Zero-Day 2018- Úvod Graf Katal

Zero-Day 2018- Úvod Graf Katalog Zranitelností OWASP Webové útoky (103) Vulnerebility Web Vul. Top 50 in years CVE Defination ATT&CK Matrix for Enterprise

2020 2019 2018 2017 2016 2015 2014 2013 2012 2011 2010 2009

Microsoft Patch Tuesday – December 2018
This month the vendor has patched 39 vulnerabilities, 9 of which are rated Critical.
As always, customers are advised to follow these security best practices:

Install vendor patches as soon as they are available.
Run all software with the least privileges required while still maintaining functionality.
Avoid handling files from unknown or questionable sources.
Never visit sites of unknown or questionable integrity.
Block external access at the network perimeter to all key systems unless specific access is required.
Microsoft's summary of the December 2018 releases can be found here:
https://portal.msrc.microsoft.com/en-us/security-guidance

This month's update covers vulnerabilities in:

Internet Explorer
Microsoft Edge
ChakraCore
Microsoft Office
Microsoft .NET Framework
Microsoft Dynamics NAV
Microsoft Exchange Server
Microsoft Windows
Microsoft Visual Studio
Windows Azure Pack

The following is a breakdown of the issues being addressed this month:

Cumulative Security Update for Microsoft Browsers

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8583) MS Rating: Critical

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8617) MS Rating: Critical

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8618) MS Rating: Critical

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8629) MS Rating: Critical

Internet Explorer Memory Corruption Vulnerability (CVE-2018-8631) MS Rating: Critical

A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8624) MS Rating: Critical

Internet Explorer Remote Code Execution Vulnerability (CVE-2018-8619) MS Rating: Important

A remote code execution vulnerability exists when the Internet Explorer VBScript execution policy does not properly restrict VBScript under specific conditions. An attacker who exploited the vulnerability could run arbitrary code with medium-integrity level privileges (the permissions of the current user).

Windows VBScript Engine Remote Code Execution Vulnerability (CVE-2018-8625) MS Rating: Important

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

Scripting Engine Memory Corruption Vulnerability (CVE-2018-8643) MS Rating: Important

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

Cumulative Security Update for Microsoft Office

Microsoft SharePoint Information Disclosure Vulnerability (CVE-2018-8580) MS Rating: Important

An information disclosure vulnerability exists where certain modes of the search function. An attacker can exploit this issue to conduct cross-site search attacks and obtain Personally Identifiable Information (PII).

Microsoft Outlook Remote Code Execution Vulnerability (CVE-2018-8587) MS Rating: Important

A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user.

Microsoft Excel Remote Code Execution Vulnerability (CVE-2018-8597) MS Rating: Important

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.

Microsoft Excel Information Disclosure Vulnerability (CVE-2018-8598) MS Rating: Important

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the user’s computer or data.

Microsoft Excel Information Disclosure Vulnerability (CVE-2018-8627) MS Rating: Important

An information disclosure vulnerability exists when Microsoft Excel software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory. An attacker who successfully exploited the vulnerability could view out of bound memory.

Microsoft PowerPoint Remote Code Execution Vulnerability (CVE-2018-8628) MS Rating: Important

A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.

Microsoft SharePoint Server Privilege Escalation Vulnerability (CVE-2018-8635) MS Rating: Important

A privilege escalation vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted authentication request to an affected SharePoint server. An attacker who successfully exploited this vulnerability could execute malicious code on a vulnerable server in the context of the SharePoint application pool account.

Microsoft Excel Remote Code Execution Vulnerability (CVE-2018-8636) MS Rating: Important

Microsoft Office SharePoint XSS Vulnerability (CVE-2018-8650) MS Rating: Important

A cross-site-scripting vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server.

Cumulative Security Update for Microsoft Windows Kernel

Windows Kernel Information Disclosure Vulnerability (CVE-2018-8477) MS Rating: Important

Windows Kernel Privilege Escalation Vulnerability (CVE-2018-8611) MS Rating: Important

A privilege escalation vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

Windows Kernel Information Disclosure Vulnerability (CVE-2018-8621) MS Rating: Important

Windows Kernel Information Disclosure Vulnerability (CVE-2018-8622) MS Rating: Important

Win32k Information Disclosure Vulnerability (CVE-2018-8637) MS Rating: Important

An information disclosure vulnerability exists in Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (KASLR) bypass. An attacker who successfully exploited this vulnerability could retrieve the memory address of a kernel object.

Win32k Privilege Escalation Vulnerability (CVE-2018-8639) MS Rating: Important

A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

Win32k Privilege Escalation Vulnerability (CVE-2018-8641) MS Rating: Important

A privilege escalation vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

Cumulative Security Update for Microsoft Windows

Windows DNS Server Heap Overflow Vulnerability (CVE-2018-8626) MS Rating: Critical

A remote code execution vulnerability exists in Windows Domain Name System (DNS) servers when they fail to properly handle requests. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the Local System Account.

Microsoft Text-To-Speech Remote Code Execution Vulnerability (CVE-2018-8634) MS Rating: Critical

A remote code execution vulnerability exists in Windows where Microsoft text-to-speech fails to properly handle objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system.

Remote Procedure Call runtime Information Disclosure Vulnerability (CVE-2018-8514) MS Rating: Important

An information disclosure vulnerability exists when Remote Procedure Call runtime improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application.

Windows GDI Information Disclosure Vulnerability (CVE-2018-8595) MS Rating: Important

Windows GDI Information Disclosure Vulnerability (CVE-2018-8596) MS Rating: Important

Diagnostics Hub Standard Collector Service Privilege Escalation Vulnerability (CVE-2018-8599) MS Rating: Important

A privilege escalation vulnerability exists when the Diagnostics Hub Standard Collector Service improperly impersonates certain file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges.

Connected User Experiences and Telemetry Service Denial of Service Vulnerability (CVE-2018-8612) MS Rating: Important

A Denial Of Service vulnerability exists when Connected User Experiences and Telemetry Service fails to validate certain function values. An attacker who successfully exploited this vulnerability could deny dependent security feature functionality.

DirectX Information Disclosure Vulnerability (CVE-2018-8638) MS Rating: Important

An information disclosure vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user system.

Windows Denial of Service Vulnerability (CVE-2018-8649) MS Rating: Important

A denial of service vulnerability exists when Windows improperly handles objects in memory.. An attacker who successfully exploited the vulnerability could cause a target system to stop responding.

Security Update for Microsoft .NET Framework

.NET Framework Remote Code Injection Vulnerability (CVE-2018-8540) MS Rating: Critical

.NET Framework Denial Of Service Vulnerability (CVE-2018-8517) MS Rating: Important

A denial of service vulnerability exists when .NET Framework improperly handles special web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against an .NET Framework web application.

Security Update for Microsoft Exchange Server

Microsoft Exchange Server Tampering Vulnerability (CVE-2018-8604) MS Rating: Important

A tampering vulnerability exists when Microsoft Exchange Server fails to properly handle profile data. An attacker who successfully exploited this vulnerability could modify a targeted user's profile data.

Security Update for Microsoft Windows Azure Pack

Windows Azure Pack Cross Site Scripting Vulnerability (CVE-2018-8652) MS Rating: Important

A cross-site Scripting vulnerability exists when Windows Azure Pack does not properly sanitize user-provided input.

Security Update for Microsoft Dynamics NAV

Microsoft Dynamics NAV Cross Site Scripting Vulnerability (CVE-2018-8651) MS Rating: Important

A cross site scripting vulnerability exists when Microsoft Dynamics NAV does not properly sanitize a specially crafted web request to an affected Dynamics NAV server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics NAV server.

Microsoft Patch Tuesday – November 2018
This month the vendor has patched 62 vulnerabilities, 13 of which are rated Critical.
As always, customers are advised to follow these security best practices:

Microsoft's summary of the November 2018 releases can be found here:
https://portal.msrc.microsoft.com/en-us/security-guidance

This month's update covers vulnerabilities in:

Internet Explorer
Microsoft Edge
ChakraCore
Microsoft Office
Microsoft .NET Core
Microsoft Windows
Microsoft Skype
Azure App Service
Team Foundation Server
Dynamics 365 (on-premises)

The following is a breakdown of the issues being addressed this month:

Cumulative Security Update for Microsoft Browsers

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8541) MS Rating: Critical

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. An attacker can exploit this issue to execute arbitrary code in the context of the current user. Successful exploitation of this vulnerability would allow an attacker to gain the same user rights as the current user.

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8542) MS Rating: Critical

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8543) MS Rating: Critical

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8551) MS Rating: Critical

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8555) MS Rating: Critical

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8556) MS Rating: Critical

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8557) MS Rating: Critical

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8588) MS Rating: Critical

Internet Explorer Memory Corruption Vulnerability (CVE-2018-8570) MS Rating: Important

A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. An attacker can exploit this issue to execute arbitrary code in the context of the current user. Successful exploitation of this vulnerability would allow an attacker to gain the same user rights as the current user.

Microsoft Edge Privilege Escalation Vulnerability (CVE-2018-8567) MS Rating: Important

A privilege escalation vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies. An attacker can exploit this issue to access information from one domain and inject it into another domain.

Microsoft Edge Spoofing Vulnerability (CVE-2018-8564) MS Rating: Important

A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content. An attacker can exploit this issue to trick a user into believing that the user was on a legitimate website. The specially crafted website could either spoof content or serve as a pivot to chain an attack with other vulnerabilities in web services.

Microsoft Edge Information Disclosure Vulnerability (CVE-2018-8545) MS Rating: Important

An information disclosure vulnerability exists in the way that Microsoft Edge handles cross-origin requests. An attacker can exploit this issue to determine the origin of all webpages in the affected browser.

Windows Scripting Engine Memory Corruption Vulnerability (CVE-2018-8552) MS Rating: Important

An information disclosure vulnerability exists when VBScript improperly discloses the contents of its memory. An attacker can exploit this issue to further compromise the user’s computer or data. To exploit the vulnerability, an attacker must know the memory address of where the object was created.

Windows VBScript Engine Remote Code Execution Vulnerability (CVE-2018-8544) MS Rating: Critical

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. An attacker can exploit this issue to execute arbitrary code in the context of the current user. Successful exploitation of this vulnerability would allow an attacker to gain the same user rights as the current user.

Cumulative Security Update for Microsoft Office

Microsoft Outlook Remote Code Execution Vulnerability (CVE-2018-8522) MS Rating: Important

A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory. An attacker can exploit this issue to use a specially crafted file to perform actions in the security context of the current user. Successful exploitation of this vulnerability would allow an attacker to gain the same user rights as the current user. To exploit the vulnerability, a user must open a specially crafted file with an affected version of Microsoft Outlook software.

Microsoft Outlook Remote Code Execution Vulnerability (CVE-2018-8576) MS Rating: Important

Microsoft Outlook Remote Code Execution Vulnerability (CVE-2018-8524) MS Rating: Important

Microsoft Outlook Remote Code Execution Vulnerability (CVE-2018-8582) MS Rating: Important

A remote code execution vulnerability exists in the way that Microsoft Outlook parses specially modified rule export files. An attacker can exploit this issue to take control of an affected system.

Microsoft Outlook Information Disclosure Vulnerability (CVE-2018-8558) MS Rating: Important

An information disclosure vulnerability exists when Microsoft Outlook fails to respect 'Default link type' settings configured through the SharePoint Online Admin Center. An attacker can exploit this issue to share anonymously-accessible links to other users via email where these links are intended to be accessed only by specific users.

Microsoft Outlook Information Disclosure Vulnerability (CVE-2018-8579) MS Rating: Important

An information disclosure vulnerability exists when attaching files to Outlook messages. An attacker can exploit this issue to share attached files such that they are accessible by anonymous users where they should be restricted to specific users. To exploit this vulnerability, an attacker would have to attach a file as a link to an email.

Microsoft Exchange Server Privilege Escalation Vulnerability (CVE-2018-8581) MS Rating: Important

A privilege escalation vulnerability exists in Microsoft Exchange Server. An attacker can exploit this issue to perform script/content injection attacks and attempt to impersonate any other user of the Exchange server. To exploit the vulnerability, an attacker would need to execute a man-in-the-middle attack to forward an authentication request to a Microsoft Exchange Server, thereby allowing impersonation of another Exchange user.

Microsoft SharePoint Privilege Escalation Vulnerability (CVE-2018-8568) MS Rating: Important

A privilege escalation vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker can exploit the issue by sending a specially crafted request to an affected SharePoint server. Successful exploitation of this vulnerability would allow an attacker to perform cross-site scripting attacks on affected systems and run script in the security context of the current user.

Microsoft SharePoint Privilege Escalation Vulnerability (CVE-2018-8572) MS Rating: Important

Microsoft SharePoint Information Disclosure Vulnerability (CVE-2018-8578) MS Rating: Important

An information disclosure vulnerability exists when Microsoft SharePoint Server improperly discloses its folder structure when rendering specific web pages. An attacker can exploit this issue to view the folder path of scripts loaded on the page. To take advantage of the vulnerability, an attacker would require access to the specific SharePoint page affected by this vulnerability.

Microsoft Excel Remote Code Execution Vulnerability (CVE-2018-8574) MS Rating: Important

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker can exploit the issue to run arbitrary code in the context of the current user. Successful exploitation of the vulnerability requires that a user open a specially crafted file with an affected version of Microsoft Excel.

Microsoft Excel Remote Code Execution Vulnerability (CVE-2018-8577) MS Rating: Important

Microsoft Word Remote Code Execution Vulnerability (CVE-2018-8539) MS Rating: Important

A remote code execution vulnerability exists in Microsoft Word software when the software fails to properly handle objects in memory. An attacker can exploit the issue to run arbitrary code in the context of the current user. Successful exploitation of the vulnerability requires that a user open a specially crafted file with an affected version of Microsoft Word software.

Microsoft Word Remote Code Execution Vulnerability (CVE-2018-8573) MS Rating: Important

Cumulative Security Update for Microsoft Windows Kernel

Windows Kernel Information Disclosure Vulnerability (CVE-2018-8408) MS Rating: Important

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. An authenticated attacker can exploit the issue to run a specially crafted application. Successful exploitation of the vulnerability could allow an attacker to obtain information to further compromise the user's system.

Win32k Privilege Escalation Vulnerability (CVE-2018-8562) MS Rating: Important

A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker can exploit this issue to run arbitrary code in kernel mode. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.

Win32k Information Disclosure Vulnerability (CVE-2018-8565) MS Rating: Important

An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker can exploit this issue to obtain information to further compromise the user's system. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.

Windows Win32k Privilege Escalation Vulnerability (CVE-2018-8589) MS Rating: Important

Windows Deployment Services TFTP Server Remote Code Execution Vulnerability (CVE-2018-8476) MS Rating: Critical

A remote code execution vulnerability exists in the way that Windows Deployment Services TFTP Server handles objects in memory. An attacker can exploit this issue to execute arbitrary code with elevated permissions on a target system. To exploit the vulnerability, an attacker could create a specially crafted request, causing Windows to execute arbitrary code with elevated permissions.

