October 2018 Microsoft Patch Tuesday

Microsoft released patches for 48 vulnerabilities today and one advisory regarding a defense in depth update for Office. No Adobe updates are included so far, but Adobe has released updates to PDF Reader / Acrobat about a week ago.

Two vulnerabilities have been disclosed before:

CVE-2018-8531: A memory corruption vulnerability in the Azure IoT Device Client SDK (rated important)

CVE-2018-8432: A remote code execution vulnerability in the JET database engine (this issue was widely covered. It requires an attacker to convince the victim to open a malicious JET database file. Office products include JET).

CVE-2018-8453: This vulnerability, a privilege escalation issue in Win32k, was already exploited in the wild.

CVE-2018-8497: Another privilege escalation issues that was made public prior to today but not yet seen in exploits per Microsoft.

For a more detailed breakdown, see again Renato's dashboard: https://patchtuesdaydashboard.com/

Description
CVE	Disclosed	Exploited	Exploitability (old versions)	current version	Severity	CVSS Base (AVG)	CVSS Temporal (AVG)
Azure IoT Device Client SDK Memory Corruption Vulnerability
CVE-2018-8531	Yes	No	Less Likely	Less Likely	Important
Chakra Scripting Engine Memory Corruption Vulnerability
CVE-2018-8503	No	No	-	-	Low	4.2	3.8
CVE-2018-8505	No	No	-	-	Critical	4.2	3.8
CVE-2018-8510	No	No	-	-	Critical	4.2	3.8
CVE-2018-8511	No	No	-	-	Critical	4.2	3.8
CVE-2018-8513	No	No	-	-	Critical	4.2	3.8
Device Guard Code Integrity Policy Security Feature Bypass Vulnerability
CVE-2018-8492	No	No	More Likely	More Likely	Important	5.3	4.8
DirectX Graphics Kernel Elevation of Privilege Vulnerability
CVE-2018-8484	No	No	Less Likely	Less Likely	Important	7.0	6.3
DirectX Information Disclosure Vulnerability
CVE-2018-8486	No	No	More Likely	More Likely	Important	4.7	4.2
Internet Explorer Memory Corruption Vulnerability
CVE-2018-8460	No	No	-	-	Critical	6.4	5.8
CVE-2018-8491	No	No	-	-	Critical	6.4	5.8
Linux On Windows Elevation Of Privilege Vulnerability
CVE-2018-8329	No	No	-	-	Important	7.0	6.3
MFC Insecure Library Loading Vulnerability
CVE-2010-3190	No	No	Less Likely	Less Likely	Important
MS XML Remote Code Execution Vulnerability
CVE-2018-8494	No	No	Less Likely	Less Likely	Critical	7.5	6.7
Microsoft Edge Memory Corruption Vulnerability
CVE-2018-8473	No	No	-	-	Critical	4.2	3.8
CVE-2018-8509	No	No	-	-	Critical	4.2	3.8
Microsoft Edge Security Feature Bypass Vulnerability
CVE-2018-8512	No	No	-	-	Important	4.2	3.8
CVE-2018-8530	No	No	-	-	Important	4.3	3.9
Microsoft Excel Remote Code Execution Vulnerability
CVE-2018-8502	No	No	More Likely	More Likely	Important
Microsoft Exchange Remote Code Execution Vulnerability
CVE-2018-8265	No	No	Less Likely	Less Likely	Important
Microsoft Exchange Server Elevation of Privilege Vulnerability
CVE-2018-8448	No	No	Less Likely	Less Likely	Important
Microsoft Filter Manager Elevation Of Privilege Vulnerability
CVE-2018-8333	No	No	More Likely	More Likely	Important	7.0	6.1
Microsoft Graphics Components Information Disclosure Vulnerability
CVE-2018-8427	No	No	Less Likely	Less Likely	Important	4.7	4.2
Microsoft Graphics Components Remote Code Execution Vulnerability
CVE-2018-8432	No	No	Less Likely	Less Likely	Important	5.0	4.5
Microsoft JET Database Engine Remote Code Execution Vulnerability
CVE-2018-8423	Yes	No	Less Likely	Less Likely	Important	7.8	7.0
Microsoft Office Defense in Depth Update
ADV180026	No	No	Less Likely	Less Likely	None
Microsoft PowerPoint Remote Code Execution Vulnerability
CVE-2018-8501	No	No	More Likely	More Likely	Important
Microsoft SharePoint Elevation of Privilege Vulnerability
CVE-2018-8480	No	No	-	-	Important
CVE-2018-8488	No	No	Less Likely	Less Likely	Important
CVE-2018-8518	No	No	Less Likely	Less Likely	Important
CVE-2018-8498	No	No	Less Likely	Less Likely	Important
Microsoft Windows Codecs Library Information Disclosure Vulnerability
CVE-2018-8506	No	No	Less Likely	Less Likely	Important	3.3	3.3
Microsoft Word Remote Code Execution Vulnerability
CVE-2018-8504	No	No	More Likely	More Likely	Important
NTFS Elevation of Privilege Vulnerability
CVE-2018-8411	No	No	More Likely	More Likely	Important	7.0	6.3
SQL Server Management Studio Information Disclosure Vulnerability
CVE-2018-8527	No	No	Less Likely	Less Likely	Important
CVE-2018-8532	No	No	Less Likely	Less Likely	Important
CVE-2018-8533	No	No	Less Likely	Less Likely	Moderate
Scripting Engine Memory Corruption Vulnerability
CVE-2018-8500	No	No	-	-	Critical
Win32k Elevation of Privilege Vulnerability
CVE-2018-8453	No	Yes	Detected	More Likely	Important	7.0	6.3
Windows DNS Security Feature Bypass Vulnerability
CVE-2018-8320	No	No	Less Likely	Less Likely	Important	4.3	4.3
Windows GDI Information Disclosure Vulnerability
CVE-2018-8472	No	No	Less Likely	Less Likely	Important	4.7	4.2
Windows Hyper-V Remote Code Execution Vulnerability
CVE-2018-8489	No	No	Less Likely	Less Likely	Critical	7.6	6.8
CVE-2018-8490	No	No	Less Likely	Less Likely	Critical	7.6	6.8
Windows Kernel Elevation of Privilege Vulnerability
CVE-2018-8497	Yes	No	More Likely	More Likely	Important	7.8	7.0
Windows Kernel Information Disclosure Vulnerability
CVE-2018-8330	No	No	Less Likely	Less Likely	Important	4.7	4.1
Windows Media Player Information Disclosure Vulnerability
CVE-2018-8481	No	No	Less Likely	Less Likely	Important	3.5	3.5
CVE-2018-8482	No	No	Less Likely	Less Likely	Important	3.5	3.5
Windows Shell Remote Code Execution Vulnerability
CVE-2018-8495	No	No	-	-	Important	4.2	3.8
Windows TCP/IP Information Disclosure Vulnerability
CVE-2018-8493	No	No	-	-	Important	5.9	5.3
Windows Theme API Remote Code Execution Vulnerability
CVE-2018-8413	No	No	More Likely	More Likely	Important	5.0	4.5

---
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS Technology Institute
Twitter|

I will be teaching next: Intrusion Detection In-Depth - SIEM Summit & Training 2019

Johannes

3627 Posts
ISC Handler

Oct 9th 2018
11 months ago

Thanks Johannes!!

Anonymous

Quote

Oct 9th 2018
11 months ago