Threat Level: green Handler on Duty: Guy Bruneau

SANS ISC: Microsoft May 2018 Patch Tuesday - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Microsoft May 2018 Patch Tuesday

Microsoft patched to vulnerabilities that have already been exploited in the wild:

CVE 2018-8174, a remote code execution vulnerability in the VBScript Engine.

CVE 2018-8120, a privilege escalation vulnerability in Win32k..

CVE 2018-8170. another privilege escalation vulnerabilty patched this month was known publicly, but has not been detected in exploits so far.

In addtion, CVE 2018-8115, which was already patched last week, is included in this months patch round-up.

 

 

 

Description
CVE Disclosed Exploited Exploitability (old versions) current version Severity CVSS Base (AVG) CVSS Temporal (AVG)
.NET Framework Device Guard Security Feature Bypass Vulnerability
CVE 2018-1039 No No Less Likely Less Likely Important    
.NET and .NET Core Denial of Service Vulnerability
CVE 2018-0765 No No Unlikely Unlikely Important    
Azure IoT SDK Spoofing Vulnerability
CVE 2018-8119 No No - - Important    
Chakra Scripting Engine Memory Corruption Vulnerability
CVE 2018-8130 No No - - Critical 4.2 3.8
CVE 2018-8133 No No - - Critical 4.2 3.8
CVE 2018-8145 No No Unlikely Unlikely Important 2.4 2.2
CVE 2018-8177 No No - - Critical 4.2 3.8
CVE 2018-0943 No No - - Critical 4.2 3.8
DirectX Graphics Kernel Elevation of Privilege Vulnerability
CVE 2018-8165 No No More Likely More Likely Important 7.0 6.3
Hyper-V Remote Code Execution Vulnerability
CVE 2018-0959 No No Less Likely Less Likely Critical 7.6 6.8
Hyper-V vSMB Remote Code Execution Vulnerability
CVE 2018-0961 No No Less Likely Less Likely Critical 7.6 6.8
Internet Explorer Security Feature Bypass Vulnerability
CVE 2018-8126 No No Less Likely Less Likely Important 5.3 4.8
May 2018 Adobe Flash Security Update
ADV180008 No No - - Critical    
Microsoft Browser Information Disclosure Vulnerability
CVE 2018-1025 No No More Likely More Likely Important 4.3 3.9
Microsoft Browser Memory Corruption Vulnerability
CVE 2018-8178 No No More Likely More Likely Critical 6.4 5.8
Microsoft COM for Windows Remote Code Execution Vulnerability
CVE 2018-0824 No No Less Likely Less Likely Important 7.5 6.7
Microsoft Edge Information Disclosure Vulnerability
CVE 2018-1021 No No - - Important 4.3 3.9
Microsoft Edge Memory Corruption Vulnerability
CVE 2018-8123 No No - - Important 4.2 3.8
CVE 2018-8179 No No - - Important 4.2 3.8
Microsoft Edge Security Feature Bypass Vulnerability
CVE 2018-8112 No No - - Important 4.3 3.9
Microsoft Excel Information Disclosure Vulnerability
CVE 2018-8163 No No More Likely More Likely Important    
Microsoft Excel Remote Code Execution Vulnerability
CVE 2018-8162 No No More Likely More Likely Important    
CVE 2018-8147 No No More Likely More Likely Important    
CVE 2018-8148 No No More Likely More Likely Important    
Microsoft Exchange Elevation of Privilege Vulnerability
CVE 2018-8159 No No Less Likely Less Likely Important    
Microsoft Exchange Memory Corruption Vulnerability
CVE 2018-8151 No No Less Likely Less Likely Important    
CVE 2018-8154 No No Less Likely Less Likely Critical    
Microsoft Exchange Server Elevation of Privilege Vulnerability
CVE 2018-8152 No No Less Likely Less Likely Important    
Microsoft Exchange Spoofing Vulnerability