Cumulative Security Update for Microsoft Windows

Microsoft Graphics Components Remote Code Execution Vulnerability (CVE-2018-8553) MS Rating: Critical

A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker can exploit this issue to execute arbitrary code on a target system. To exploit the vulnerability, a user would have to open a specially crafted file.

DirectX Information Disclosure Vulnerability (CVE-2018-8563) MS Rating: Critical

An information disclosure vulnerability exists when DirectX improperly handles objects in memory. An authenticated attacker can exploit this issue by running a specially crafted application to obtain information to further compromise the user's system.

DirectX Privilege Escalation Vulnerability (CVE-2018-8485) MS Rating: Important

A privilege escalation vulnerability exists when DirectX improperly handles objects in memory. An attacker can exploit this issue to run arbitrary code in kernel mode. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.

DirectX Privilege Escalation Vulnerability (CVE-2018-8554) MS Rating: Important

DirectX Privilege Escalation Vulnerability (CVE-2018-8561) MS Rating: Important

PowerShell Remote Code Execution Vulnerability (CVE-2018-8256) MS Rating: Important

A remote code execution vulnerability exists when PowerShell improperly handles specially crafted files. An attacker can exploit this issue to execute malicious code on a vulnerable system. To exploit the vulnerability, an attacker must send a specially crafted file to a vulnerable system.

Microsoft Powershell Tampering Vulnerability (CVE-2018-8415) MS Rating: Important

A tampering vulnerability exists in PowerShell that could allow an attacker to execute unlogged code. To exploit this vulnerability, an attacker would need to log on to the affected system and run a specially crafted application.

MSRPC Information Disclosure Vulnerability (CVE-2018-8407) MS Rating: Important

An information disclosure vulnerability exists when 'Kernel Remote Procedure Call Provider' driver improperly initializes objects in memory. An attacker can exploit this issue by running a specially crafted application. Successful exploitation of this vulnerability would allow an attacker to obtain information to further compromise the user's system.

Microsoft JScript Security Feature Bypass Vulnerability (CVE-2018-8417) MS Rating: Important

A security bypass vulnerability exists in Microsoft JScript that could allow an attacker to bypass Device Guard. To exploit the vulnerability, an attacker would first have to access the local machine, and run a specially crafted application to create arbitrary COM objects.

Windows Search Remote Code Execution Vulnerability (CVE-2018-8450) MS Rating: Important

A remote code execution vulnerability exists when Windows Search handles objects in memory. An attacker can exploit this issue by sending specially crafted messages to the Windows Search service to take control of the affected system. An attacker with access to a target computer could exploit this vulnerability to elevate privileges and take control of the computer.

Windows Audio Service Information Disclosure Vulnerability (CVE-2018-8454) MS Rating: Important

An information disclosure vulnerability exists when Windows Audio Service fails to properly handle objects in memory. An attacker can exploit this issue by running a specially crafted application in user mode to potentially disclose memory contents of a elevated process.

Microsoft RemoteFX Virtual GPU miniport driver Privilege Escalation Vulnerability (CVE-2018-8471) MS Rating: Important

A privilege escalation vulnerability exists in the way that the Microsoft RemoteFX Virtual GPU miniport driver handles objects in memory. A locally authenticated attacker can exploit this issue by running a specially crafted application to execute code with elevated permissions.

Active Directory Federation Services XSS Vulnerability (CVE-2018-8547) MS Rating: Important

A cross-site-scripting (XSS) vulnerability exists when an open source customization for Microsoft Active Directory Federation Services (AD FS) does not properly sanitize a specially crafted web request to an affected AD FS server. An authenticated attacker can exploit this issue by sending a specially crafted request to an affected AD FS server. Successful exploitation of this vulnerability would allow an attacker to then perform cross-site scripting attacks on affected systems and run scripts in the security context of the current user. This would allow an attacker to read content that the attacker is not authorized to read, use the victim's identity to take actions on the AD FS site on behalf of the user, such as change permissions and delete content, and inject malicious content in the browser of the user.

Windows Security Feature Bypass Vulnerability (CVE-2018-8549) MS Rating: Important

A security bypass exists when Windows incorrectly validates kernel driver signatures. An attacker can exploit this issue to bypass security features and load improperly signed drivers into the kernel.

Windows COM Privilege Escalation Vulnerability (CVE-2018-8550) MS Rating: Important

An elevation of privilege exists in Windows COM Aggregate Marshaler. An attacker can exploit this issue by running a specially crafted application to run arbitrary code with elevated privileges.

BitLocker Security Feature Bypass Vulnerability (CVE-2018-8566) MS Rating: Important

A security bypass vulnerability exists when Windows improperly suspends BitLocker Device Encryption. An attacker with physical access to a powered off system ccan exploit this issue to gain access to encrypted data. To exploit the vulnerability, an attacker must gain physical access to the target system prior to the next system reboot.

Microsoft Project Remote Code Execution Vulnerability (CVE-2018-8575) MS Rating: Important

A remote code execution vulnerability exists in Microsoft Project software when it fails to properly handle objects in memory. An attacker can exploit this issue using a specially crafted file to perform actions in the security context of the current user. To exploit the vulnerability, a user must open a specially crafted file with an affected version of Microsoft Project software.

Windows ALPC Privilege Escalation Vulnerability (CVE-2018-8584) MS Rating: Important

A privilege escalation vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC). An attacker can exploit this issue by running a specially crafted application to execute arbitrary code in the security context of the local system and take control over an affected system. To exploit this vulnerability, an attacker would first have to log on to the system.

Windows Privilege Escalation Vulnerability (CVE-2018-8592) MS Rating: Important

A privilege escalation vulnerability exists in the setup path and you could be affected if a user installed certain builds of the OS from media for Windows 10, version 1809 and an attacker had physical (console) access to the machine.

Cumulative Security Update for Dynamics 365 (on-premises)

Microsoft Dynamics 365 (on-premises) version 8 Remote Code Execution Vulnerability (CVE-2018-8609) MS Rating: Critical

Microsoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability (CVE-2018-8605) MS Rating: Important

A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) version 8 does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker can exploit this issue by sending a specially crafted request to an affected Dynamics server.

Microsoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability (CVE-2018-8606) MS Rating: Important

Microsoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability (CVE-2018-8607) MS Rating: Important

Microsoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability (CVE-2018-8608) MS Rating: Important

Security Update for Azure App Service

Azure App Service Cross-site Scripting Vulnerability (CVE-2018-8600) MS Rating: Important

A cross-site scripting vulnerability exists when Azure App Services on Azure Stack does not properly sanitize user provided input. An authenticated attacker can exploit this issue by sending a specially crafted payload to the App Service, which will get executed in the context of the user every time a user visits the compromised page.

Security Update for Team Foundation Server

Team Foundation Server Cross-site Scripting Vulnerability (CVE-2018-8602) MS Rating: Important

A cross-site Scripting vulnerability exists when Team Foundation Server does not properly sanitize user provided input. An authenticated attacker can exploit this issue by sending a specially crafted payload to the Team Foundation Server, which will get executed in the context of the user every time a user visits the compromised page.

Team Foundation Server Remote Code Execution Vulnerability (CVE-2018-8529) MS Rating: Important

A remote code execution vulnerability exists when Team Foundation Server (TFS) does not enable basic authorization on the communication between the TFS and Search services. An attacker can exploit this issue to run certain commands on the Search service.

Security Update for Microsoft .NET Core

.NET Core Tampering Vulnerability (CVE-2018-8416) MS Rating: Moderate

A tampering vulnerability exists when .NET Core improperly handles specially crafted files. An attacker can exploit this issue by sending a specially crafted file to a vulnerable system to write arbitrary files and directories to certain locations on a vulnerable system.

Security Update for Microsoft Skype for Business

Microsoft Skype for Business Denial of Service Vulnerability (CVE-2018-8546) MS Rating: Low

A denial of service vulnerability exists in Skype for Business. An attacker can exploit this issue to cause Skype for Business to stop responding. Successful exploitation of this vulnerability requires that a user sends a number of emojis in the affected version of Skype for Business.

Microsoft Patch Tuesday – October 2018
This month the vendor has patched 49 vulnerabilities, 12 of which are rated Critical.
As always, customers are advised to follow these security best practices:

Install vendor patches as soon as they are available.
Run all software with the least privileges required while still maintaining functionality.
Avoid handling files from unknown or questionable sources.
Never visit sites of unknown or questionable integrity.
Block external access at the network perimeter to all key systems unless specific access is required.
Microsoft's summary of the October 2018 releases can be found here:
https://portal.msrc.microsoft.com/en-us/security-guidance

This month's update covers vulnerabilities in:

Internet Explorer
Microsoft Edge
Microsoft Office
Microsoft Azure
Microsoft Windows
Microsoft SQL Server Management Studio
ChakraCore
Microsoft Windows Hyper-V

The following is a breakdown of the issues being addressed this month:

Cumulative Security Update for Microsoft Browsers

Microsoft Edge Memory Corruption Vulnerability (CVE-2018-8473) MS Rating: Critical

A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. This vulnerability may corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

Internet Explorer Memory Corruption Vulnerability (CVE-2018-8491) MS Rating: Critical

Scripting Engine Memory Corruption Vulnerability (CVE-2018-8500) MS Rating: Critical

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8505) MS Rating: Critical

Microsoft Edge Memory Corruption Vulnerability (CVE-2018-8509) MS Rating: Critical

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8510) MS Rating: Critical

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8511) MS Rating: Critical

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8513) MS Rating: Critical

Internet Explorer Memory Corruption Vulnerability (CVE-2018-8460) MS Rating: Critical

Microsoft Edge Security Bypass Vulnerability (CVE-2018-8512) MS Rating: Important

A security bypass vulnerability exists in Microsoft Edge when the Edge Content Security Policy (CSP) fails to properly validate certain specially crafted documents. An attacker who exploited the bypass could trick a user into loading a page containing malicious content. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

Microsoft Edge Security Bypass Vulnerability (CVE-2018-8530) MS Rating: Important

A security bypass vulnerability exists when Microsoft Edge improperly handles requests of different origins. The vulnerability allows Microsoft Edge to bypass Same-Origin Policy (SOP) restrictions, and to allow requests that should otherwise be ignored. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8503) MS Rating: Low

Cumulative Security Update for Microsoft Office

Microsoft Exchange Remote Code Execution Vulnerability (CVE-2018-8265) MS Rating: Important

A remote code execution vulnerability exists in the way Microsoft Exchange software parses specially crafted email messages. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the system user.

Microsoft Exchange Server Privilege Escalation Vulnerability (CVE-2018-8448) MS Rating: Important

A privilege escalation vulnerability exists when Microsoft Exchange Outlook Web Access (OWA) fails to properly handle web requests. An attacker who successfully exploited this vulnerability could perform script/content injection attacks and attempt to trick the user into disclosing sensitive information.

Microsoft SharePoint Privilee Escalation Vulnerability (CVE-2018-8480) MS Rating: Important

Microsoft SharePoint Privilege Escalation Vulnerability (CVE-2018-8488) MS Rating: Important

Microsoft SharePoint Privilege Escalation Vulnerability (CVE-2018-8498) MS Rating: Important

Microsoft PowerPoint Security Bypass Vulnerability (CVE-2018-8501) MS Rating: Important

A security bypass vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in Protected View. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.

Microsoft Excel Security Bypass Vulnerability (CVE-2018-8502) MS Rating: Important

A security bypass vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in Protected View. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.

Microsoft Word Remote Code Execution Vulnerability (CVE-2018-8504) MS Rating: Important

A remote code execution vulnerability exists in Microsoft Word software when the software fails to properly handle objects in Protected View. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.

Microsoft SharePoint Privilege Escalation Vulnerability (CVE-2018-8518) MS Rating: Important

Cumulative Security Update for Microsoft Azure

Azure IoT Device Client SDK Memory Corruption Vulnerability (CVE-2018-8531) MS Rating: Important

A remote code execution vulnerability exists in the way that Azure IoT Hub Device Client SDK using MQTT protocol accesses objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user.

Cumulative Security Update for Microsoft Windows Kernel

Win32k Privilege Escalation Vulnerability (CVE-2018-8453) MS Rating: Important

Windows Kernel Privilege Escalation Vulnerability (CVE-2018-8497) MS Rating: Important

A privilege escalation vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

Windows Kernel Information Disclosure Vulnerability (CVE-2018-8330) MS Rating: Important

Cumulative Security Update for Microsoft Windows

MS XML Remote Code Execution Vulnerability (CVE-2018-8494) MS Rating: Critical

MFC Insecure Library Loading Vulnerability (CVE-2010-3190) MS Rating: Moderate

A remote code execution vulnerability exists in the way that certain applications built using Microsoft Foundation Classes (MFC) handle the loading of DLL files. An attacker who successfully exploited this vulnerability could take complete control of an affected system.

Windows DNS Security Bypass Vulnerability (CVE-2018-8320) MS Rating: Important

A security bypass vulnerability exists in DNS Global Blocklist feature. An attacker who successfully exploited this vulnerability could redirect traffic to malicious DNS endpoints.

Linux On Windows Privilege Escalation Vulnerability (CVE-2018-8329) MS Rating: Important

A privilege escalation vulnerability exists in Windows Subsystem for Linux when it fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code and take control of an affected system.

Microsoft Filter Manager Privilege Escalation Vulnerability (CVE-2018-8333) MS Rating: Important

A privilege escalation vulnerability exists in Filter Manager when it improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute elevated code and take control of an affected system.

NTFS Privilege Escalation Vulnerability (CVE-2018-8411) MS Rating: Important

A privilege escalation vulnerability exists when NTFS improperly checks access. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

Windows Theme API Remote Code Execution Vulnerability (CVE-2018-8413) MS Rating: Important

A remote code execution vulnerability exists when "Windows Theme API" does not properly decompress files. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.

Microsoft JET Database Engine Remote Code Execution Vulnerability (CVE-2018-8423) MS Rating: Important

A remote code execution vulnerability exists in the Microsoft JET Database Engine. An attacker who successfully exploited this vulnerability could take control of an affected system.

Microsoft Graphics Components Information Disclosure Vulnerability (CVE-2018-8427) MS Rating: Important

An information disclosure vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited the vulnerability could obtain information that could be useful for further exploitation.

Microsoft Graphics Components Remote Code Execution Vulnerability (CVE-2018-8432) MS Rating: Important

A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system.

Windows GDI Information Disclosure Vulnerability (CVE-2018-8472) MS Rating: Important

An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system. By itself, the information disclosure does not allow arbitrary code execution; however, it could allow arbitrary code to be run if the attacker uses it in combination with another vulnerability.

