Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2018-05-08 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Microsoft May 2018 Patch Tuesday

Published: 2018-05-08
Last Updated: 2018-05-08 18:11:38 UTC
by Johannes Ullrich (Version: 1)
1 comment(s)

Microsoft patched to vulnerabilities that have already been exploited in the wild:

CVE 2018-8174, a remote code execution vulnerability in the VBScript Engine.

CVE 2018-8120, a privilege escalation vulnerability in Win32k..

CVE 2018-8170. another privilege escalation vulnerabilty patched this month was known publicly, but has not been detected in exploits so far.

In addtion, CVE 2018-8115, which was already patched last week, is included in this months patch round-up.

 

 

 

Description
CVE Disclosed Exploited Exploitability (old versions) current version Severity CVSS Base (AVG) CVSS Temporal (AVG)
.NET Framework Device Guard Security Feature Bypass Vulnerability
CVE 2018-1039 No No Less Likely Less Likely Important    
.NET and .NET Core Denial of Service Vulnerability
CVE 2018-0765 No No Unlikely Unlikely Important    
Azure IoT SDK Spoofing Vulnerability
CVE 2018-8119 No No - - Important    
Chakra Scripting Engine Memory Corruption Vulnerability
CVE 2018-8130 No No - - Critical 4.2 3.8
CVE 2018-8133 No No - - Critical 4.2 3.8
CVE 2018-8145 No No Unlikely Unlikely Important 2.4 2.2
CVE 2018-8177 No No - - Critical 4.2 3.8
CVE 2018-0943 No No - - Critical 4.2 3.8
DirectX Graphics Kernel Elevation of Privilege Vulnerability
CVE 2018-8165 No No More Likely More Likely Important 7.0 6.3
Hyper-V Remote Code Execution Vulnerability
CVE 2018-0959 No No Less Likely Less Likely Critical 7.6 6.8
Hyper-V vSMB Remote Code Execution Vulnerability
CVE 2018-0961 No No Less Likely Less Likely Critical 7.6 6.8
Internet Explorer Security Feature Bypass Vulnerability
CVE 2018-8126 No No Less Likely Less Likely Important 5.3 4.8
May 2018 Adobe Flash Security Update
ADV180008 No No - - Critical    
Microsoft Browser Information Disclosure Vulnerability
CVE 2018-1025 No No More Likely More Likely Important 4.3 3.9
Microsoft Browser Memory Corruption Vulnerability
CVE 2018-8178 No No More Likely More Likely Critical 6.4 5.8
Microsoft COM for Windows Remote Code Execution Vulnerability
CVE 2018-0824 No No Less Likely Less Likely Important 7.5 6.7
Microsoft Edge Information Disclosure Vulnerability
CVE 2018-1021 No No - - Important 4.3 3.9
Microsoft Edge Memory Corruption Vulnerability
CVE 2018-8123 No No - - Important 4.2 3.8
CVE 2018-8179 No No - - Important 4.2 3.8
Microsoft Edge Security Feature Bypass Vulnerability
CVE 2018-8112 No No - - Important 4.3 3.9
Microsoft Excel Information Disclosure Vulnerability
CVE 2018-8163 No No More Likely More Likely Important    
Microsoft Excel Remote Code Execution Vulnerability
CVE 2018-8162 No No More Likely More Likely Important    
CVE 2018-8147 No No More Likely More Likely Important    
CVE 2018-8148 No No More Likely More Likely Important    
Microsoft Exchange Elevation of Privilege Vulnerability
CVE 2018-8159 No No Less Likely Less Likely Important    
Microsoft Exchange Memory Corruption Vulnerability
CVE 2018-8151 No No Less Likely Less Likely Important    
CVE 2018-8154 No No Less Likely Less Likely Critical    
Microsoft Exchange Server Elevation of Privilege Vulnerability
CVE 2018-8152 No No Less Likely Less Likely Important    
Microsoft Exchange Spoofing Vulnerability
CVE 2018-8153 No No Less Likely Less Likely Low    
Microsoft InfoPath Remote Code Execution Vulnerability
CVE 2018-8173 No No - - Important    
Microsoft Office Remote Code Execution Vulnerability
CVE 2018-8161 No No Less Likely Less Likely Important    
CVE 2018-8157 No No More Likely More Likely Important    
CVE 2018-8158 No No More Likely More Likely Important    
Microsoft Outlook Information Disclosure Vulnerability
CVE 2018-8160 No No - - Important    
Microsoft Outlook Security Feature Bypass Vulnerability
CVE 2018-8150 No No - - Important    
Microsoft SharePoint Elevation of Privilege Vulnerability
CVE 2018-8155 No No Less Likely Less Likely Important    
CVE 2018-8156 No No Less Likely Less Likely Important    
CVE 2018-8168 No No - - Important    
CVE 2018-8149 No No Less Likely Less Likely Important    
Scripting Engine Memory Corruption Vulnerability
CVE 2018-8122 No No More Likely More Likely Critical 6.4 5.8
CVE 2018-8128 No No - - Critical 4.2 3.8
CVE 2018-8137 No No - - Critical 4.2 3.8
CVE 2018-8139 No No - - Critical 4.2 3.8
CVE 2018-0945 No No - - Critical 4.2 3.8
CVE 2018-0946 No No - - Critical 4.2 3.8
CVE 2018-0951 No No - - Critical 4.2 3.8
CVE 2018-0953 No No - - Critical 4.2 3.8
CVE 2018-0954 No No More Likely More Likely Critical 4.2 3.8
CVE 2018-0955 No No More Likely More Likely Critical 6.4 5.8
CVE 2018-1022 No No More Likely More Likely Critical 6.4 5.8
CVE 2018-8114 No No More Likely More Likely Critical 6.4 5.8
Win32k Elevation of Privilege Vulnerability
CVE 2018-8124 No No More Likely More Likely Important 7.0 6.3
CVE 2018-8164 No No More Likely More Likely Important 7.0 6.3
CVE 2018-8166 No No More Likely More Likely Important 7.0 6.3
CVE 2018-8120 No Yes - - Important 7.0 6.3
Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE 2018-8167 No No More Likely More Likely Important 7.0 6.7
Windows Elevation of Privilege Vulnerability
CVE 2018-8134 No No More Likely More Likely Important 7.0 6.3
Windows Host Compute Service Shim Remote Code Execution Vulnerability
CVE 2018-8115 No No Unlikely Unlikely Critical    
Windows Image Elevation of Privilege Vulnerability
CVE 2018-8170 Yes No More Likely More Likely Important 7.0 6.3
Windows Kernel Elevation of Privilege Vulnerability
CVE 2018-8897 No No Unlikely Unlikely Important 7.0 6.3
Windows Kernel Information Disclosure Vulnerability
CVE 2018-8127 No No More Likely More Likely Important 4.7 4.2
CVE 2018-8141 Yes No - - Important 4.7 4.2
Windows Remote Code Execution Vulnerability
CVE 2018-8136 No No Less Likely Less Likely Low 6.5 5.9
Windows Security Feature Bypass Vulnerability
CVE 2018-0854 No No Unlikely Unlikely Important 2.4 2.2
CVE 2018-0958 No No Less Likely Less Likely Important 5.3 4.8
CVE 2018-8129 No No Less Likely Less Likely Important 5.3 4.8
CVE 2018-8132 No No Less Likely Less Likely Important 5.3 4.8
Windows VBScript Engine Remote Code Execution Vulnerability
CVE 2018-8174 No Yes Detected Detected Critical 7.5 7.0

---
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS Technology Institute
Twitter|

Keywords:
1 comment(s)
Diary Archives