class="MsoNormal" style="caret-color: rgb(0, 0, 0);font-variant-caps: normal;orphans: auto;text-align:start;widows: auto;-webkit-text-size-adjust: auto;-webkit-text-stroke-width: 0px;word-spacing:0px">
<span style="font-size:10.5pt;color:black"><a href="https://www.zerodayinitiative.com/blog/2018/6/12/the-june-2018-security-update-review"><span style="color:#1155CC">https://www.zerodayinitiative.com/blog/2018/6/12/the-june-2018-security-update-review</span></a></span><span style="color:black"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt">Best,<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt">Jessica<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;color:black">Jessica Murray <o:p>
</o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt">Information Security Officer<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt">Information Systems and Technology<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt">Massachusetts Institute of Technology<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
</div>
</body>
</html>