Windows Media Player Information Disclosure Vulnerability (CVE-2018-8481) MS Rating: Important

An information disclosure vulnerability exists when Windows Media Player improperly discloses file information. Successful exploitation of the vulnerability could allow an attacker to determine the presence of files on disk.

Windows Media Player Information Disclosure Vulnerability (CVE-2018-8482) MS Rating: Important

DirectX Graphics Kernel Privilege Escalation Vulnerability (CVE-2018-8484) MS Rating: Important

A privilege escalation vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

DirectX Information Disclosure Vulnerability (CVE-2018-8486) MS Rating: Important

Device Guard Code Integrity Policy Security Bypass Vulnerability (CVE-2018-8492) MS Rating: Important

A security bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session. An attacker who successfully exploited this vulnerability could inject code into a trusted PowerShell process to bypass the Device Guard Code Integrity policy on the local machine.

Windows TCP/IP Information Disclosure Vulnerability (CVE-2018-8493) MS Rating: Important

An information disclosure vulnerability exists when the Windows TCP/IP stack improperly handles fragmented IP packets. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system.

Windows Shell Remote Code Execution Vulnerability (CVE-2018-8495) MS Rating: Important

A remote code execution vulnerability exists when Windows Shell improperly handles URIs. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.

Microsoft Windows Codecs Library Information Disclosure Vulnerability (CVE-2018-8506)MS Rating: Important

An Information Disclosure vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system.

Cumulative Security Update for Microsoft SQL Server Management Studio

SQL Server Management Studio Information Disclosure (CVE-2018-8527) MS Rating: Important

An information disclosure vulnerability exists in Microsoft SQL Server Management Studio (SSMS) when parsing a malicious XEL file containing a reference to an external entity. An attacker who successfully exploited this vulnerability could read arbitrary files via an XML external entity declaration.

SQL Server Management Studio Information Disclosure (CVE-2018-8532) MS Rating: Important

An information disclosure vulnerability exists in Microsoft SQL Server Management Studio (SSMS) when parsing a malicious XMLA file containing a reference to an external entity. An attacker who successfully exploited this vulnerability could read arbitrary files via an XML external entity declaration.

SQL Server Management Studio Information Disclosure (CVE-2018-8533) MS Rating: Moderate

An information disclosure vulnerability exists in Microsoft SQL Server Management Studio (SSMS) when parsing malicious XML content containing a reference to an external entity. An attacker who successfully exploited this vulnerability could read arbitrary files via an XML external entity declaration.

Cumulative Security Update for Microsoft Windows Hyper-V

Windows Hyper-V Remote Code Execution Vulnerability (CVE-2018-8489) MS Rating: Critical

A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. An attacker who successfully exploited this issue by running specially crafted application on a guest operating system that could cause the Hyper-V host operating system to execute arbitrary code.

Windows Hyper-V Remote Code Execution Vulnerability (CVE-2018-8490) MS Rating: Critical

Microsoft Patch Tuesday – September 2018
This month the vendor has patched 61 vulnerabilities, 17 of which are rated Critical.
As always, customers are advised to follow these security best practices:

Install vendor patches as soon as they are available.
Run all software with the least privileges required while still maintaining functionality.
Avoid handling files from unknown or questionable sources.
Never visit sites of unknown or questionable integrity.
Block external access at the network perimeter to all key systems unless specific access is required.
Microsoft's summary of the September 2018 releases can be found here:
https://portal.msrc.microsoft.com/en-us/security-guidance

This month's update covers vulnerabilities in:

Internet Explorer
Microsoft Edge
Microsoft Office
.NET Framework
Microsoft Windows
Device Guard Code
Hyper-V
JET Database Engine
Azure IoT SDK
Lync for Mac
ChakraCore

The following is a breakdown of the issues being addressed this month:

Cumulative Security Update for Microsoft Browsers

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8367) MS Rating: Critical

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Scripting Engine Memory Corruption Vulnerability (CVE-2018-8391) MS Rating: Critical

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Internet Explorer Memory Corruption Vulnerability (CVE-2018-8447) MS Rating: Critical

A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Scripting Engine Memory Corruption Vulnerability (CVE-2018-8456) MS Rating: Critical

Scripting Engine Memory Corruption Vulnerability (CVE-2018-8457) MS Rating: Critical

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Scripting Engine Memory Corruption Vulnerability (CVE-2018-8459) MS Rating: Critical

Internet Explorer Memory Corruption Vulnerability (CVE-2018-8461) MS Rating: Critical

Microsoft Edge PDF Remote Code Execution Vulnerability (CVE-2018-8464) MS Rating: Critical

An remote code execution vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user.

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8465) MS Rating: Critical

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8466) MS Rating: Critical

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8467) MS Rating: Critical

Microsoft Browsers Information Disclosure Vulnerability (CVE-2018-8315) MS Rating: Important

An information disclosure vulnerability exists when the browser scripting engine improperly handle object types. An attacker who has successfully exploited this vulnerability might be able to read privileged data across trust boundaries.

Scripting Engine Memory Corruption Vulnerability (CVE-2018-8354) MS Rating: Important

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Microsoft Edge Information Disclosure Vulnerability (CVE-2018-8366) MS Rating: Important

An information disclosure vulnerability exists when the Microsoft Edge Fetch API incorrectly handles a filtered response type. An attacker could use the vulnerability to read the URL of a cross-origin request. Websites that that do not securely populate the URL with confidential information could allow information to be disclosed to an attacker.

Microsoft Edge Spoofing Vulnerability (CVE-2018-8425) MS Rating: Important

A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content. An attacker who successfully exploited this vulnerability could trick a user into believing that the user was on a legitimate website. The specially crafted website could either spoof content or serve as a pivot to chain an attack with other vulnerabilities in web services.

Microsoft Browser Information Disclosure Vulnerability (CVE-2018-8452) MS Rating: Important

An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft browsers. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system.

Microsoft Edge Elevation of Privilege Vulnerability (CVE-2018-8463) MS Rating: Important

An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to escape from the AppContainer sandbox in the browser. An attacker who successfully exploited this vulnerability could gain elevated privileges and break out of the Edge AppContainer sandbox.

Microsoft Edge Elevation of Privilege Vulnerability (CVE-2018-8469) MS Rating: Important

Internet Explorer Elevation of Privilege Vulnerability (CVE-2018-8470) MS Rating: Important

A Security Seature Bypass vulnerability exists in Internet Explorer due to how scripts are handled that allows a universal cross-site scripting (UXSS) condition. An attacker could use the UXSS vulnerability to access any session belonging to web pages currently opened (or cached) by the browser at the time the attack is triggered.

Cumulative Security Update for Microsoft Office

Microsoft Excel Remote Code Execution Vulnerability (CVE-2018-8331) MS Rating: Important

Microsoft Office SharePoint XSS Vulnerability (CVE-2018-8426) MS Rating: Important

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.

Microsoft SharePoint Elevation of Privilege Vulnerability (CVE-2018-8428) MS Rating: Important

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.

Word PDF Remote Code Execution Vulnerability (CVE-2018-8430) MS Rating: Important

A remote code execution vulnerability exists in Microsoft Word 2013 and Microsoft Word 2016 if a user opens a specially crafted PDF file. An attacker who successfully exploited the vulnerability could cause arbitrary code to execute in the context of the current user. To exploit the vulnerability, an attacker must entice the user to open a specially crafted PDF file.

Microsoft Excel Information Disclosure Vulnerability (CVE-2018-8429) MS Rating: Important

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory. An attacker who exploited the vulnerability could access information previously deleted from the active worksheet. To exploit the vulnerability, an attacker could craft a special document file and then convince the user to open it.

Microsoft SharePoint Elevation of Privilege Vulnerability (CVE-2018-8431) MS Rating: Important

Cumulative Security Update for Microsoft .NET Framework

.NET Framework Remote Code Execution Vulnerability (CVE-2018-8421) MS Rating: Critical

A remote code execution vulnerability exists when Microsoft .NET Framework processes untrusted input. An attacker can exploit this vulnerability using the .NET framework to take control of an affected system.

ASP.NET Core Denial of Service (CVE-2018-8409) MS Rating: Important

A denial of service vulnerability exists when ASP.NET Core improperly handles web requests. An attacker can exploit this vulnerability to cause a denial of service against a ASP.NET Core web application. The vulnerability can be exploited remotely, without authentication.

OData Denial of Service Vulnerability (CVE-2018-8269) MS Rating: Important

A denial of service vulnerability exists when OData Library improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against an OData web application. A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to the OData application.

Cumulative Security Update for Microsoft Windows Kernel

Windows Kernel Information Disclosure Vulnerability (CVE-2018-8336) MS Rating: Important

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system. An authenticated attacker could exploit this vulnerability by running a specially crafted application.

Windows Kernel Information Disclosure Vulnerability (CVE-2018-8419) MS Rating: Important

An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.

Windows Kernel Information Disclosure Vulnerability (CVE-2018-8442) MS Rating: Important

Windows Kernel Information Disclosure Vulnerability (CVE-2018-8443) MS Rating: Important

Windows Kernel Information Disclosure Vulnerability (CVE-2018-8445) MS Rating: Important

Windows Kernel Information Disclosure Vulnerability (CVE-2018-8446) MS Rating: Important

Windows Kernel Elevation of Privilege Vulnerability (CVE-2018-8455) MS Rating: Important

An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application.

Cumulative Security Update for Microsoft Microsoft Windows Hyper-V

Windows Hyper-V Remote Code Execution Vulnerability (CVE-2018-0965) MS Rating: Critical

A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause the Hyper-V host operating system to execute arbitrary code. An attacker who successfully exploited the vulnerability could execute arbitrary code on the host operating system.

Windows Hyper-V Remote Code Execution Vulnerability (CVE-2018-8439) MS Rating: Critical

Windows Hyper-V Denial of Service Vulnerability (CVE-2018-8436) MS Rating: Important

A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application that causes a host machine to crash.

Windows Hyper-V Denial of Service Vulnerability (CVE-2018-8437) MS Rating: Important

Windows Hyper-V Information Disclosure Vulnerability (CVE-2018-8434) MS Rating: Important

An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker on a guest operating system could run a specially crafted application that could cause the Hyper-V host operating system to disclose memory information. An attacker who successfully exploited the vulnerability could gain access to information on the Hyper-V host operating system.

Windows Hyper-V Security Feature Bypass Vulnerability (CVE-2018-8435) MS Rating: Important

A security feature bypass vulnerability exists when Windows Hyper-V BIOS loader fails to provide a high-entropy source. To exploit this vulnerability, an attacker would need to reboot a guest virtual machine numerous times until the vulnerability is triggered.

Windows Hyper-V Denial of Service Vulnerability (CVE-2018-8438) MS Rating: Important

A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.

Cumulative Security Update for Microsoft JET Database Engine

Microsoft JET Database Engine Remote Code Execution Vulnerability (CVE-2018-8392) MS Rating: Important

A buffer overflow vulnerability exists in the Microsoft JET Database Engine that could allow remote code execution on an affected system. An attacker who successfully exploited this vulnerability could take control of an affected system.

Microsoft JET Database Engine Remote Code Execution Vulnerability (CVE-2018-8393) MS Rating: Important

Cumulative Security Update for Microsoft Windows

Win32k Graphics Remote Code Execution Vulnerability (CVE-2018-8332) MS Rating: Critical

A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited this vulnerability could take control of the affected system.

MS XML Remote Code Execution Vulnerability (CVE-2018-8420) MS Rating: Critical

A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input. An attacker who successfully exploited the vulnerability could run malicious code remotely to take control of the user's system. To exploit the vulnerability, an attacker could host a specially crafted website designed to invoke MSXML through a web browser.

Windows Remote Code Execution Vulnerability (CVE-2018-8475) MS Rating: Critical

A remote code execution vulnerability exists when Windows image file loading functionality does not properly handle malformed image files. An attacker who successfully exploited the vulnerability could execute arbitrary code. To exploit the vulnerability, an attacker would have to convince a user to load a malformed image file from either a webpage or an email message.

Windows SMB Denial of Service Vulnerability (CVE-2018-8335) MS Rating: Important

A denial of service vulnerability exists in the Microsoft Server Block Message (SMB) when an attacker sends specially crafted requests to the server. An attacker who exploited this vulnerability could cause the affected system to crash. To attempt to exploit this issue, an attacker would need to send specially crafted SMB requests to the target system.

Windows SMB Information Disclosure Vulnerability (CVE-2018-8444) MS Rating: Important

An information disclosure vulnerability exists in the way that the Microsoft Server Message Block 2.0 (SMBv2) server handles certain requests. An attacker who successfully exploited this vulnerability could craft a special packet, which could lead to information disclosure from the server. To exploit the vulnerability, in most situations, an unauthenticated attacker could send a specially crafted packet to a targeted SMBv2 server.

Windows Information Disclosure Vulnerability (CVE-2018-8271) MS Rating: Important

An information disclosure vulnerability exists in Windows when the Windows bowser.sys kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could potentially disclose contents of System memory. To exploit this vulnerability, an attacker would have to log on to the system first and then run a specially crafted application in user mode.

Windows Subsystem for Linux Security Feature Bypass Vulnerability (CVE-2018-8337) MS Rating: Important

A security feature bypass vulnerability exists when Windows Subsystem for Linux improperly handles case sensitivity. An attacker who successfully exploited this vulnerability could replace or delete abitrary files as a low privilege user. An attacker could exploit this vulnerability by running a specially crafted application.

Windows Registry Elevation of Privilege Vulnerability (CVE-2018-8410) MS Rating: Important

An elevation of privilege vulnerability exists when the Windows Kernel API improperly handles registry objects in memory. An attacker who successfully exploited the vulnerability could gain elevated privileges on a targeted system. A locally authenticated attacker could exploit this vulnerability by running a specially crafted application.

Windows GDI Information Disclosure Vulnerability (CVE-2018-8424) MS Rating: Important

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.

Microsoft Graphics Component Information Disclosure Vulnerability (CVE-2018-8433) MS Rating: Important

An information disclosure vulnerability exists when the Windows Graphics component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system. An authenticated attacker could exploit this vulnerability by running a specially crafted application.

Windows ALPC Elevation of Privilege Vulnerability (CVE-2018-8440) MS Rating: Important

An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC). An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system.

Windows Subsystem for Linux Elevation of Privilege Vulnerability (CVE-2018-8441) MS Rating: Important

An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application.

Device Guard Security Feature Bypass Vulnerability (CVE-2018-8449) MS Rating: Important

A security feature bypass exists when Device Guard incorrectly validates an untrusted file. An attacker who successfully exploited this vulnerability could make an unsigned file appear to be signed. Because Device Guard relies on the signature to determine the file is non-malicious, Device Guard could then allow a malicious file to execute.

