October 2018 Microsoft Patch Tuesday
Microsoft released patches for 48 vulnerabilities today and one advisory regarding a defense in depth update for Office. No Adobe updates are included so far, but Adobe has released updates to PDF Reader / Acrobat about a week ago.
Two vulnerabilities have been disclosed before:
CVE-2018-8531: A memory corruption vulnerability in the Azure IoT Device Client SDK (rated important)
CVE-2018-8432: A remote code execution vulnerability in the JET database engine (this issue was widely covered. It requires an attacker to convince the victim to open a malicious JET database file. Office products include JET).
CVE-2018-8453: This vulnerability, a privilege escalation issue in Win32k, was already exploited in the wild.
CVE-2018-8497: Another privilege escalation issues that was made public prior to today but not yet seen in exploits per Microsoft.
For a more detailed breakdown, see again Renato's dashboard: https://patchtuesdaydashboard.com/
Description | |||||||
---|---|---|---|---|---|---|---|
CVE | Disclosed | Exploited | Exploitability (old versions) | current version | Severity | CVSS Base (AVG) | CVSS Temporal (AVG) |
Azure IoT Device Client SDK Memory Corruption Vulnerability | |||||||
CVE-2018-8531 | Yes | No | Less Likely | Less Likely | Important | ||
Chakra Scripting Engine Memory Corruption Vulnerability | |||||||
CVE-2018-8503 | No | No | - | - | Low | 4.2 | 3.8 |
CVE-2018-8505 | No | No | - | - | Critical | 4.2 | 3.8 |
CVE-2018-8510 | No | No | - | - | Critical | 4.2 | 3.8 |
CVE-2018-8511 | No | No | - | - | Critical | 4.2 | 3.8 |
CVE-2018-8513 | No | No | - | - | Critical | 4.2 | 3.8 |
Device Guard Code Integrity Policy Security Feature Bypass Vulnerability | |||||||
CVE-2018-8492 | No | No | More Likely | More Likely | Important | 5.3 | 4.8 |
DirectX Graphics Kernel Elevation of Privilege Vulnerability | |||||||
CVE-2018-8484 | No | No | Less Likely | Less Likely | Important | 7.0 | 6.3 |
DirectX Information Disclosure Vulnerability | |||||||
CVE-2018-8486 | No | No | More Likely | More Likely | Important | 4.7 | 4.2 |
Internet Explorer Memory Corruption Vulnerability | |||||||
CVE-2018-8460 | No | No | - | - | Critical | 6.4 | 5.8 |
CVE-2018-8491 | No | No | - | - | Critical | 6.4 | 5.8 |
Linux On Windows Elevation Of Privilege Vulnerability | |||||||
CVE-2018-8329 | No | No | - | - | Important | 7.0 | 6.3 |
MFC Insecure Library Loading Vulnerability | |||||||
CVE-2010-3190 | No | No | Less Likely | Less Likely | Important | ||
MS XML Remote Code Execution Vulnerability | |||||||
CVE-2018-8494 | No | No | Less Likely | Less Likely | Critical | 7.5 | 6.7 |
Microsoft Edge Memory Corruption Vulnerability | |||||||
CVE-2018-8473 | No | No | - | - | Critical | 4.2 | 3.8 |
CVE-2018-8509 | No | No | - | - | Critical | 4.2 | 3.8 |
Microsoft Edge Security Feature Bypass Vulnerability | |||||||
CVE-2018-8512 | No | No | - | - | Important | 4.2 | 3.8 |
CVE-2018-8530 | No | No | - | - | Important | 4.3 | 3.9 |
Microsoft Excel Remote Code Execution Vulnerability | |||||||
CVE-2018-8502 | No | No | More Likely | More Likely | Important | ||
Microsoft Exchange Remote Code Execution Vulnerability | |||||||
CVE-2018-8265 | No | No | Less Likely | Less Likely | Important | ||
Microsoft Exchange Server Elevation of Privilege Vulnerability | |||||||
CVE-2018-8448 | No | No | Less Likely | Less Likely | Important | ||
Microsoft Filter Manager Elevation Of Privilege Vulnerability | |||||||
CVE-2018-8333 | No | No | More Likely | More Likely | Important | 7.0 | 6.1 |
