Microsoft December 2018 Patch Tuesday
December 2018 Security Updates
Description | |||||||
---|---|---|---|---|---|---|---|
CVE | Disclosed | Exploited | Exploitability (old versions) | current version | Severity | CVSS Base (AVG) | CVSS Temporal (AVG) |
.NET Framework Denial Of Service Vulnerability | |||||||
CVE-2018-8517 | Yes | No | Unlikely | Unlikely | Important | ||
.NET Framework Remote Code Injection Vulnerability | |||||||
CVE-2018-8540 | No | No | Less Likely | Less Likely | Critical | ||
Chakra Scripting Engine Memory Corruption Vulnerability | |||||||
CVE-2018-8583 | No | No | - | - | Critical | 4.2 | 3.8 |
CVE-2018-8617 | No | No | - | - | Critical | 4.2 | 3.8 |
CVE-2018-8618 | No | No | - | - | Critical | 4.2 | 3.8 |
CVE-2018-8624 | No | No | - | - | Critical | 4.2 | 3.8 |
CVE-2018-8629 | No | No | - | - | Critical | 4.2 | 3.8 |
Connected User Experiences and Telemetry Service Denial of Service Vulnerability | |||||||
CVE-2018-8612 | No | No | More Likely | More Likely | Important | 4.7 | 4.7 |
December 2018 Adobe Flash Security Update | |||||||
ADV180031 | No | No | - | - | Critical | ||
Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability | |||||||
CVE-2018-8599 | No | No | More Likely | More Likely | Important | 7.0 | 6.3 |
DirectX Information Disclosure Vulnerability | |||||||
CVE-2018-8638 | No | No | - | - | Important | 4.7 | 4.2 |
Internet Explorer Memory Corruption Vulnerability | |||||||
CVE-2018-8631 | No | No | More Likely | More Likely | Critical | 6.4 | 5.8 |
Internet Explorer Remote Code Execution Vulnerability | |||||||
CVE-2018-8619 | No | No | More Likely | More Likely | Important | 6.4 | 5.8 |
Microsoft Dynamics NAV Cross Site Scripting Vulnerability | |||||||
CVE-2018-8651 | No | No | Less Likely | Less Likely | Important | ||
Microsoft Excel Information Disclosure Vulnerability | |||||||
CVE-2018-8598 | No | No | Less Likely | Less Likely | Important | ||
CVE-2018-8627 | No | No | Less Likely | Less Likely | Important | ||
Microsoft Excel Remote Code Execution Vulnerability | |||||||
CVE-2018-8597 | No | No | More Likely | More Likely | Important | ||
CVE-2018-8636 | No | No | Less Likely | Less Likely | Important | ||
Microsoft Exchange Server Tampering Vulnerability | |||||||
CVE-2018-8604 | No | No | Less Likely | Less Likely | Important | ||
Microsoft Outlook Remote Code Execution Vulnerability | |||||||
CVE-2018-8587 | No | No | More Likely | More Likely | Important | ||
Microsoft PowerPoint Remote Code Execution Vulnerability | |||||||
CVE-2018-8628 | No | No | More Likely | More Likely | Important | ||
Microsoft SharePoint Information Disclosure Vulnerability | |||||||
CVE-2018-8580 | No | No | Unlikely | Unlikely | Important | ||
Microsoft SharePoint Server Elevation of Privilege Vulnerability | |||||||
CVE-2018-8635 | No | No | Unlikely | Unlikely | Important | ||
Microsoft Text-To-Speech Remote Code Execution Vulnerability | |||||||
CVE-2018-8634 | No | No | More Likely | More Likely | Critical | 4.2 | 3.8 |
Remote Procedure Call runtime Information Disclosure Vulnerability | |||||||
CVE-2018-8514 | No | No | Less Likely | Less Likely | Important | 3.3 | 3.3 |
Scripting Engine Memory Corruption Vulnerability | |||||||
CVE-2018-8643 | No | No | More Likely | More Likely | Important | 6.4 | 5.8 |
Win32k Elevation of Privilege Vulnerability | |||||||
CVE-2018-8639 | No | No | More Likely | More Likely | Important | 7.0 | 6.3 |
CVE-2018-8641 | No | No | More Likely | More Likely | Important | 7.0 | 6.3 |
Win32k Information Disclosure Vulnerability | |||||||
CVE-2018-8637 | No | No | More Likely | More Likely | Important | 4.7 | 4.2 |
Windows Azure Pack Cross Site Scripting Vulnerability | |||||||
CVE-2018-8652 | No | No | - | - | Important | ||
Windows DNS Server Heap Overflow Vulnerability | |||||||
CVE-2018-8626 | No | No | Less Likely | Less Likely | Critical | 9.8 | 8.8 |
Windows Denial of Service Vulnerability | |||||||
CVE-2018-8649 | No | No | - | - | Important | 5.0 | 4.5 |
Windows GDI Information Disclosure Vulnerability | |||||||
CVE-2018-8595 | No | No | More Likely | More Likely | Important | 4.7 | 4.2 |
CVE-2018-8596 | No | No | More Likely | More Likely | Important | 4.7 | 4.2 |
Windows Kernel Elevation of Privilege Vulnerability | |||||||
CVE-2018-8611 | No | Yes | Detected | More Likely | Important | 7.0 | 7.0 |
Windows Kernel Information Disclosure Vulnerability | |||||||
CVE-2018-8477 | No | No | More Likely | More Likely | Important | 3.3 | 3.3 |
CVE-2018-8621 | No | No | - | - | Important | 4.7 | 4.1 |
CVE-2018-8622 | No | No | - | - | Important | 4.7 | 4.1 |
Windows VBScript Engine Remote Code Execution Vulnerability | |||||||
CVE-2018-8625 | No | No | More Likely | More Likely | Important | 6.4 | 5.8 |
For a detailed breakdown please see Renato's Dashboard:
Keywords: Patch Tuesday Microsoft
2 comment(s)Announcing the Security Awareness Survey, find it at https://survey.sans.org/jfe/form/SV_4UZfNorPzzXlfr7
ISC Stormcast For Tuesday, December 11th 2018 https://isc.sans.edu/podcastdetail.html?id=6288
×
Diary Archives
Comments
www
Nov 17th 2022
6 months ago
EEW
Nov 17th 2022
6 months ago
qwq
Nov 17th 2022
6 months ago
mashood
Nov 17th 2022
6 months ago
isc.sans.edu
Nov 23rd 2022
6 months ago
isc.sans.edu
Nov 23rd 2022
6 months ago
isc.sans.edu
Dec 3rd 2022
6 months ago
isc.sans.edu
Dec 3rd 2022
6 months ago
<a hreaf="https://technolytical.com/">the social network</a> is described as follows because they respect your privacy and keep your data secure. The social networks are not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go.
<a hreaf="https://technolytical.com/">the social network</a> is not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go. The social networks only collect the minimum amount of information required for the service that they provide. Your personal information is kept private, and is never shared with other companies without your permission
isc.sans.edu
Dec 26th 2022
5 months ago
isc.sans.edu
Dec 26th 2022
5 months ago