DirectX Graphics Kernel Elevation of Privilege Vulnerability (CVE-2018-8462) MS Rating: Important

An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

Windows Elevation of Privilege Vulnerability (CVE-2018-8468) MS Rating: Important

An elevation of privilege vulnerability exists when Windows, allowing a sandbox escape. An attacker who successfully exploited the vulnerability could use the sandbox escape to elevate privileges on an affected system.

Security Update for Microsoft Azure IoT SDK

Azure IoT SDK Spoofing Vulnerability (CVE-2018-8479) MS Rating: Important

A spoofing vulnerability exists for the Azure IoT Device Provisioning for the C SDK library using the HTTP protocol on Windows platform. An attacker who successfully exploited this vulnerability could impersonate a server used during the provisioning process. To exploit this vulnerability, an attacker would need to perform a man-in-the-middle (MitM) attack on the network that provisioning was taking place.

Security Update for Lync for Mac

Lync for Mac 2011 Security Feature Bypass Vulnerability (CVE-2018-8474) MS Rating: Important

A security bypass vulnerability exists when Lync for Mac 2011 fails to properly sanitize specially crafted messages. An attacker who successfully exploited this vulnerability could cause a targeted Lync for Mac 2011 user's system to browse to an attacker-specified website or automatically download file types on the operating system's safe file type list.

Microsoft Patch Tuesday – August 2018
This month the vendor has patched 60 vulnerabilities, 20 of which are rated Critical.
As always, customers are advised to follow these security best practices:

Install vendor patches as soon as they are available.
Run all software with the least privileges required while still maintaining functionality.
Avoid handling files from unknown or questionable sources.
Never visit sites of unknown or questionable integrity.
Block external access at the network perimeter to all key systems unless specific access is required.
Microsoft's summary of the August 2018 releases can be found here:
https://portal.msrc.microsoft.com/en-us/security-guidance

This month's update covers vulnerabilities in:

Internet Explorer
Microsoft Edge
Microsoft Office
.NET Framework
Microsoft Windows
Device Guard Code
ChakraCore
Microsoft Exchange Server
Microsoft SQL Server
Visual Studio
The following is a breakdown of the issues being addressed this month:

Cumulative Security Update for Microsoft Browsers

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8266) MS Rating: Critical

Scripting Engine Memory Corruption Vulnerability (CVE-2018-8371) MS Rating: Critical

Scripting Engine Memory Corruption Vulnerability (CVE-2018-8372) MS Rating: Critical

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

Scripting Engine Memory Corruption Vulnerability (CVE-2018-8373) MS Rating: Critical

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8355) MS Rating: Critical

Scripting Engine Information Disclosure Vulnerability (CVE-2018-8359) MS Rating: Critical

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8380) MS Rating: Critical

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8381) MS Rating: Critical

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8384) MS Rating: Critical

Scripting Engine Memory Corruption Vulnerability (CVE-2018-8385) MS Rating: Critical

Microsoft Edge Memory Corruption Vulnerability (CVE-2018-8387) MS Rating: Critical

Scripting Engine Memory Corruption Vulnerability (CVE-2018-8390) MS Rating: Critical

Microsoft Browser Memory Corruption Vulnerability (CVE-2018-8403) MS Rating: Critical

A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

Microsoft Edge Memory Corruption Vulnerability (CVE-2018-8377) MS Rating: Critical

Internet Explorer Remote Code Execution Vulnerability (CVE-2018-8316) MS Rating: Important

A remote code execution vulnerability exists when Internet Explorer improperly validates hyperlinks before loading executable libraries. An attacker who successfully exploited this vulnerability could take control of an affected system. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

Microsoft Edge Information Disclosure Vulnerability (CVE-2018-8351) MS Rating: Important

An information disclosure vulnerability exists when the Microsoft Edge Fetch API incorrectly handles a filtered response type. An attacker could use the vulnerability to read the URL of a cross-origin request. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

Scripting Engine Memory Corruption Vulnerability (CVE-2018-8353) MS Rating: Important

Internet Explorer Privilege Escalation Vulnerability (CVE-2018-8357) MS Rating: Important

A privilege escalation vulnerability exists in Microsoft browsers allowing sandbox escape. An attacker who successfully exploited the vulnerability could use the sandbox escape to elevate privileges on an affected system. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

Microsoft Edge Information Disclosure Vulnerability (CVE-2018-8358) MS Rating: Important

A security bypass vulnerability exists when Microsoft browsers improperly handle redirect requests. The vulnerability allows Microsoft browsers to bypass CORS redirect restrictions, and to follow redirect requests that should otherwise be ignored. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

Microsoft Edge Information Disclosure Vulnerability (CVE-2018-8370) MS Rating: Important

An information disclosure vulnerability exists when WebAudio Library improperly handles audio requests. An attacker who has successfully exploited this vulnerability might be able to read privileged data across trust boundaries. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

Microsoft Edge Spoofing Vulnerability (CVE-2018-8383) MS Rating: Important

A spoofing vulnerability exists when Microsoft Edge does not properly parse HTTP content. An attacker who successfully exploited this vulnerability could trick a user by redirecting the user to a specially crafted website. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

Microsoft Edge Privilege Escalation Vulnerability (CVE-2018-8388) MS Rating: Low

A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content. An attacker who successfully exploited this vulnerability could trick a user into believing that the user was on a legitimate website. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

Scripting Engine Memory Corruption Vulnerability (CVE-2018-8389) MS Rating: Important

Cumulative Security Update for Microsoft Office

Microsoft Exchange Memory Corruption Vulnerability (CVE-2018-8302) MS Rating: Critical

A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the System user.

Microsoft Excel Remote Code Execution Vulnerability (CVE-2018-8375) MS Rating: Important

Microsoft PowerPoint Remote Code Execution Vulnerability (CVE-2018-8376) MS Rating: Important

Microsoft Office Information Disclosure Vulnerability (CVE-2018-8378) MS Rating: Important

An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory. An attacker who successfully exploited the vulnerability could view out of bound memory.

Microsoft Excel Remote Code Execution Vulnerability (CVE-2018-8379) MS Rating: Important

Microsoft Excel Information Disclosure Vulnerability (CVE-2018-8382) MS Rating: Important

Microsoft Exchange Server Tampering Vulnerability (CVE-2018-8374) MS Rating: Moderate

Cumulative Security Update for Microsoft .NET Framework

.NET Framework Information Disclosure Vulnerability (CVE-2018-8360) MS Rating: Important

An information disclosure vulnerability exists in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments. This issue may cause when .NET Framework is used in high-load/high-density network connections where content from one stream can blend into another stream.

Cumulative Security Update for Microsoft Windows Kernel

Windows Kernel Privilege Escalation Vulnerability (CVE-2018-8347) MS Rating: Important

A privilege escalation vulnerability exists in Microsoft Windows when the Windows kernel fails to properly handle parsing of certain symbolic links. An attacker who successfully exploited this vulnerability could potentially access privileged registry keys and thereby elevate permissions.

Windows Kernel Information Disclosure Vulnerability (CVE-2018-8348) MS Rating: Important

Win32k Privilege Escalation Vulnerability (CVE-2018-8399) MS Rating: Important

Win32k Privilege Escalation Vulnerability (CVE-2018-8404) MS Rating: Important

Cumulative Security Update for Microsoft Windows

Microsoft SQL Server Remote Code Execution Vulnerability (CVE-2018-8273) MS Rating: Critical

A buffer overflow vulnerability exists in the Microsoft SQL Server that could allow remote code execution on an affected system. An attacker who successfully exploited this vulnerability could execute code in the context of the SQL Server Database Engine service account.

Microsoft Graphics Remote Code Execution Vulnerability (CVE-2018-8344) MS Rating: Critical

A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system.

LNK Remote Code Execution Vulnerability (CVE-2018-8345) MS Rating: Critical

A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a '.LNK' file is processed. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user.

Windows PDF Remote Code Execution Vulnerability (CVE-2018-8350) MS Rating: Critical

A remote code execution vulnerability exists when Microsoft Windows PDF Library improperly handles objects in memory. The vulnerability could corrupt memory in a way that enables an attacker to execute arbitrary code in the context of the current user.

GDI+ Remote Code Execution Vulnerability (CVE-2018-8397) MS Rating: Critical

A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system.

Diagnostic Hub Standard Collector Privilege Escalation Vulnerability (CVE-2018-0952) MS Rating: Important

A privilege escalation vulnerability exists when Diagnostics Hub Standard Collector allows file creation in arbitrary locations. To exploit the vulnerability, an attacker would first have to log on to the system.

Cortana Privilege Escalation Vulnerability (CVE-2018-8253) MS Rating: Important

A privilege escalation vulnerability exists when Cortana allows arbitrary website browsing on the lockscreen. An attacker who successfully exploited the vulnerability could steal browser stored passwords or log on to websites as another user.

Windows Installer Privilege Escalation Vulnerability (CVE-2018-8339) MS Rating: Important

A privilege escalation vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior. A locally authenticated attacker could run arbitrary code with elevated system privileges.

ADFS Security Bypass Vulnerability (CVE-2018-8340) MS Rating: Important

A security bypass vulnerability exists when Active Directory Federation Services (AD FS) improperly handles multi-factor authentication requests. To exploit this vulnerability, an attacker could send a specially crafted authentication request.

Windows Kernel Information Disclosure Vulnerability (CVE-2018-8341) MS Rating: Important

Windows NDIS Privilege Escalation Vulnerability (CVE-2018-8342) MS Rating: Important

A privilege escalation vulnerability exists in the Network Driver Interface Specification (NDIS) when 'ndis.sys' fails to check the length of a buffer prior to copying memory to it.

Windows NDIS Privilege Escalation Vulnerability (CVE-2018-8343) MS Rating: Important

A privilege escalation vulnerability exists in the Network Driver Interface Specification (NDIS) when 'ndis.sys' fails to check the length of a buffer prior to copying memory to it.

LNK Remote Code Execution Vulnerability (CVE-2018-8346) MS Rating: Important

Microsoft COM for Windows Remote Code Execution Vulnerability (CVE-2018-8349) MS Rating: Important

A remote code execution vulnerability exists in Microsoft COM for Windows when it fails to properly handle serialized objects. An attacker who successfully exploited the vulnerability could use a specially crafted file or script to perform actions.

Windows GDI Information Disclosure Vulnerability (CVE-2018-8394) MS Rating: Important

Windows GDI Information Disclosure Vulnerability (CVE-2018-8396) MS Rating: Important

Windows GDI Information Disclosure Vulnerability (CVE-2018-8398) MS Rating: Important

DirectX Graphics Kernel Privilege Escalation Vulnerability (CVE-2018-8400) MS Rating: Important

DirectX Graphics Kernel Privilege Escalation Vulnerability (CVE-2018-8401) MS Rating: Important

DirectX Graphics Kernel Privilege Escalation Vulnerability (CVE-2018-8405) MS Rating: Important

DirectX Graphics Kernel Privilege Escalation Vulnerability (CVE-2018-8406) MS Rating: Important

Microsoft (MAU) Office Privilege Escalation Vulnerability (CVE-2018-8412) MS Rating: Important

A privilege escalation vulnerability exists when the Microsoft AutoUpdate (MAU) application for Mac improperly validates updates before executing them. An attacker who successfully exploited the vulnerability who already has the ability to execute code on a system could elevate privileges.

Windows Shell Remote Code Execution Vulnerability (CVE-2018-8414) MS Rating: Important

A remote code execution vulnerability exists when the Windows Shell does not properly validate file paths. An attacker who successfully exploited this vulnerability could run arbitrary code in the context of the current user.

Cumulative Security Update for Microsoft Device Guard Code

Device Guard Code Integrity Policy Security Bypass Vulnerability (CVE-2018-8200) MS Rating: Important

Device Guard Code Integrity Policy Security Bypass Vulnerability (CVE-2018-8204) MS Rating: Important

Microsoft Patch Tuesday – July 2018
This month the vendor has patched 53 vulnerabilities, 17 of which are rated Critical.
As always, customers are advised to follow these security best practices:

Install vendor patches as soon as they are available.
Run all software with the least privileges required while still maintaining functionality.
Avoid handling files from unknown or questionable sources.
Never visit sites of unknown or questionable integrity.
Block external access at the network perimeter to all key systems unless specific access is required.
Microsoft's summary of the July 2018 releases can be found here:
https://portal.msrc.microsoft.com/en-us/security-guidance

This month's update covers vulnerabilities in:

Internet Explorer
Microsoft Edge
Microsoft Office
Microsoft .NET
Microsoft Windows
ChakraCore

The following is a breakdown of the issues being addressed this month:

Cumulative Security Update for Microsoft Browsers

Scripting Engine Memory Corruption Vulnerability (CVE-2018-8242) MS Rating: Critical

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. This vulnerability may corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

Scripting Engine Memory Corruption Vulnerability (CVE-2018-8275) MS Rating: Critical

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. This vulnerability may corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

Scripting Engine Memory Corruption Vulnerability (CVE-2018-8279) MS Rating: Critical

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8280) MS Rating: Critical

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

Scripting Engine Memory Corruption Vulnerability (CVE-2018-8283) MS Rating: Critical

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8286) MS Rating: Critical

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

Scripting Engine Memory Corruption Vulnerability (CVE-2018-8288) MS Rating: Critical

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8290) MS Rating: Critical

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

Scripting Engine Memory Corruption Vulnerability (CVE-2018-8291) MS Rating: Critical

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8294) MS Rating: Critical

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

Scripting Engine Memory Corruption Vulnerability (CVE-2018-8296) MS Rating: Critical

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. This vulnerability may corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

Scripting Engine Memory Corruption Vulnerability (CVE-2018-8298) MS Rating: Critical

Microsoft Edge Memory Corruption Vulnerability (CVE-2018-8262) MS Rating: Critical

Microsoft Edge Memory Corruption Vulnerability (CVE-2018-8274) MS Rating: Critical

Microsoft Edge Memory Corruption Vulnerability (CVE-2018-8301) MS Rating: Critical

Microsoft Edge Information Disclosure Vulnerability (CVE-2018-8324) MS Rating: Critical

An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system.

Scripting Engine Memory Corruption Vulnerability (CVE-2018-8287) MS Rating: Important

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

Internet Explorer Security Bypass Vulnerability (CVE-2018-0949) MS Rating: Important

A security bypass vulnerability exists when Microsoft Internet Explorer improperly handles requests involving UNC resources. An attacker who successfully exploited the vulnerability could force the browser to load data that would otherwise be restricted.

Microsoft Edge Information Disclosure Vulnerability (CVE-2018-8289) MS Rating: Important

Microsoft Edge Information Disclosure Vulnerability (CVE-2018-8297) MS Rating: Important

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8125) MS Rating: Important

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

Scripting Engine Security Bypass Vulnerability (CVE-2018-8276) MS Rating: Important

A security bypass vulnerability exists in the Microsoft Chakra scripting engine that allows Control Flow Guard (CFG) to be bypassed. By itself, the CFG bypass vulnerability does not allow arbitrary code execution.

