Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: October 2018 Microsoft Patch Tuesday - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
October 2018 Microsoft Patch Tuesday

Microsoft released patches for 48 vulnerabilities today and one advisory regarding a defense in depth update for Office. No Adobe updates are included so far, but Adobe has released updates to PDF Reader / Acrobat about a week ago.

Two vulnerabilities have been disclosed before:

CVE-2018-8531: A memory corruption vulnerability in the Azure IoT Device Client SDK (rated important)

CVE-2018-8432: A remote code execution vulnerability in the JET database engine (this issue was widely covered. It requires an attacker to convince the victim to open a malicious JET database file. Office products include JET).

CVE-2018-8453: This vulnerability, a privilege escalation issue in Win32k, was already exploited in the wild.

CVE-2018-8497: Another privilege escalation issues that was made public prior to today but not yet seen in exploits per Microsoft.

For a more detailed breakdown, see again Renato's dashboard: https://patchtuesdaydashboard.com/

 

Description
CVE Disclosed Exploited Exploitability (old versions) current version Severity CVSS Base (AVG) CVSS Temporal (AVG)
Azure IoT Device Client SDK Memory Corruption Vulnerability
CVE-2018-8531 Yes No Less Likely Less Likely Important    
Chakra Scripting Engine Memory Corruption Vulnerability
CVE-2018-8503 No No - - Low 4.2 3.8
CVE-2018-8505 No No - - Critical 4.2 3.8
CVE-2018-8510 No No - - Critical 4.2 3.8
CVE-2018-8511 No No - - Critical 4.2 3.8
CVE-2018-8513 No No - - Critical 4.2 3.8
Device Guard Code Integrity Policy Security Feature Bypass Vulnerability
CVE-2018-8492 No No More Likely More Likely Important 5.3 4.8
DirectX Graphics Kernel Elevation of Privilege Vulnerability
CVE-2018-8484 No No Less Likely Less Likely Important 7.0 6.3
DirectX Information Disclosure Vulnerability
CVE-2018-8486 No No More Likely More Likely Important 4.7 4.2
Internet Explorer Memory Corruption Vulnerability
CVE-2018-8460 No No - - Critical 6.4 5.8
CVE-2018-8491 No No - - Critical 6.4 5.8
Linux On Windows Elevation Of Privilege Vulnerability
CVE-2018-8329 No No - - Important 7.0 6.3
MFC Insecure Library Loading Vulnerability
CVE-2010-3190 No No Less Likely Less Likely Important    
MS XML Remote Code Execution Vulnerability
CVE-2018-8494 No No Less Likely Less Likely Critical 7.5 6.7
Microsoft Edge Memory Corruption Vulnerability
CVE-2018-8473 No No - - Critical 4.2 3.8
CVE-2018-8509 No No - - Critical 4.2 3.8
Microsoft Edge Security Feature Bypass Vulnerability
CVE-2018-8512 No No - - Important 4.2 3.8
CVE-2018-8530 No No - - Important 4.3 3.9
Microsoft Excel Remote Code Execution Vulnerability
CVE-2018-8502 No No More Likely More Likely Important    
Microsoft Exchange Remote Code Execution Vulnerability
CVE-2018-8265 No No Less Likely Less Likely Important    
Microsoft Exchange Server Elevation of Privilege Vulnerability
CVE-2018-8448 No No Less Likely Less Likely Important    
Microsoft Filter Manager Elevation Of Privilege Vulnerability
CVE-2018-8333 No No More Likely More Likely Important 7.0 6.1
Microsoft Graphics Components Information Disclosure Vulnerability
CVE-2018-8427 No No Less Likely Less Likely Important 4.7 4.2
Microsoft Graphics Components Remote Code Execution Vulnerability
CVE-2018-8432 No No Less Likely Less Likely Important 5.0 4.5
Microsoft JET Database Engine Remote Code Execution Vulnerability
CVE-2018-8423 Yes No Less Likely Less Likely Important 7.8 7.0
Microsoft Office Defense in Depth Update
ADV180026 No No Less Likely Less Likely None    
Microsoft PowerPoint Remote Code Execution Vulnerability
CVE-2018-8501 No No More Likely More Likely Important    
Microsoft SharePoint Elevation of Privilege Vulnerability
CVE-2018-8480 No No - - Important    
CVE-2018-8488 No No Less Likely Less Likely Important    
CVE-2018-8518 No No Less Likely Less Likely Important    
CVE-2018-8498 No No Less Likely Less Likely Important    
Microsoft Windows Codecs Library Information Disclosure Vulnerability
CVE-2018-8506 No No Less Likely Less Likely Important 3.3 3.3
Microsoft Word Remote Code Execution Vulnerability
CVE-2018-8504 No No More Likely More Likely Important    
NTFS Elevation of Privilege Vulnerability
CVE-2018-8411 No No More Likely More Likely Important 7.0 6.3
SQL Server Management Studio Information Disclosure Vulnerability
CVE-2018-8527 No No Less Likely Less Likely Important    
CVE-2018-8532 No No Less Likely Less Likely Important    
CVE-2018-8533 No No Less Likely Less Likely Moderate    
Scripting Engine Memory Corruption Vulnerability
CVE-2018-8500 No No - - Critical    
Win32k Elevation of Privilege Vulnerability
CVE-2018-8453 No Yes Detected More Likely Important 7.0 6.3
Windows DNS Security Feature Bypass Vulnerability
CVE-2018-8320 No No Less Likely Less Likely Important 4.3 4.3
Windows GDI Information Disclosure Vulnerability
CVE-2018-8472 No No Less Likely Less Likely Important 4.7 4.2
Windows Hyper-V Remote Code Execution Vulnerability
CVE-2018-8489 No No Less Likely Less Likely Critical 7.6 6.8
CVE-2018-8490 No No Less Likely Less Likely Critical 7.6 6.8
Windows Kernel Elevation of Privilege Vulnerability
CVE-2018-8497 Yes No More Likely More Likely Important 7.8 7.0
Windows Kernel Information Disclosure Vulnerability
CVE-2018-8330 No No Less Likely Less Likely Important 4.7 4.1
Windows Media Player Information Disclosure Vulnerability
CVE-2018-8481 No No Less Likely Less Likely Important 3.5 3.5
CVE-2018-8482 No No Less Likely Less Likely Important 3.5 3.5
Windows Shell Remote Code Execution Vulnerability
CVE-2018-8495 No No - - Important 4.2 3.8
Windows TCP/IP Information Disclosure Vulnerability
CVE-2018-8493 No No - - Important 5.9 5.3
Windows Theme API Remote Code Execution Vulnerability
CVE-2018-8413 No No More Likely More Likely Important 5.0 4.5

---
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS Technology Institute
Twitter|

I will be teaching next: Defending Web Applications Security Essentials - SANS Munich March 2019

 Johannes

3416 Posts
ISC Handler
Reply Subscribe Oct 9th 2018
2 months ago
Thanks Johannes!!
 Anonymous
Reply Quote Oct 9th 2018
2 months ago

Sign Up for Free or Log In to start participating in the conversation!