Microsoft Graphics Components Information Disclosure Vulnerability | |||||||
CVE-2018-8427 | No | No | Less Likely | Less Likely | Important | 4.7 | 4.2 |
Microsoft Graphics Components Remote Code Execution Vulnerability | |||||||
CVE-2018-8432 | No | No | Less Likely | Less Likely | Important | 5.0 | 4.5 |
Microsoft JET Database Engine Remote Code Execution Vulnerability | |||||||
CVE-2018-8423 | Yes | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
Microsoft Office Defense in Depth Update | |||||||
ADV180026 | No | No | Less Likely | Less Likely | None | ||
Microsoft PowerPoint Remote Code Execution Vulnerability | |||||||
CVE-2018-8501 | No | No | More Likely | More Likely | Important | ||
Microsoft SharePoint Elevation of Privilege Vulnerability | |||||||
CVE-2018-8480 | No | No | - | - | Important | ||
CVE-2018-8488 | No | No | Less Likely | Less Likely | Important | ||
CVE-2018-8518 | No | No | Less Likely | Less Likely | Important | ||
CVE-2018-8498 | No | No | Less Likely | Less Likely | Important | ||
Microsoft Windows Codecs Library Information Disclosure Vulnerability | |||||||
CVE-2018-8506 | No | No | Less Likely | Less Likely | Important | 3.3 | 3.3 |
Microsoft Word Remote Code Execution Vulnerability | |||||||
CVE-2018-8504 | No | No | More Likely | More Likely | Important | ||
NTFS Elevation of Privilege Vulnerability | |||||||
CVE-2018-8411 | No | No | More Likely | More Likely | Important | 7.0 | 6.3 |
SQL Server Management Studio Information Disclosure Vulnerability | |||||||
CVE-2018-8527 | No | No | Less Likely | Less Likely | Important | ||
CVE-2018-8532 | No | No | Less Likely | Less Likely | Important | ||
CVE-2018-8533 | No | No | Less Likely | Less Likely | Moderate | ||
Scripting Engine Memory Corruption Vulnerability | |||||||
CVE-2018-8500 | No | No | - | - | Critical | ||
Win32k Elevation of Privilege Vulnerability | |||||||
CVE-2018-8453 | No | Yes | Detected | More Likely | Important | 7.0 | 6.3 |
Windows DNS Security Feature Bypass Vulnerability | |||||||
CVE-2018-8320 | No | No | Less Likely | Less Likely | Important | 4.3 | 4.3 |
Windows GDI Information Disclosure Vulnerability | |||||||
CVE-2018-8472 | No | No | Less Likely | Less Likely | Important | 4.7 | 4.2 |
Windows Hyper-V Remote Code Execution Vulnerability | |||||||
CVE-2018-8489 | No | No | Less Likely | Less Likely | Critical | 7.6 | 6.8 |
CVE-2018-8490 | No | No | Less Likely | Less Likely | Critical | 7.6 | 6.8 |
Windows Kernel Elevation of Privilege Vulnerability | |||||||
CVE-2018-8497 | Yes | No | More Likely | More Likely | Important | 7.8 | 7.0 |
Windows Kernel Information Disclosure Vulnerability | |||||||
CVE-2018-8330 | No | No | Less Likely | Less Likely | Important | 4.7 | 4.1 |
Windows Media Player Information Disclosure Vulnerability | |||||||
CVE-2018-8481 | No | No | Less Likely | Less Likely | Important | 3.5 | 3.5 |
CVE-2018-8482 | No | No | Less Likely | Less Likely | Important | 3.5 | 3.5 |
Windows Shell Remote Code Execution Vulnerability | |||||||
CVE-2018-8495 | No | No | - | - | Important | 4.2 | 3.8 |
Windows TCP/IP Information Disclosure Vulnerability | |||||||
CVE-2018-8493 | No | No | - | - | Important | 5.9 | 5.3 |
Windows Theme API Remote Code Execution Vulnerability | |||||||
CVE-2018-8413 | No | No | More Likely | More Likely | Important | 5.0 | 4.5 |
---
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS Technology Institute
Twitter|
Network Monitoring and Threat Detection In-Depth | Singapore | Nov 18th - Nov 23rd 2024 |
Comments
Anonymous
Oct 9th 2018
5 years ago