Microsoft Edge Spoofing Vulnerability (CVE-2018-8278) MS Rating: Important

Microsoft Edge Information Disclosure Vulnerability (CVE-2018-8325) MS Rating: Important

Cumulative Security Update for Microsoft Office

Microsoft Office Remote Code Execution Vulnerability (CVE-2018-8281) MS Rating: Important

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.

Microsoft SharePoint Privilege Escalation Vulnerability (CVE-2018-8299) MS Rating: Important

Microsoft SharePoint Remote Code Execution Vulnerability (CVE-2018-8300) MS Rating: Important

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint server farm account.

Microsoft SharePoint Privilege Escalation Vulnerability (CVE-2018-8323) MS Rating: Important

Microsoft Access Remote Code Execution Use After Free Vulnerability (CVE-2018-8312) MS Rating: Important

A remote code execution vulnerability exists when Microsoft Access fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could take control of the affected system.

Microsoft Office Tampering Vulnerability (CVE-2018-8310) MS Rating: Low

A tampering vulnerability exists when Microsoft Outlook does not properly handle specific attachment types when rendering HTML emails. An attacker could exploit the vulnerability by sending a specially crafted email and attachment to a victim, or by hosting a malicious.

Cumulative Security Update for Microsoft .NET

ASP.NET Core Security Bypass Vulnerability (CVE-2018-8171) MS Rating: Important

A security bypass vulnerability exists in ASP. NET Core when the number of incorrect login attempts is not validated. An attacker who successfully exploited this vulnerability could try an infinite number of authentication attempts.

.NET Framework Privilege Escalation Vulnerability (CVE-2018-8202) MS Rating: Important

A Privilege Escalation vulnerability exists in . NET Framework which could allow an attacker to elevate their privilege level. To exploit the vulnerability, an attacker would first have to access the local machine, and then run a malicious program.

.NET Framework Remote Code Execution Vulnerability (CVE-2018-8260) MS Rating: Important

A Remote Code Execution vulnerability exists in . NET software when the software fails to check the source markup of a file. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. Exploitation of the vulnerability requires that a user open a specially crafted file with an affected version of .NET. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file.

.NET Framework Remote Code Injection Vulnerability (CVE-2018-8284) MS Rating: Important

A remote code execution vulnerability exists when the Microsoft . NET Framework fails to validate input properly. An attacker who successfully exploited this vulnerability could take control of an affected system. To exploit the vulnerability, an attacker would need to pass specific input to an application utilizing susceptible .Net methods.

.NET Framework Security Bypass Vulnerability (CVE-2018-8356) MS Rating: Important

A security bypass vulnerability exists when Microsoft . NET Framework components do not correctly validate certificates. An attacker could present expired certificates when challenged.

Cumulative Security Update for Microsoft Windows Kernel

Win32k Privilege Escalation Vulnerability (CVE-2018-8282) MS Rating: Important

Windows Privilege Escalation Vulnerability (CVE-2018-8313) MS Rating: Important

A privilege escalation vulnerability exists in the way that the Windows Kernel API enforces permissions. An attacker who successfully exploited the vulnerability could impersonate processes, interject cross-process communication, or interrupt system functionality.

Windows Kernel Privilege Escalation Vulnerability (CVE-2018-8308) MS Rating: Important

Cumulative Security Update for Microsoft Windows

PowerShell Editor Services Remote Code Execution Vulnerability (CVE-2018-8327) MS Rating: Critical

A remote code execution vulnerability exists in PowerShell Editor Services. An attacker who successfully exploited this vulnerability could execute malicious code on a vulnerable system.

Visual Studio Remote Code Execution Vulnerability (CVE-2018-8172) MS Rating: Important

A remote code execution vulnerability exists in Visual Studio software when the software fails to check the source markup of a file for an unbuilt project. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.

Skype for Business and Lync Security Bypass Vulnerability (CVE-2018-8238) MS Rating: Important

A security bypass vulnerability exists when Skype for Business or Lync do not properly parse UNC path links shared via messages. An attacker who successfully exploited the vulnerability could execute arbitrary commands in the context of the logged-in user.

Remote Code Execution Vulnerability in Skype For Business and Lync (CVE-2018-8311) MS Rating: Important

A remote code execution vulnerability exists when Skype for Business and Microsoft Lync clients fail to properly sanitize specially crafted content. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user.

Windows FTP Server Denial of Service Vulnerability (CVE-2018-8206) MS Rating: Important

A denial of service vulnerability exists when Windows improperly handles File Transfer Protocol (FTP) connections. An attacker who successfully exploited the vulnerability could cause a target system to stop responding.

Device Guard Code Integrity Policy Security Bypass Vulnerability (CVE-2018-8222) MS Rating: Important

Microsoft Macro Assembler Tampering Vulnerability (CVE-2018-8232) MS Rating: Moderate

A Tampering vulnerability exists when Microsoft Macro Assembler improperly validates code. An attacker could introduce code into an application, which modifies data in an unintended manner.

Windows DNSAPI Denial of Service Vulnerability (CVE-2018-8304) MS Rating: Important

A denial of service vulnerability exists in Windows Domain Name System (DNS) DNSAPI. dll when it fails to properly handle DNS responses.
Windows Mail Client Information Disclosure Vulnerability (CVE-2018-8305) MS Rating: Important

An information disclosure vulnerability exists in Windows Mail Client when a message is opened. This vulnerability could potentially result in the disclosure of sensitive information to a malicious site.

Microsoft Wireless Display Adapter Command Injection Vulnerability (CVE-2018-8306) MS Rating: Important

A command injection vulnerability exists in the Microsoft Wireless Display Adapter (MWDA) when the Microsoft Wireless Display Adapter does not properly manage user input. For this vulnerability to be exploited, the attacker must be authenticated (logged on) to the target display.

WordPad Security Bypass Vulnerability (CVE-2018-8307) MS Rating: Important

A security bypass vulnerability exists when Microsoft WordPad improperly handles embedded OLE objects. An attacker who successfully exploited the vulnerability could bypass content blocking.

Windows Denial of Service Vulnerability (CVE-2018-8309) MS Rating: Important

A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding.

Windows Privilege Escalation Vulnerability (CVE-2018-8314) MS Rating: Important

A privilege escalation vulnerability exists when Windows fails a check, allowing a sandbox escape. An attacker who successfully exploited the vulnerability could use the sandbox escape to elevate privileges on an affected system.

MSR JavaScript Cryptography Library Security Bypass Vulnerability (CVE-2018-8319) MS Rating: Important

A security bypass vulnerability exists in MSR JavaScript Cryptography Library that is caused by incorrect arithmetic computations. An attacker could craft a signature, without the need of the corresponding key, and mimic the entity associated with the public/private key pair.

Open Source Customization for Active Directory Federation Services XSS Vulnerability (CVE-2018-8326) MS Rating: Important

Microsoft Patch Tuesday – June 2018
This month the vendor has patched 50 vulnerabilities, 11 of which are rated Critical.
As always, customers are advised to follow these security best practices:

Install vendor patches as soon as they are available.
Run all software with the least privileges required while still maintaining functionality.
Avoid handling files from unknown or questionable sources.
Never visit sites of unknown or questionable integrity.
Block external access at the network perimeter to all key systems unless specific access is required.
Microsoft's summary of the June 2018 releases can be found here:
https://portal.msrc.microsoft.com/en-us/security-guidance

This month's update covers vulnerabilities in:

Internet Explorer
Microsoft Edge
Microsoft Office
Microsoft Hyper-V
Microsoft Windows
Device Guard Code
ChakraCore

The following is a breakdown of the issues being addressed this month:

Cumulative Security Update for Microsoft Browsers

Microsoft Edge Memory Corruption Vulnerability (CVE-2018-8236)MS Rating: Critical

Scripting Engine Memory Corruption Vulnerability (CVE-2018-8243)MS Rating: Critical

Internet Explorer Memory Corruption Vulnerability (CVE-2018-8249)MS Rating: Critical

Scripting Engine Memory Corruption Vulnerability (CVE-2018-8267)MS Rating: Critical

Microsoft Edge Memory Corruption Vulnerability (CVE-2018-8110)MS Rating: Critical

Microsoft Edge Memory Corruption Vulnerability (CVE-2018-8111)MS Rating: Critical

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8229)MS Rating: Critical

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

Microsoft Edge Information Disclosure Vulnerability (CVE-2018-0871)MS Rating: Important

An information disclosure vulnerability exists when Edge improperly marks files. An attacker who successfully exploited this vulnerability could exfiltrate file contents from disk. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

Internet Explorer Memory Corruption Vulnerability (CVE-2018-0978)MS Rating: Important

Internet Explorer Security Feature Bypass Vulnerability (CVE-2018-8113)MS Rating: Important

A security bypass vulnerability exists in Internet Explorer that allows for bypassing Mark of the Web Tagging (MOTW). Failing to set the MOTW means that a large number of Microsoft security technologies are bypassed. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8227)MS Rating: Important

Microsoft Edge Information Disclosure Vulnerability (CVE-2018-8234)MS Rating: Important

An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory. An attacker can exploit this issue to obtain sensitive information to further compromise the user’s system. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

Microsoft Edge Security Bypass Vulnerability (CVE-2018-8235)MS Rating: Important

A security bypass vulnerability exists when Microsoft Edge improperly handles requests of different origins. An attacker can exploit this issue to bypass Same-Origin Policy (SOP) restrictions, and to allow requests that should otherwise be ignored.

Cumulative Security Update for Microsoft Office

Microsoft Outlook Elevation of Privilege Vulnerability (CVE-2018-8244)MS Rating: Important

A privilege escalation vulnerability exists when Microsoft Outlook does not validate attachment headers properly. An attacker who successfully exploited the vulnerability could send an email with hidden attachments that would be opened or executed once a victim clicks a link within the email.

Microsoft Office Elevation of Privilege Vulnerability (CVE-2018-8245)MS Rating: Important

A privilege escalation vulnerability exists when Microsoft Publisher fails to utilize features that lock down the Local Machine zone when instantiating OLE objects. An attacker who successfully exploited the vulnerability could force arbitrary code to be executed in the Local Machine zone.

Microsoft Excel Information Disclosure Vulnerability (CVE-2018-8246)MS Rating: Important

Microsoft Office Elevation of Privilege Vulnerability (CVE-2018-8247)MS Rating: Important

A privilege escalation vulnerability exists when Office Web Apps Server 2013 and Office Online Server fail to properly handle web requests. An attacker who successfully exploited this vulnerability could perform script/content injection attacks and attempt to trick the user into disclosing sensitive information.

Microsoft Excel Remote Code Execution Vulnerability (CVE-2018-8248)MS Rating: Important

Microsoft SharePoint Elevation of Privilege Vulnerability (CVE-2018-8252)MS Rating: Important

Microsoft SharePoint Elevation of Privilege Vulnerability (CVE-2018-8254)MS Rating: Important

Cumulative Security Update for Microsoft Hyper-V

Windows Hyper-V Denial of Service Vulnerability (CVE-2018-8218)MS Rating: Important

Hypervisor Code Integrity Elevation of Privilege Vulnerability (CVE-2018-8219)MS Rating: Important

A privilege escalation vulnerability exists when Windows Hyper-V instruction emulation fails to properly enforce privilege levels. An attacker who successfully exploited this vulnerability could gain elevated privileges on a target guest operating system.

Cumulative Security Update for Microsoft Windows Kernel

Windows Kernel Information Disclosure Vulnerability (CVE-2018-8121)MS Rating: Important

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. An attacker can exploit this issue by running a specially crafted application. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system.

Windows Kernel Information Disclosure Vulnerability (CVE-2018-8207)MS Rating: Important

Windows Kernel Elevation of Privilege Vulnerability (CVE-2018-8224)MS Rating: Important

Win32k Elevation of Privilege Vulnerability (CVE-2018-8233)MS Rating: Important

Cumulative Security Update for Microsoft Windows

Media Foundation Memory Corruption Vulnerability (CVE-2018-8251)MS Rating: Critical

A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.

Windows Remote Code Execution Vulnerability (CVE-2018-8213)MS Rating: Critical

A remote code execution vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited these vulnerabilities could take control of an affected system.

Windows DNSAPI Remote Code Execution Vulnerability (CVE-2018-8225)MS Rating: Critical

A remote code execution vulnerability exists in Windows Domain Name System (DNS) DNSAPI. dll when it fails to properly handle DNS responses.

HTTP Protocol Stack Remote Code Execution Vulnerability (CVE-2018-8231)MS Rating: Critical

A remote code execution vulnerability exists when HTTP Protocol Stack (Http.sys) improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code and take control of the affected system.

Windows Elevation of Privilege Vulnerability (CVE-2018-0982)MS Rating: Important

NTFS Elevation of Privilege Vulnerability (CVE-2018-1036)MS Rating: Important

A privilege escalation vulnerability exists when NTFS improperly checks access. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

Windows Code Integrity Module Denial of Service Vulnerability (CVE-2018-1040)MS Rating: Important

A denial of service vulnerability exists in the way that the Windows Code Integrity Module performs hashing. An attacker who successfully exploited the vulnerability could cause a system to stop responding.

Cortana Elevation of Privilege Vulnerability (CVE-2018-8140)MS Rating: Important

A privilege escalation vulnerability exists when Cortana retrieves data from user input services without consideration for status. An attacker who successfully exploited the vulnerability could execute commands with elevated permissions.

HIDParser Elevation of Privilege Vulnerability (CVE-2018-8169)MS Rating: Important

A privilege escalation vulnerability exists when the (Human Interface Device) HID Parser Library driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

WEBDAV Denial of Service Vulnerability (CVE-2018-8175)MS Rating: Important

An denial of service vulnerability exists when Windows NT WEBDAV Minirdr attempts to query a WEBDAV directory. An attacker who successfully exploited the vulnerability could cause a denial of service.

Windows Denial of Service Vulnerability (CVE-2018-8205)MS Rating: Important

A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding.

Windows Desktop Bridge Elevation of Privilege Vulnerability (CVE-2018-8208)MS Rating: Important

A privilege escalation vulnerability exists in Windows when Desktop Bridge does not properly manage the virtual registry. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

Windows Wireless Network Profile Information Disclosure Vulnerability (CVE-2018-8209)MS Rating: Important

An information disclosure vulnerability exists when Windows allows a normal user to access the Wireless LAN profile of an administrative user. An authenticated attacker who successfully exploited the vulnerability could access the Wireless LAN profile of an administrative user, including passwords for wireless networks.

Windows Remote Code Execution Vulnerability (CVE-2018-8210)MS Rating: Important

A remote code execution vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited these vulnerabilities could take control of an affected system.

