Microsoft released patches for 48 vulnerabilities today and one advisory regarding a defense in depth update for Office. No Adobe updates are included so far, but Adobe has released updates to PDF Reader / Acrobat about a week ago.
Two vulnerabilities have been disclosed before:
CVE-2018-8531: A memory corruption vulnerability in the Azure IoT Device Client SDK (rated important)
CVE-2018-8432: A remote code execution vulnerability in the JET database engine (this issue was widely covered. It requires an attacker to convince the victim to open a malicious JET database file. Office products include JET).
CVE-2018-8453: This vulnerability, a privilege escalation issue in Win32k, was already exploited in the wild.
CVE-2018-8497: Another privilege escalation issues that was made public prior to today but not yet seen in exploits per Microsoft.
For a more detailed breakdown, see again Renato's dashboard: https://patchtuesdaydashboard.com/
| Description |
| CVE |
Disclosed |
Exploited |
Exploitability (old versions) |
current version |
Severity |
CVSS Base (AVG) |
CVSS Temporal (AVG) |
| Azure IoT Device Client SDK Memory Corruption Vulnerability |
| CVE-2018-8531 |
Yes |
No |
Less Likely |
Less Likely |
Important |
|
|
| Chakra Scripting Engine Memory Corruption Vulnerability |
| CVE-2018-8503 |
No |
No |
- |
- |
Low |
4.2 |
3.8 |
| CVE-2018-8505 |
No |
No |
- |
- |
Critical |
4.2 |
3.8 |
| CVE-2018-8510 |
No |
No |
- |
- |
Critical |
4.2 |
3.8 |
| CVE-2018-8511 |
No |
No |
- |
- |
Critical |
4.2 |
3.8 |
| CVE-2018-8513 |
No |
No |
- |
- |
Critical |
4.2 |
3.8 |
| Device Guard Code Integrity Policy Security Feature Bypass Vulnerability |
| CVE-2018-8492 |
No |
No |
More Likely |
More Likely |
Important |
5.3 |
4.8 |
| DirectX Graphics Kernel Elevation of Privilege Vulnerability |
| CVE-2018-8484 |
No |
No |
Less Likely |
Less Likely |
Important |
7.0 |
6.3 |
| DirectX Information Disclosure Vulnerability |
| CVE-2018-8486 |
No |
No |
More Likely |
More Likely |
Important |
4.7 |
4.2 |
| Internet Explorer Memory Corruption Vulnerability |
| CVE-2018-8460 |
No |
No |
- |
- |
Critical |
6.4 |
5.8 |
| CVE-2018-8491 |
No |
No |
- |
- |
Critical |
6.4 |
5.8 |
| Linux On Windows Elevation Of Privilege Vulnerability |
| CVE-2018-8329 |
No |
No |
- |
- |
Important |
7.0 |
6.3 |
| MFC Insecure Library Loading Vulnerability |
| CVE-2010-3190 |
No |
No |
Less Likely |
Less Likely |
Important |
|
|
| MS XML Remote Code Execution Vulnerability |
| CVE-2018-8494 |
No |
No |
Less Likely |
Less Likely |
Critical |
7.5 |
6.7 |
| Microsoft Edge Memory Corruption Vulnerability |
| CVE-2018-8473 |
No |
No |
- |
- |
Critical |
4.2 |
3.8 |
| CVE-2018-8509 |
No |
No |
- |
- |
Critical |
4.2 |
3.8 |
| Microsoft Edge Security Feature Bypass Vulnerability |
| CVE-2018-8512 |
No |
No |
- |
- |
Important |
4.2 |
3.8 |
| CVE-2018-8530 |
No |
No |
- |
- |
Important |
4.3 |
3.9 |
| Microsoft Excel Remote Code Execution Vulnerability |
| CVE-2018-8502 |
No |
No |
More Likely |
More Likely |
Important |
|
|
| Microsoft Exchange Remote Code Execution Vulnerability |
| CVE-2018-8265 |
No |
No |
Less Likely |
Less Likely |
Important |
|
|
| Microsoft Exchange Server Elevation of Privilege Vulnerability |
| CVE-2018-8448 |
No |
No |
Less Likely |
Less Likely |
Important |
|
|
| Microsoft Filter Manager Elevation Of Privilege Vulnerability |
| CVE-2018-8333 |
No |
No |
More Likely |
More Likely |
Important |
7.0 |
6.1 |
