Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Handlers Diary Blog - Microsoft June 2018 Patch Tuesday InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Microsoft June 2018 Patch Tuesday

Published: 2018-06-12
Last Updated: 2018-06-12 18:00:42 UTC
by Johannes Ullrich (Version: 1)
4 comment(s)

June 2018 Security Updates

Description
CVE Disclosed Exploited Exploitability (old versions) current version Severity CVSS Base (AVG) CVSS Temporal (AVG)
Chakra Scripting Engine Memory Corruption Vulnerability
CVE-2018-8227 No No - - Important 4.2 3.8
CVE-2018-8229 No No - - Critical 4.2 3.8
Cortana Elevation of Privilege Vulnerability
CVE-2018-8140 No No Less Likely Less Likely Important 6.8 5.9
Device Guard Code Integrity Policy Security Feature Bypass Vulnerability
CVE-2018-8201 No No Less Likely Less Likely Important 4.5 3.9
CVE-2018-8211 No No Less Likely Less Likely Important 5.3 4.8
CVE-2018-8212 No No Less Likely Less Likely Important 5.3 4.8
CVE-2018-8215 No No Less Likely Less Likely Important 5.3 4.8
CVE-2018-8216 No No Less Likely Less Likely Important 5.3 4.8
CVE-2018-8217 No No Less Likely Less Likely Important 5.3 4.8
CVE-2018-8221 No No Less Likely Less Likely Important 5.3 4.8
HIDParser Elevation of Privilege Vulnerability
CVE-2018-8169 No No Less Likely Less Likely Important 7.0 6.7
HTTP Protocol Stack Remote Code Execution Vulnerability
CVE-2018-8231 No No Less Likely Less Likely Critical 8.1 7.7
HTTP.sys Denial of Service Vulnerability
CVE-2018-8226 No No Unlikely Unlikely Important 5.3 4.8
Hypervisor Code Integrity Elevation of Privilege Vulnerability
CVE-2018-8219 No No Less Likely Less Likely Important 7.6 6.8
Internet Explorer Memory Corruption Vulnerability
CVE-2018-0978 No No Less Likely Less Likely Important 2.4 2.2
CVE-2018-8249 No No More Likely More Likely Critical 6.4 5.8
Internet Explorer Security Feature Bypass Vulnerability
CVE-2018-8113 No No Less Likely Less Likely Important 4.3 3.9
June 2018 Adobe Flash Security Update
ADV180014 No No - - Critical    
Media Foundation Memory Corruption Vulnerability
CVE-2018-8251 No No More Likely More Likely Critical 4.2 3.8
Microsoft Edge Information Disclosure Vulnerability
CVE-2018-0871 No No - - Important 4.3 3.9
CVE-2018-8234 No No - - Important 4.3 3.9
Microsoft Edge Memory Corruption Vulnerability
CVE-2018-8110 No No - - Critical 4.2 3.8
CVE-2018-8111 No No - - Critical 4.2 3.8
CVE-2018-8236 No No - - Critical 4.2 3.8
Microsoft Edge Security Feature Bypass Vulnerability
CVE-2018-8235 No No - - Important 4.3 3.9
Microsoft Excel Information Disclosure Vulnerability
CVE-2018-8246 No No Less Likely Less Likely Important    
Microsoft Excel Remote Code Execution Vulnerability
CVE-2018-8248 No No Less Likely Less Likely Important    
Microsoft Office Defense in Depth Update
ADV180015 No No - - None    
Microsoft Office Elevation of Privilege Vulnerability
CVE-2018-8245 No No - - Important    
CVE-2018-8247 No No Less Likely Less Likely Important    
Microsoft Outlook Elevation of Privilege Vulnerability
CVE-2018-8244 No No Less Likely Less Likely Important    
Microsoft SharePoint Elevation of Privilege Vulnerability
CVE-2018-8252 No No Less Likely Less Likely Important    
CVE-2018-8254 No No Less Likely Less Likely Important    
NTFS Elevation of Privilege Vulnerability
CVE-2018-1036 No No More Likely More Likely Important 7.0 6.3
Scripting Engine Memory Corruption Vulnerability
CVE-2018-8243 No No - - Critical 8.8 8.8
CVE-2018-8267 Yes No More Likely More Likely Critical 6.4 5.8
WEBDAV Denial of Service Vulnerability
CVE-2018-8175 No No Less Likely Less Likely Important 5.9 5.2
Win32k Elevation of Privilege Vulnerability
CVE-2018-8233 No No - - Important 7.8 7.8
Windows Code Integrity Module Denial of Service Vulnerability
CVE-2018-1040 No No Less Likely Less Likely Important 5.3 4.8
Windows DNSAPI Remote Code Execution Vulnerability
CVE-2018-8225 No No Less Likely Less Likely Critical 8.1 7.3
Windows Denial of Service Vulnerability
CVE-2018-8205 No No Unlikely Unlikely Important 5.5 5.0
Windows Desktop Bridge Elevation of Privilege Vulnerability
CVE-2018-8208 No No Less Likely Less Likely Important 7.0 6.7
CVE-2018-8214 No No Less Likely Less Likely Important 7.0 6.7
Windows Elevation of Privilege Vulnerability
CVE-2018-0982 No No More Likely More Likely Important 7.0 6.3
Windows GDI Information Disclosure Vulnerability
CVE-2018-8239 No No More Likely More Likely Important 4.4 4.4
Windows Hyper-V Denial of Service Vulnerability
CVE-2018-8218 No No - - Important 5.7 5.1
Windows Kernel Elevation of Privilege Vulnerability
CVE-2018-8224 No No - - Important 7.0 6.3
Windows Kernel Information Disclosure Vulnerability
CVE-2018-8207 No No Less Likely Less Likely Important 4.7 4.2
CVE-2018-8121 No No More Likely More Likely Important 4.7 4.5
Windows Remote Code Execution Vulnerability
CVE-2018-8210 No No Less Likely Less Likely Important 7.3 6.6
CVE-2018-8213 No No Less Likely Less Likely Critical 7.8 7.0
Windows Wireless Network Profile Information Disclosure Vulnerability
CVE-2018-8209 No No Less Likely Less Likely Important 5.5 5.0

---
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS Technology Institute
Twitter|

4 comment(s)
Diary Archives