HTTP.sys Denial of Service Vulnerability (CVE-2018-8226)MS Rating: Important

A denial of service vulnerability exists in the HTTP 2.0 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP 2.0 requests. An attacker who successfully exploited the vulnerability could create a denial of service condition, causing the target system to become unresponsive.

Windows GDI Information Disclosure Vulnerability (CVE-2018-8239)MS Rating: Important

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker can exploit this issue to obtain sensitive information to further compromise the user’s system.

Windows Desktop Bridge Elevation of Privilege Vulnerability (CVE-2018-8214)MS Rating: Important

Cumulative Security Update for Microsoft Device Guard Code

Device Guard Code Integrity Policy Security Bypass Vulnerability (CVE-2018-8211)MS Rating: Important

Device Guard Code Integrity Policy Security Bypass Vulnerability (CVE-2018-8212)MS Rating: Important

Device Guard Code Integrity Policy Security Bypass Vulnerability (CVE-2018-8215)MS Rating: Important

Device Guard Code Integrity Policy Security Bypass Vulnerability (CVE-2018-8216)MS Rating: Important

Device Guard Code Integrity Policy Security Bypass Vulnerability (CVE-2018-8217)MS Rating: Important

Device Guard Code Integrity Policy Security Bypass Vulnerability (CVE-2018-8221)MS Rating: Important

Device Guard Code Integrity Policy Security Bypass Vulnerability (CVE-2018-8201)MS Rating: Important

Microsoft Patch Tuesday – May 2018
This month the vendor has patched 67 vulnerabilities, 21 of which are rated Critical.
As always, customers are advised to follow these security best practices:

Install vendor patches as soon as they are available.
Run all software with the least privileges required while still maintaining functionality.
Avoid handling files from unknown or questionable sources.
Never visit sites of unknown or questionable integrity.
Block external access at the network perimeter to all key systems unless specific access is required.
Microsoft's summary of the May 2018 releases can be found here:
https://portal.msrc.microsoft.com/en-us/security-guidance

This month's update covers vulnerabilities in:

Internet Explorer
Microsoft Edge
Microsoft Office
Exchange Server
.NET Framework
Microsoft Hyper-V
Microsoft Windows
ChakraCore
Azure IoT SDK

The following is a breakdown of the issues being addressed this month:

Cumulative Security Update for Microsoft Browsers

Microsoft Browser Memory Corruption Vulnerability (CVE-2018-8178) MS Rating: Critical

A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Microsoft Edge Memory Corruption Vulnerability (CVE-2018-8179) MS Rating: Critical

A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Windows VBScript Engine Remote Code Execution Vulnerability (CVE-2018-8174) MS Rating: Critical

Scripting Engine Memory Corruption Vulnerability (CVE-2018-8128) MS Rating: Critical

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8130) MS Rating: Critical

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8133) MS Rating: Critical

Scripting Engine Memory Corruption Vulnerability (CVE-2018-8137) MS Rating: Critical

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-0943) MS Rating: Critical

Scripting Engine Memory Corruption Vulnerability (CVE-2018-0945) MS Rating: Critical

Scripting Engine Memory Corruption Vulnerability (CVE-2018-0946) MS Rating: Critical

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-0951) MS Rating: Critical

Scripting Engine Memory Corruption Vulnerability (CVE-2018-0953) MS Rating: Critical

Scripting Engine Memory Corruption Vulnerability (CVE-2018-0954) MS Rating: Critical

Scripting Engine Memory Corruption Vulnerability (CVE-2018-0955) MS Rating: Critical

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8177) MS Rating: Critical

Scripting Engine Memory Corruption Vulnerability (CVE-2018-1022) MS Rating: Critical

Scripting Engine Memory Corruption Vulnerability (CVE-2018-8114) MS Rating: Critical

Scripting Engine Memory Corruption Vulnerability (CVE-2018-8122) MS Rating: Critical

Scripting Engine Memory Corruption Vulnerability (CVE-2018-8139) MS Rating: Critical

Microsoft Edge Information Disclosure Vulnerability (CVE-2018-1021) MS Rating: Important

Microsoft Browser Information Disclosure Vulnerability (CVE-2018-1025) MS Rating: Important

An information disclosure vulnerability exists when affected Microsoft browsers improperly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system.

Microsoft Edge Security Bypass Vulnerability (CVE-2018-8112) MS Rating: Important

Microsoft Edge Memory Corruption Vulnerability (CVE-2018-8123) MS Rating: Important

Internet Explorer security bypass Vulnerability (CVE-2018-8126) MS Rating: Important

A security bypass vulnerability exists when Internet Explorer fails to validate User Mode Code Integrity (UMCI) policies. The vulnerability could allow an attacker to bypass Device Guard UMCI policies.

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8145) MS Rating: Important

An information disclosure vulnerability exists when Chakra improperly discloses the contents of its memory, which could provide an attacker with information to further compromise the user's computer or data.

Cumulative Security Update for Microsoft Office

Microsoft Excel Remote Code Execution Vulnerability (CVE-2018-8147) MS Rating: Important

Microsoft Excel Remote Code Execution Vulnerability (CVE-2018-8148) MS Rating: Important

Microsoft SharePoint Privilege Escalation Vulnerability (CVE-2018-8149) MS Rating: Important

Microsoft Outlook security bypass Vulnerability (CVE-2018-8150) MS Rating: Important

A security bypass vulnerability exists when the Microsoft Outlook attachment block filter does not properly handle attachments. An attacker who successfully exploited the vulnerability could execute arbitrary commands.

Microsoft Exchange Memory Corruption Vulnerability (CVE-2018-8151) MS Rating: Moderate

An information disclosure vulnerability exists when Microsoft Exchange improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the remote system.

Microsoft Exchange Server Privilege Escalation Vulnerability (CVE-2018-8152) MS Rating: Important

A privilege escalation vulnerability exists when Microsoft Exchange Outlook Web Access (OWA) fails to properly handle web requests.

Microsoft Exchange Spoofing Vulnerability (CVE-2018-8153) MS Rating: Low

A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web Access (OWA) fails to properly handle web requests. An attacker who successfully exploited the vulnerability could perform script or content injection attacks, and attempt to trick the user into disclosing sensitive information.

Microsoft Exchange Memory Corruption Vulnerability (CVE-2018-8154) MS Rating: Low

Microsoft SharePoint Privilege Escalation Vulnerability (CVE-2018-8155) MS Rating: Important

Microsoft SharePoint Privilege Escalation Vulnerability (CVE-2018-8156) MS Rating: Important

Microsoft Office Remote Code Execution Vulnerability (CVE-2018-8157) MS Rating: Important

Microsoft Office Remote Code Execution Vulnerability (CVE-2018-8158) MS Rating: Important

Microsoft Exchange Privilege Escalation Vulnerability (CVE-2018-8159) MS Rating: Important

A privilege escalation vulnerability exists when Microsoft Exchange Outlook Web Access (OWA) fails to properly handle web requests.

Microsoft Outlook Information Disclosure Vulnerability (CVE-2018-8160) MS Rating: Important

An information disclosure vulnerability exists in Outlook when a message is opened. This vulnerability could potentially result in the disclosure of sensitive information to a malicious site.

Microsoft Office Remote Code Execution Vulnerability (CVE-2018-8161) MS Rating: Important

Microsoft Excel Remote Code Execution Vulnerability (CVE-2018-8162) MS Rating: Important

Microsoft Excel Information Disclosure Vulnerability (CVE-2018-8163) MS Rating: Important

Microsoft SharePoint Privilege Escalation Vulnerability (CVE-2018-8168) MS Rating: Low

Cumulative Security Update for Microsoft .NET Framework

.NET and .NET Core Denial Of Service Vulnerability (CVE-2018-0765) MS Rating: Important

A denial of service vulnerability exists when .NET and .NET Core improperly process XML documents.

Cumulative Security Update for Microsoft Hyper-V

Hyper-V Remote Code Execution Vulnerability (CVE-2018-0959) MS Rating: Critical

A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system.

Hyper-V vSMB Remote Code Execution Vulnerability (CVE-2018-0961) MS Rating: Critical

A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate vSMB packet data. An attacker who successfully exploited these vulnerabilities could execute arbitrary code on a target operating system.

Cumulative Security Update for Microsoft Windows Kernel

Win32k Privilege Escalation Vulnerability (CVE-2018-8124) MS Rating: Important

Windows Kernel Information Disclosure Vulnerability (CVE-2018-8141) MS Rating: Important

Windows Kernel Information Disclosure Vulnerability (CVE-2018-8127) MS Rating: Important

Windows Kernel Privilege Escalation Vulnerability (CVE-2018-8897) MS Rating: Important

Win32k Privilege Escalation Vulnerability (CVE-2018-8164) MS Rating: Important

Win32k Privilege Escalation Vulnerability (CVE-2018-8166) MS Rating: Important

Cumulative Security Update for Microsoft Windows

Microsoft COM for Windows Remote Code Execution Vulnerability (CVE-2018-0824) MS Rating: Important

Windows Security Bypass Vulnerability (CVE-2018-0854) MS Rating: Important

A security bypass vulnerability exists in Windows Scripting Host which could allow an attacker to bypass Device Guard. An attacker who successfully exploited this vulnerability could circumvent a User Mode Code Integrity (UMCI) policy on the machine.

Windows Security Bypass Vulnerability (CVE-2018-0958) MS Rating: Important

A security bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard. An attacker who successfully exploited this vulnerability could circumvent a User Mode Code Integrity (UMCI) policy on the machine.

Windows Security Bypass Vulnerability (CVE-2018-1039) MS Rating: Important

A security bypass vulnerability exists in . Net Framework which could allow an attacker to bypass Device Guard.

Win32k Privilege Escalation Vulnerability (CVE-2018-8120) MS Rating: Important

Windows Security Bypass Vulnerability (CVE-2018-8129) MS Rating: Important

Windows Security Bypass Vulnerability (CVE-2018-8132) MS Rating: Important

Windows Privilege Escalation Vulnerability (CVE-2018-8134) MS Rating: Important

Windows Remote Code Execution Vulnerability (CVE-2018-8136) MS Rating: Low

A remote code execution vulnerability exists in the way that Windows handles objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code with elevated permissions on a target system.

DirectX Graphics Kernel Privilege Escalation Vulnerability (CVE-2018-8165) MS Rating: Important

A privilege escalation vulnerability exists when the DirectX Graphics Kernel(DXGKRNL) driver improperly handles objects in memory.

Windows Common Log File System Driver Privilege Escalation Vulnerability (CVE-2018-8167) MS Rating: Important

A privilege escalation vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory.

Windows Image Privilege Escalation Vulnerability (CVE-2018-8170) MS Rating: Important

A privilege escalation vulnerability exists in the way that the Windows kernel image handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

Microsoft InfoPath Remote Code Execution Vulnerability (CVE-2018-8173) MS Rating: Important

A remote code execution vulnerability exists in Microsoft InfoPath when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.

Windows Security Bypass Vulnerability (CVE-2018-8142) MS Rating: Important

A security bypass exists when Windows incorrectly validates kernel driver signatures. An attacker who successfully exploited this vulnerability could bypass security features and load improperly signed drivers into the kernel.

Cumulative Security Update for Microsoft Azure IoT SDK

Azure IoT SDK Spoofing Vulnerability (CVE-2018-8119) MS Rating: Important

A spoofing vulnerability exists when the Azure IoT Device Provisioning AMQP Transport library improperly validates certificates over the AMQP protocol. An attacker who successfully exploited this vulnerability could impersonate a server used duing the provisioning process.

Microsoft Patch Tuesday – April 2018
This month the vendor has patched 66 vulnerabilities, 22 of which are rated Critical.
As always, customers are advised to follow these security best practices:

Install vendor patches as soon as they are available.
Run all software with the least privileges required while still maintaining functionality.
Avoid handling files from unknown or questionable sources.
Never visit sites of unknown or questionable integrity.
Block external access at the network perimeter to all key systems unless specific access is required.
Microsoft's summary of the April 2018 releases can be found here:
https://portal.msrc.microsoft.com/en-us/security-guidance

This month's update covers vulnerabilities in:

Internet Explorer
Microsoft Edge
Microsoft Office
Microsoft Visual Studio
Microsoft Hyper-V
Microsoft EOT Font Engine
Microsoft Windows
ChakraCore

The following is a breakdown of the issues being addressed this month:

Cumulative Security Update for Microsoft Browsers

Internet Explorer Memory Corruption Vulnerability (CVE-2018-0870) MS Rating: Critical

Internet Explorer Memory Corruption Vulnerability (CVE-2018-1018) MS Rating: Critical

Internet Explorer Memory Corruption Vulnerability (CVE-2018-1020) MS Rating: Critical

Internet Explorer Memory Corruption Vulnerability (CVE-2018-0991) MS Rating: Critical

Internet Explorer Memory Corruption Vulnerability (CVE-2018-0988) MS Rating: Critical

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Scripting Engine Memory Corruption Vulnerability (CVE-2018-0996) MS Rating: Critical

Scripting Engine Information Disclosure Vulnerability (CVE-2018-1000) MS Rating: Critical

An information disclosure vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could provide an attacker with information to further compromise the user's computer or data.

Scripting Engine Information Disclosure Vulnerability (CVE-2018-0981) MS Rating: Critical

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-0979) MS Rating: Critical

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-0980) MS Rating: Critical

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-0993) MS Rating: Critical

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-0994) MS Rating: Critical

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-0995) MS Rating: Critical

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-1019) MS Rating: Critical

Microsoft Browser Memory Corruption Vulnerability (CVE-2018-1023) MS Rating: Critical

Internet Explorer Memory Corruption Vulnerability (CVE-2018-0997) MS Rating: Important

Microsoft Edge Information Disclosure Vulnerability (CVE-2018-0998) MS Rating: Important

An information disclosure vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system.

Microsoft Edge Information Disclosure Vulnerability (CVE-2018-0892) MS Rating: Important

Scripting Engine Memory Corruption Vulnerability (CVE-2018-1001) MS Rating: Important

Scripting Engine Information Disclosure Vulnerability (CVE-2018-0987) MS Rating: Important

An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Internet Explorer. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system.

Scripting Engine Information Disclosure Vulnerability (CVE-2018-0989) MS Rating: Important

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-0990) MS Rating: Critical

Cumulative Security Update for Microsoft EOT Font Engine

Windows EOT Font Engine Remote Code Execution (CVE-2018-1010) MS Rating: Critical

Windows EOT Font Engine Remote Code Execution (CVE-2018-1012) MS Rating: Critical

Windows EOT Font Engine Remote Code Execution (CVE-2018-1013) MS Rating: Critical

Windows EOT Font Engine Remote Code Execution (CVE-2018-1015) MS Rating: Critical

Windows EOT Font Engine Remote Code Execution (CVE-2018-1016) MS Rating: Critical

Cumulative Security Update for Microsoft Office

Microsoft Office Graphics Remote Code Execution Vulnerability (CVE-2018-1028) MS Rating: Important

A remote code execution vulnerability exists when the Office graphics improperly handles specially crafted embedded fonts. An attacker who successfully exploited this vulnerability could take control of the affected system.

