Microsoft is now blocking some Intel SSDs from installing the April 2018 Update due to a known incompatibility that may cause performance and stability issues.
Hackers could trick users into visiting a compromised site, or one featuring malicious ads, or else attackers could exploit the vulnerability through an embedded ActiveX application, or specially crafted Office documents that host the IE rendering engine. It exists in Windows 7, Windows RT, Windows 8.1, Windows 10, Windows Server 2008, Windows Server 2012 and Windows Server 2016. In both cases attackers would need to have logged on or gained locally authenticated access to the system to exploit, according to Goettl.
Another Exchange patch addresses a memory corruption vulnerability (CVE-2018-8154), which an attacker could use to execute code. The flaw in Windows 10 and Windows Server, designated CVE-2018-8170, had been publicly reported but has not yet been seen in in-the-wild attacks.
"An attacker who successfully exploited the vulnerability could gain the same user rights as the current user".
The first flaw is formally known as CVE-2018-8174 was discovered by Kaspersky Lab. But while the update fixes several bugs present in the initial public release, it appears to be causing some issues of its own (via Windows Latest).
Microsoft has halted distribution of Windows 10 April 2018 Update for owners of systems with specific Intel SSDs, the combo of the operating system update and the Intel SSDs can result in a boot loop. Microsoft also cites performance and stability issues as key components of the errors, so it's possible that users with the April update can unknowingly suffer from reduced performance if they have an Intel SSD installed in their system.