| Microsoft Graphics Components Information Disclosure Vulnerability |
| CVE-2018-8427 |
No |
No |
Less Likely |
Less Likely |
Important |
4.7 |
4.2 |
| Microsoft Graphics Components Remote Code Execution Vulnerability |
| CVE-2018-8432 |
No |
No |
Less Likely |
Less Likely |
Important |
5.0 |
4.5 |
| Microsoft JET Database Engine Remote Code Execution Vulnerability |
| CVE-2018-8423 |
Yes |
No |
Less Likely |
Less Likely |
Important |
7.8 |
7.0 |
| Microsoft Office Defense in Depth Update |
| ADV180026 |
No |
No |
Less Likely |
Less Likely |
None |
|
|
| Microsoft PowerPoint Remote Code Execution Vulnerability |
| CVE-2018-8501 |
No |
No |
More Likely |
More Likely |
Important |
|
|
| Microsoft SharePoint Elevation of Privilege Vulnerability |
| CVE-2018-8480 |
No |
No |
- |
- |
Important |
|
|
| CVE-2018-8488 |
No |
No |
Less Likely |
Less Likely |
Important |
|
|
| CVE-2018-8518 |
No |
No |
Less Likely |
Less Likely |
Important |
|
|
| CVE-2018-8498 |
No |
No |
Less Likely |
Less Likely |
Important |
|
|
| Microsoft Windows Codecs Library Information Disclosure Vulnerability |
| CVE-2018-8506 |
No |
No |
Less Likely |
Less Likely |
Important |
3.3 |
3.3 |
| Microsoft Word Remote Code Execution Vulnerability |
| CVE-2018-8504 |
No |
No |
More Likely |
More Likely |
Important |
|
|
| NTFS Elevation of Privilege Vulnerability |
| CVE-2018-8411 |
No |
No |
More Likely |
More Likely |
Important |
7.0 |
6.3 |
| SQL Server Management Studio Information Disclosure Vulnerability |
| CVE-2018-8527 |
No |
No |
Less Likely |
Less Likely |
Important |
|
|
| CVE-2018-8532 |
No |
No |
Less Likely |
Less Likely |
Important |
|
|
| CVE-2018-8533 |
No |
No |
Less Likely |
Less Likely |
Moderate |
|
|
| Scripting Engine Memory Corruption Vulnerability |
| CVE-2018-8500 |
No |
No |
- |
- |
Critical |
|
|
| Win32k Elevation of Privilege Vulnerability |
| CVE-2018-8453 |
No |
Yes |
Detected |
More Likely |
Important |
7.0 |
6.3 |
| Windows DNS Security Feature Bypass Vulnerability |
| CVE-2018-8320 |
No |
No |
Less Likely |
Less Likely |
Important |
4.3 |
4.3 |
| Windows GDI Information Disclosure Vulnerability |
| CVE-2018-8472 |
No |
No |
Less Likely |
Less Likely |
Important |
4.7 |
4.2 |
| Windows Hyper-V Remote Code Execution Vulnerability |
| CVE-2018-8489 |
No |
No |
Less Likely |
Less Likely |
Critical |
7.6 |
6.8 |
| CVE-2018-8490 |
No |
No |
Less Likely |
Less Likely |
Critical |
7.6 |
6.8 |
| Windows Kernel Elevation of Privilege Vulnerability |
| CVE-2018-8497 |
Yes |
No |
More Likely |
More Likely |
Important |
7.8 |
7.0 |
| Windows Kernel Information Disclosure Vulnerability |
| CVE-2018-8330 |
No |
No |
Less Likely |
Less Likely |
Important |
4.7 |
4.1 |
| Windows Media Player Information Disclosure Vulnerability |
| CVE-2018-8481 |
No |
No |
Less Likely |
Less Likely |
Important |
3.5 |
3.5 |
| CVE-2018-8482 |
No |
No |
Less Likely |
Less Likely |
Important |
3.5 |
3.5 |
| Windows Shell Remote Code Execution Vulnerability |
| CVE-2018-8495 |
No |
No |
- |
- |
Important |
4.2 |
3.8 |
| Windows TCP/IP Information Disclosure Vulnerability |
| CVE-2018-8493 |
No |
No |
- |
- |
Important |
5.9 |
5.3 |
| Windows Theme API Remote Code Execution Vulnerability |
| CVE-2018-8413 |
No |
No |
More Likely |
More Likely |
Important |
5.0 |
4.5 |
---
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS Technology Institute
Twitter|
I will be teaching next:
Intrusion Detection In-Depth - SANS Las Vegas Spring 2020