Microsoft Office Graphics Information Disclosure Vulnerability (CVE-2018-1007) MS Rating: Important

An information disclosure vulnerability exists when an Office Graphics component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system.

Microsoft Outlook Information Disclosure Vulnerability (CVE-2018-0950) MS Rating: Important

An information disclosure vulnerability exists when Office renders Rich Text Format (RTF) email messages containing OLE objects when a message is opened or previewed. This vulnerability could potentially result in the disclosure of sensitive information to a malicious site.

Microsoft Excel Remote Code Execution Vulnerability (CVE-2018-0920) MS Rating: Important

Microsoft Excel Remote Code Execution Vulnerability (CVE-2018-1011) MS Rating: Important

Microsoft Excel Remote Code Execution Vulnerability (CVE-2018-1026) MS Rating: Important

Microsoft Excel Remote Code Execution Vulnerability (CVE-2018-1027) MS Rating: Important

Microsoft Excel Remote Code Execution Vulnerability (CVE-2018-1029) MS Rating: Important

Microsoft Excel Remote Code Execution Vulnerability (CVE-2018-1030) MS Rating: Important

Microsoft SharePoint Elevation of Privilege Vulnerability (CVE-2018-1032) MS Rating: Important

Microsoft SharePoint Elevation of Privilege Vulnerability (CVE-2018-1034) MS Rating: Important

Microsoft SharePoint Elevation of Privilege Vulnerability (CVE-2018-1005) MS Rating: Important

Microsoft SharePoint Elevation of Privilege Vulnerability (CVE-2018-1014) MS Rating: Important

Cumulative Security Update for Microsoft Windows Kernel

Windows Kernel Information Disclosure Vulnerability (CVE-2018-0887) MS Rating: Important

Windows Kernel Information Disclosure Vulnerability (CVE-2018-0968) MS Rating: Important

An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass. An attacker who successfully exploited the vulnerability could retrieve the memory address of a kernel object.

Windows Kernel Information Disclosure Vulnerability (CVE-2018-0969) MS Rating: Important

Windows Kernel Information Disclosure Vulnerability (CVE-2018-0970) MS Rating: Important

Windows Kernel Information Disclosure Vulnerability (CVE-2018-0971) MS Rating: Important

Windows Kernel Information Disclosure Vulnerability (CVE-2018-0972) MS Rating: Important

Windows Kernel Information Disclosure Vulnerability (CVE-2018-0973) MS Rating: Important

Windows Kernel Information Disclosure Vulnerability (CVE-2018-0974) MS Rating: Important

Windows Kernel Information Disclosure Vulnerability (CVE-2018-0975) MS Rating: Important

Windows Kernel Information Disclosure Vulnerability (CVE-2018-0960) MS Rating: Important

Windows Kernel Elevation of Privilege (CVE-2018-0963) MS Rating: Important

Cumulative Security Update for Microsoft Visual Studio

Microsoft Visual Studio Information Disclosure Vulnerability (CVE-2018-1037) MS Rating: Important

An information disclosure vulnerability exists when Visual Studio improperly discloses the contents of its memory. An attacker who exploited the vulnerability could view uninitialized memory from the computer used to compile a program database file.

Cumulative Security Update for Microsoft Hyper-V

Hyper-V Information Disclosure (CVE-2018-0957) MS Rating: Important

Hyper-V Information Disclosure (CVE-2018-0964) MS Rating: Important

Cumulative Security Update for Microsoft Windows

Windows VBScript Engine Remote Code Execution Vulnerability (CVE-2018-1004) MS Rating: Critical

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Active Directory Security Feature Bypass Vulnerability (CVE-2018-0890) MS Rating: Important

A security feature bypass vulnerability exists when Active Directory incorrectly applies Network Isolation settings. To exploit this vulnerability, an attacker could run a specially crafted application.

HTTP.sys Denial of Service Vulnerability (CVE-2018-0956) MS Rating: Important

Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability (CVE-2018-0976) MS Rating: Important

A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the RDP service on the target system to stop responding.

Windows SNMP Service Denial of Service Vulnerability (CVE-2018-0967) MS Rating: Important

A denial of service vulnerability exists in the way that Windows SNMP Service handles malformed SNMP traps. An attacker who successfully exploited the vulnerability could cause a target system to stop responding.

Microsoft DirectX Graphics Kernel Subsystem Elevation of Privilege Vulnerability (CVE-2018-1009) MS Rating: Important

An elevation of privilege vulnerability exists when Windows improperly handles objects in memory and incorrectly maps kernel memory. In a local attack scenario, an attacker could exploit this vulnerability by running a specially crafted application to take control over the affected system.

Microsoft JET Database Engine Remote Code Execution Vulnerability (CVE-2018-1003) MS Rating: Important

OpenType Font Driver Elevation of Privilege Vulnerability (CVE-2018-1008) MS Rating: Important

An elevation of privilege vulnerability exists in Windows Adobe Type Manager Font Driver (ATMFD. dll) when it fails to properly handle objects in memory.

Device Guard Security Feature Bypass Vulnerability (CVE-2018-0966) MS Rating: Important

A security feature bypass exists when Device Guard incorrectly validates an untrusted file. An attacker who successfully exploited this vulnerability could make an unsigned file appear to be signed.

Microsoft Wireless Keyboard 850 Security Feature Bypass Vulnerability (CVE-2018-8117) MS Rating: Important

A security feature bypass vulnerability exists in the Microsoft Wireless Keyboard 850 which could allow an attacker to reuse an AES encryption key to send keystrokes to other keyboard devices or to read keystrokes sent by other keyboards for the affected devices. An attacker would first have to extract the AES encryption key from the affected keyboard device.

Microsoft Graphics Component Denial of Service Vulnerability (CVE-2018-8116) MS Rating: Moderate

A denial of service vulnerability exists in the way that Windows handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding.

Microsoft Patch Tuesday – March 2018
This month the vendor has patched 74 vulnerabilities, 15 of which are rated Critical.
As always, customers are advised to follow these security best practices:

Install vendor patches as soon as they are available.
Run all software with the least privileges required while still maintaining functionality.
Avoid handling files from unknown or questionable sources.
Never visit sites of unknown or questionable integrity.
Block external access at the network perimeter to all key systems unless specific access is required.
Microsoft's summary of the March 2018 releases can be found here:
https://portal.msrc.microsoft.com/en-us/security-guidance

This month's update covers vulnerabilities in:

Internet Explorer
Microsoft Edge
Microsoft Office
ASP.NET Core
Microsoft Exchange Server
.NET Core
PowerShell Core
Microsoft Hyper-V
Microsoft Windows
ChakraCore

The following is a breakdown of the issues being addressed this month:

Cumulative Security Update for Microsoft Browsers

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-0872) MS Rating: Critical

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-0874) MS Rating: Critical

Scripting Engine Memory Corruption Vulnerability (CVE-2018-0876) MS Rating: Critical

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-0930) MS Rating: Critical

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-0931) MS Rating: Critical

Internet Explorer Information Disclosure Vulnerability (CVE-2018-0932) MS Rating: Critical

An information disclosure vulnerability exists when affected Microsoft browsers improperly handle objects in memory. An attacker can exploit this issue to obtain sensitive information to further compromise the user's system.

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-0933) MS Rating: Critical

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-0934) MS Rating: Critical

Scripting Engine Memory Corruption Vulnerability (CVE-2018-0889) MS Rating: Critical

Scripting Engine Memory Corruption Vulnerability (CVE-2018-0893) MS Rating: Critical

Scripting Engine Memory Corruption Vulnerability (CVE-2018-0925) MS Rating: Critical

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-0936) MS Rating: Critical

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-0937) MS Rating: Critical

Microsoft Edge Information Disclosure Vulnerability (CVE-2018-0939) MS Rating: Critical

An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge. An attacker can exploit this issue to obtain sensitive information to further compromise the user's system.

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-0873) MS Rating: Important

Microsoft Edge Information Disclosure Vulnerability (CVE-2018-0879) MS Rating: Important

Microsoft Browser Information Disclosure Vulnerability (CVE-2018-0891) MS Rating: Important

Microsoft Browser Information Disclosure Vulnerability (CVE-2018-0927) MS Rating: Important

Internet Explorer Information Disclosure Vulnerability (CVE-2018-0929) MS Rating: Important

An information disclosure vulnerability exists when Internet Explorer improperly handles objects in memory. An attacker can exploit this issue to obtain sensitive information to further compromise the user's system.

Internet Explorer Memory Corruption Vulnerability (CVE-2018-0935) MS Rating: Important

Internet Explorer Elevation of Privilege Vulnerability (CVE-2018-0942) MS Rating: Important

A privilege escalation vulnerability exists when Internet Explorer fails a check, allowing sandbox escape. An attacker who successfully exploited the vulnerability could use the sandbox escape to elevate privileges on an affected system.

Cumulative Security Update for Microsoft Office

Microsoft Sharepoint Elevation of Privilege Vulnerability (CVE-2018-0947) MS Rating: Critical

A privilege escalation vulnerability exists when Microsoft SharePoint Server does not properly verify tenant permissions. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. affected SharePoint server.

Microsoft Access Remote Code Execution Vulnerability (CVE-2018-0903) MS Rating: Important

A remote code execution vulnerability exists in Microsoft Access software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.

Microsoft Office Excel Security Bypass (CVE-2018-0907) MS Rating: Important

A security bypass vulnerability exists in Microsoft Office software by not enforcing macro settings on an Excel document. The Security Bypass by itself does not allow arbitrary code execution.

Microsoft SharePoint Elevation of Privilege Vulnerability (CVE-2018-0909) MS Rating: Important

Microsoft SharePoint Elevation of Privilege Vulnerability (CVE-2018-0910) MS Rating: Important

Microsoft SharePoint Elevation of Privilege Vulnerability (CVE-2018-0911) MS Rating: Important

Microsoft SharePoint Elevation of Privilege Vulnerability (CVE-2018-0912) MS Rating: Important

Microsoft SharePoint Elevation of Privilege Vulnerability (CVE-2018-0913) MS Rating: Important

Microsoft SharePoint Elevation of Privilege Vulnerability (CVE-2018-0914) MS Rating: Important

Microsoft SharePoint Elevation of Privilege Vulnerability (CVE-2018-0915) MS Rating: Important

Microsoft SharePoint Elevation of Privilege Vulnerability (CVE-2018-0916) MS Rating: Important

Microsoft SharePoint Elevation of Privilege Vulnerability (CVE-2018-0917) MS Rating: Important

Microsoft Office Information Disclosure Vulnerability (CVE-2018-0919) MS Rating: Important

Microsoft SharePoint Elevation of Privilege Vulnerability (CVE-2018-0921) MS Rating: Important

Microsoft Office Memory Corruption Vulnerability (CVE-2018-0922) MS Rating: Important

A remote code execution vulnerability exists in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.

Microsoft SharePoint Elevation of Privilege Vulnerability (CVE-2018-0923) MS Rating: Important

Microsoft Exchange Information Disclosure Vulnerability (CVE-2018-0941) MS Rating: Important

An information disclosure vulnerability exists in the way that Microsoft Exchange Server handles importing data. If an impacted user is using Microsoft Exchange Outlook Web Access (OWA).

Microsoft SharePoint Elevation of Privilege Vulnerability (CVE-2018-0944) MS Rating: Important

Microsoft Exchange Elevation of Privilege Vulnerability (CVE-2018-0940) MS Rating: Moderate

A privilege escalation vulnerability exists when Microsoft Exchange Outlook Web Access (OWA) fails to properly sanitize links presented to users.

Microsoft Exchange Information Disclosure Vulnerability (CVE-2018-0924) MS Rating: Low

An information disclosure vulnerability exists in the way that Microsoft Exchange Server handles URL redirects. If an impacted user is using Microsoft Exchange Outlook Web Access (OWA) Light.

Cumulative Security Update for Microsoft ASP.NET Core

ASP.NET Core Elevation Of Privilege Vulnerability (CVE-2018-0787) MS Rating: Important

A privilege escalation vulnerability exists when a Kestrel web application fails to validate web requests. An attacker who successfully exploited this vulnerability could perform HTML injection attacks.

ASP.NET Core Denial Of Service Vulnerability (CVE-2018-0808) MS Rating: Important

A denial of service vulnerability exists when ASP. NET Core improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against an ASP.NET Core web application.

.NET Core Denial of Service Vulnerability (CVE-2018-0875) MS Rating: Important

A denial of service vulnerability exists in the way that .NET Core handles specially crafted requests, causing a hash collision.

Cumulative Security Update for Microsoft Hyper-V

Windows Hyper-V Denial of Service Vulnerability (CVE-2018-0885) MS Rating: Important

Hyper-V Information Disclosure Vulnerability (CVE-2018-0888) MS Rating: Important

An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system.

Cumulative Security Update for Microsoft Windows Kernel

Windows Kernel Information Disclosure Vulnerability (CVE-2018-0811) MS Rating: Important

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application.

Windows Kernel Information Disclosure Vulnerability (CVE-2018-0813) MS Rating: Important

Windows Kernel Information Disclosure Vulnerability (CVE-2018-0814) MS Rating: Important

Windows Kernel Information Disclosure Vulnerability (CVE-2018-0894) MS Rating: Important

Windows Kernel Information Disclosure Vulnerability (CVE-2018-0895) MS Rating: Important

Windows Kernel Information Disclosure Vulnerability (CVE-2018-0896) MS Rating: Important

Windows Kernel Information Disclosure Vulnerability (CVE-2018-0897) MS Rating: Important

Windows Kernel Information Disclosure Vulnerability (CVE-2018-0898) MS Rating: Important

Windows Kernel Information Disclosure Vulnerability (CVE-2018-0899) MS Rating: Important

Windows Kernel Information Disclosure Vulnerability (CVE-2018-0900) MS Rating: Important

Windows Kernel Information Disclosure Vulnerability (CVE-2018-0901) MS Rating: Important

Windows Kernel Information Disclosure Vulnerability (CVE-2018-0904) MS Rating: Important

Windows Kernel Information Disclosure Vulnerability (CVE-2018-0926) MS Rating: Important

Win32k Elevation of Privilege Vulnerability (CVE-2018-0977) MS Rating: Important

Cumulative Security Update for Microsoft Windows

Windows GDI Elevation of Privilege Vulnerability (CVE-2018-0815) MS Rating: Important

A privilege escalation vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

Windows GDI Elevation of Privilege Vulnerability (CVE-2018-0816) MS Rating: Important

Windows GDI Elevation of Privilege Vulnerability (CVE-2018-0817) MS Rating: Important

Windows Installer Elevation of Privilege Vulnerability (CVE-2018-0868) MS Rating: Important

Windows Desktop Bridge VFS Elevation of Privilege Vulnerability (CVE-2018-0877) MS Rating: Important

A privilege escalation vulnerability exists in Windows when the Desktop Bridge VFS does not take into account user/kernel mode when managing file paths. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

Windows Remote Assistance Information Disclosure Vulnerability (CVE-2018-0878) MS Rating: Important

An information disclosure vulnerability exists when Windows Remote Assistance incorrectly processes XML External Entities (XXE).