CVE 2018-8153 No No Less Likely Less Likely Low    
Microsoft InfoPath Remote Code Execution Vulnerability
CVE 2018-8173 No No - - Important    
Microsoft Office Remote Code Execution Vulnerability
CVE 2018-8161 No No Less Likely Less Likely Important    
CVE 2018-8157 No No More Likely More Likely Important    
CVE 2018-8158 No No More Likely More Likely Important    
Microsoft Outlook Information Disclosure Vulnerability
CVE 2018-8160 No No - - Important    
Microsoft Outlook Security Feature Bypass Vulnerability
CVE 2018-8150 No No - - Important    
Microsoft SharePoint Elevation of Privilege Vulnerability
CVE 2018-8155 No No Less Likely Less Likely Important    
CVE 2018-8156 No No Less Likely Less Likely Important    
CVE 2018-8168 No No - - Important    
CVE 2018-8149 No No Less Likely Less Likely Important    
Scripting Engine Memory Corruption Vulnerability
CVE 2018-8122 No No More Likely More Likely Critical 6.4 5.8
CVE 2018-8128 No No - - Critical 4.2 3.8
CVE 2018-8137 No No - - Critical 4.2 3.8
CVE 2018-8139 No No - - Critical 4.2 3.8
CVE 2018-0945 No No - - Critical 4.2 3.8
CVE 2018-0946 No No - - Critical 4.2 3.8
CVE 2018-0951 No No - - Critical 4.2 3.8
CVE 2018-0953 No No - - Critical 4.2 3.8
CVE 2018-0954 No No More Likely More Likely Critical 4.2 3.8
CVE 2018-0955 No No More Likely More Likely Critical 6.4 5.8
CVE 2018-1022 No No More Likely More Likely Critical 6.4 5.8
CVE 2018-8114 No No More Likely More Likely Critical 6.4 5.8
Win32k Elevation of Privilege Vulnerability
CVE 2018-8124 No No More Likely More Likely Important 7.0 6.3
CVE 2018-8164 No No More Likely More Likely Important 7.0 6.3
CVE 2018-8166 No No More Likely More Likely Important 7.0 6.3
CVE 2018-8120 No Yes - - Important 7.0 6.3
Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE 2018-8167 No No More Likely More Likely Important 7.0 6.7
Windows Elevation of Privilege Vulnerability
CVE 2018-8134 No No More Likely More Likely Important 7.0 6.3
Windows Host Compute Service Shim Remote Code Execution Vulnerability
CVE 2018-8115 No No Unlikely Unlikely Critical    
Windows Image Elevation of Privilege Vulnerability
CVE 2018-8170 Yes No More Likely More Likely Important 7.0 6.3
Windows Kernel Elevation of Privilege Vulnerability
CVE 2018-8897 No No Unlikely Unlikely Important 7.0 6.3
Windows Kernel Information Disclosure Vulnerability
CVE 2018-8127 No No More Likely More Likely Important 4.7 4.2
CVE 2018-8141 Yes No - - Important 4.7 4.2
Windows Remote Code Execution Vulnerability
CVE 2018-8136 No No Less Likely Less Likely Low 6.5 5.9
Windows Security Feature Bypass Vulnerability
CVE 2018-0854 No No Unlikely Unlikely Important 2.4 2.2
CVE 2018-0958 No No Less Likely Less Likely Important 5.3 4.8
CVE 2018-8129 No No Less Likely Less Likely Important 5.3 4.8
CVE 2018-8132 No No Less Likely Less Likely Important 5.3 4.8
Windows VBScript Engine Remote Code Execution Vulnerability
CVE 2018-8174 No Yes Detected Detected Critical 7.5 7.0

---
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS Technology Institute
Twitter|

 Johannes

3246 Posts
ISC Handler
Reply Subscribe May 8th 2018
2 weeks ago
ADV170017 (YES, that's NO typo) is missing from the list!
See https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV170017
 Anonymous
Posts
Reply Quote May 8th 2018
2 weeks ago

Sign Up for Free or Log In to start participating in the conversation!