Windows Desktop Bridge Elevation of Privilege Vulnerability (CVE-2018-0880) MS Rating: Important

Microsoft Video Control Elevation of Privilege Vulnerability (CVE-2018-0881) MS Rating: Important

A privilege escalation vulnerability exists in Windows when the Microsoft Video Control mishandles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in system mode.

Windows Desktop Bridge Elevation of Privilege Vulnerability (CVE-2018-0882) MS Rating: Important

Windows Shell Remote Code Execution Vulnerability (CVE-2018-0883) MS Rating: Important

A remote code execution vulnerability exists when Windows Shell does not properly validate file copy destinations. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.

Windows Security Bypass Vulnerability (CVE-2018-0884) MS Rating: Important

CredSSP Remote Code Execution Vulnerability (CVE-2018-0886) MS Rating: Important

A remote code execution vulnerability exists in the Credential Security Support Provider protocol (CredSSP).

CNG Security Bypass Vulnerability (CVE-2018-0902) MS Rating: Important

A security bypass vulnerability exists in the Cryptography Next Generation (CNG) kernel-mode driver (cng. sys) when it fails to properly validate and enforce impersonation levels.

Windows Storage Services Elevation of Privilege Vulnerability (CVE-2018-0983) MS Rating: Important

A privilege escalation vulnerability exists when Storage Services improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

Microsoft Patch Tuesday – February 2018
This month the vendor has patched 50 vulnerabilities, 14 of which are rated Critical.
As always, customers are advised to follow these security best practices:

Install vendor patches as soon as they are available.
Run all software with the least privileges required while still maintaining functionality.
Avoid handling files from unknown or questionable sources.
Never visit sites of unknown or questionable integrity.
Block external access at the network perimeter to all key systems unless specific access is required.
Microsoft's summary of the February 2018 releases can be found here:
https://portal.msrc.microsoft.com/en-us/security-guidance

This month's update covers vulnerabilities in:

Internet Explorer
Microsoft Edge
Microsoft Office
Microsoft Windows
ChakraCore

The following is a breakdown of the issues being addressed this month:

Cumulative Security Update for Microsoft Browsers

Microsoft Edge Information Disclosure Vulnerability (CVE-2018-0763) MS Rating: Critical

Scripting Engine Memory Corruption Vulnerability (CVE-2018-0834) MS Rating: Critical

Scripting Engine Memory Corruption Vulnerability (CVE-2018-0835) MS Rating: Critical

Scripting Engine Memory Corruption Vulnerability (CVE-2018-0837) MS Rating: Critical

Scripting Engine Memory Corruption Vulnerability (CVE-2018-0838) MS Rating: Critical

Scripting Engine Memory Corruption Vulnerability (CVE-2018-0840) MS Rating: Critical

Scripting Engine Memory Corruption Vulnerability (CVE-2018-0856) MS Rating: Critical

Scripting Engine Memory Corruption Vulnerability (CVE-2018-0857) MS Rating: Critical

Scripting Engine Memory Corruption Vulnerability (CVE-2018-0858) MS Rating: Critical

Scripting Engine Memory Corruption Vulnerability (CVE-2018-0859) MS Rating: Critical

Scripting Engine Memory Corruption Vulnerability (CVE-2018-0860) MS Rating: Critical

Scripting Engine Memory Corruption Vulnerability (CVE-2018-0861) MS Rating: Critical

Scripting Engine Memory Corruption Vulnerability (CVE-2018-0836) MS Rating: Important

Microsoft Edge Information Disclosure Vulnerability (CVE-2018-0839) MS Rating: Important

Windows Scripting Engine Memory Corruption Vulnerability (CVE-2018-0847) MS Rating: Important

An information disclosure vulnerability exists when VBScript improperly discloses the contents of its memory. An attacker can exploit this issue to obtain sensitive information to further compromise the user’s system.

Scripting Engine Memory Corruption Vulnerability (CVE-2018-0866) MS Rating: Important

Microsoft Edge Security Feature Bypass (CVE-2018-0771) MS Rating: Moderate

Cumulative Security Update for Microsoft Office

Microsoft Outlook Memory Corruption Vulnerability (CVE-2018-0852) MS Rating: Critical

A remote code execution vulnerability exists in Microsoft Outlook when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.

Microsoft Outlook Elevation of Privilege Vulnerability (CVE-2018-0850) MS Rating: Important

A privilege escalation vulnerability exists when Outlook initiates processing of incoming messages without sufficient validation of the formatting of the messages. An attacker who successfully exploited the vulnerability could attempt to force Outlook to load a local or remote message store (over SMB).

Microsoft Office Memory Corruption Vulnerability (CVE-2018-0851) MS Rating: Important

Microsoft Office Information Disclosure Vulnerability (CVE-2018-0853) MS Rating: Important

Microsoft SharePoint Elevation of Privilege Vulnerability (CVE-2018-0864) MS Rating: Important

Microsoft SharePoint Elevation of Privilege Vulnerability (CVE-2018-0869) MS Rating: Important

Microsoft Excel Remote Code Execution Vulnerability (CVE-2018-0841) MS Rating: Important

Cumulative Security Update for Microsoft Windows Kernel

Windows Kernel Elevation of Privilege Vulnerability (CVE-2018-0742) MS Rating: Important

Windows Kernel Elevation of Privilege Vulnerability (CVE-2018-0756) MS Rating: Important

Windows Kernel Information Disclosure Vulnerability (CVE-2018-0757) MS Rating: Important

Windows Kernel Information Disclosure Vulnerability (CVE-2018-0810) MS Rating: Important

Windows Kernel Elevation Of Privilege Vulnerability (CVE-2018-0820) MS Rating: Important

Windows Kernel Information Disclosure Vulnerability (CVE-2018-0829) MS Rating: Important

Windows Kernel Information Disclosure Vulnerability (CVE-2018-0830) MS Rating: Important

Windows Kernel Elevation of Privilege Vulnerability (CVE-2018-0831) MS Rating: Important

Windows Kernel Information Disclosure Vulnerability (CVE-2018-0843) MS Rating: Important

Cumulative Security Update for Microsoft Windows

StructuredQuery Remote Code Execution Vulnerability (CVE-2018-0825) MS Rating: Critical

A remote code execution vulnerability exists in StructuredQuery when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.

Windows EOT Font Information Disclosure Vulnerability (CVE-2018-0755) MS Rating: Important

An information disclosure vulnerability exists in the way that the Microsoft Windows Embedded OpenType (EOT) font engine parses specially crafted embedded fonts. An attacker who successfully exploited this vulnerability could potentially read data that was not intended to be disclosed.

Windows EOT Font Information Disclosure Vulnerability (CVE-2018-0760) MS Rating: Important

Windows EOT Font Information Disclosure Vulnerability (CVE-2018-0761) MS Rating: Important

Windows EOT Font Information Disclosure Vulnerability (CVE-2018-0855) MS Rating: Important

Windows Elevation of Privilege Vulnerability (CVE-2018-0809) MS Rating: Important

Windows AppContainer Elevation Of Privilege Vulnerability (CVE-2018-0821) MS Rating: Important

A privilege escalation vulnerability exists when AppContainer improperly implements constrained impersonation. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

Windows NTFS Global Reparse Point Elevation of Privilege Vulnerability (CVE-2018-0822) MS Rating: Important

A privilege escalation vulnerability exist when NTFS improperly handles objects. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

Windows Storage Services Elevation of Privilege Vulnerability (CVE-2018-0826) MS Rating: Important

A privilege escalation vulnerability exist when Storage Services improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

Windows Security Feature Bypass Vulnerability (CVE-2018-0827) MS Rating: Important

Windows Elevation of Privilege Vulnerability (CVE-2018-0828) MS Rating: Important

A privilege escalation vulnerability exists in Microsoft Windows when the MultiPoint management account password is improperly secured. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated privileges.

Windows Information Disclosure Vulnerability (CVE-2018-0832) MS Rating: Important

Windows Remote Code Execution Vulnerability (CVE-2018-0842) MS Rating: Important

A remote code execution vulnerability exist when Windows improperly handles objects in memory. An attacker who successfully exploited these vulnerabilities could take control of an affected system.

Windows Common Log File System Driver Elevation Of Privilege Vulnerability (CVE-2018-0844) MS Rating: Important

A privilege escalation vulnerability exist when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

Windows Common Log File System Driver Elevation Of Privilege Vulnerability (CVE-2018-0846) MS Rating: Important

Named Pipe File System Elevation of Privilege Vulnerability (CVE-2018-0823) MS Rating: Important

A privilege escalation vulnerability exist when Named Pipe File System improperly handles objects. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

SMBv2/SMBv3 Null Dereference Denial of Service Vulnerability (CVE-2018-0833) MS Rating: Moderate

A denial of service vulnerability exists in implementations of the Microsoft Server Message Block. The vulnerability is due to improper handling of certain requests sent by a malicious SMB server to the client.

Microsoft Patch Tuesday – January 2018
This month the vendor has patched 59 vulnerabilities, 17 of which are rated Critical.
Hello, welcome to this month's blog on the Microsoft patch release. This month the vendor has patched 59 vulnerabilities, 17 of which are rated Critical. Please note 33 CVEs were released out-of-band on January 3, 2018.

As always, customers are advised to follow these security best practices:

Install vendor patches as soon as they are available.
Run all software with the least privileges required while still maintaining functionality.
Avoid handling files from unknown or questionable sources.
Never visit sites of unknown or questionable integrity.
Block external access at the network perimeter to all key systems unless specific access is required.
Microsoft's summary of the January 2018 releases can be found here:
https://portal.msrc.microsoft.com/en-us/security-guidance

This month's update covers vulnerabilities in:

Internet Explorer
Microsoft Edge
Microsoft Windows
Microsoft Office
SQL Server
ChakraCore
.NET Framework
.NET Core
ASP.NET Core
The following is a breakdown of the issues being addressed this month:

Cumulative Security Update for CPU Microcode

Vulnerability in CPU Microcode Could Allow Information Disclosure (CVE-2017-5715) MS Rating: Important

A security vulnerability referred to as 'speculative execution side-channel attacks' affect many modern processors and operating systems including Intel, AMD, and ARM.

Vulnerability in CPU Microcode Could Allow Information Disclosure (CVE-2017-5753) MS Rating: Important

A security vulnerability referred to as 'speculative execution side-channel attacks' affect many modern processors and operating systems including Intel, AMD, and ARM.

Vulnerability in CPU Microcode Could Allow Information Disclosure (CVE-2017-5754) MS Rating: Important

A security vulnerability referred to as 'speculative execution side-channel attacks' affect many modern processors and operating systems including Intel, AMD, and ARM.

Cumulative Security Update for Microsoft Browsers

Scripting Engine Security Feature Bypass (CVE-2018-0818) MS Rating: Important

A security feature bypass vulnerability exists in the Microsoft Chakra scripting engine that allows Control Flow Guard (CFG) to be bypassed.

Scripting Engine Information Disclosure Vulnerability (CVE-2018-0767) MS Rating: Critical

An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge. An attacker can exploit this issue to obtain information to further compromise the user's system.

Scripting Engine Memory Corruption Vulnerability (CVE-2018-0768) MS Rating: Important

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. An attacker can exploit this issue to execute arbitrary code in the context of the current user.

Scripting Engine Memory Corruption Vulnerability (CVE-2018-0769) MS Rating: Critical

Scripting Engine Memory Corruption Vulnerability (CVE-2018-0770) MS Rating: Critical

Scripting Engine Memory Corruption Vulnerability (CVE-2018-0772) MS Rating: Critical

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. An attacker can exploit this issue to execute arbitrary code in the context of the current user.

Scripting Engine Memory Corruption Vulnerability (CVE-2018-0773) MS Rating: Critical

Scripting Engine Memory Corruption Vulnerability (CVE-2018-0774) MS Rating: Critical

Scripting Engine Memory Corruption Vulnerability (CVE-2018-0775) MS Rating: Critical

Scripting Engine Memory Corruption Vulnerability (CVE-2018-0776) MS Rating: Critical

Scripting Engine Memory Corruption Vulnerability (CVE-2018-0777) MS Rating: Critical

Scripting Engine Memory Corruption Vulnerability (CVE-2018-0778) MS Rating: Critical

Scripting Engine Information Disclosure Vulnerability (CVE-2018-0780) MS Rating: Critical

An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge. An attacker can exploit this issue to obtain information to further compromise the user's system.

Scripting Engine Memory Corruption Vulnerability (CVE-2018-0781) MS Rating: Critical

Scripting Engine Information Disclosure Vulnerability (CVE-2018-0800) MS Rating: Critical

An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge. An attacker can exploit this issue to obtain information to further compromise the user's system.

Scripting Engine Memory Corruption Vulnerability (CVE-2018-0758) MS Rating: Critical

Scripting Engine Memory Corruption Vulnerability (CVE-2018-0762) MS Rating: Critical

Microsoft Edge Information Disclosure Vulnerability (CVE-2018-0766) MS Rating: Important

An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory. An attacker can exploit this issue to obtain information to further compromise the user's system.

Microsoft Edge Elevation of Privilege Vulnerability (CVE-2018-0803) MS Rating: Important

An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies. An attacker can exploit this issue to gain access to the information from one domain and inject it into another domain.

Cumulative Security Update for Microsoft Office

Microsoft SharePoint Cross Site Scripting Elevation of Privilege Vulnerability (CVE-2018-0789) MS Rating: Important

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An attacker can exploit this issue by sending a specially crafted request to an affected SharePoint server.

Microsoft SharePoint Cross Site Scripting Elevation of Privilege Vulnerability (CVE-2018-0790) MS Rating: Important

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An attacker can exploit this issue by sending a specially crafted request to an affected SharePoint server.

Microsoft Outlook Remote Code Execution Vulnerability (CVE-2018-0791) MS Rating: Important

A remote code execution vulnerability exists in the way that Microsoft Outlook parses specially crafted email messages. An attacker can exploit this issue to take control of an affected system.

Microsoft Word Remote Code Execution (CVE-2018-0792) MS Rating: Important

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker can exploit this issue to run arbitrary code in the context of the current user.

Microsoft Outlook Remote Code Execution (CVE-2018-0793) MS Rating: Important

A remote code execution vulnerability exists in the way that Microsoft Outlook parses specially crafted email messages. An attacker can exploit this issue to take control of an affected system.

Microsoft Word Remote Code Execution (CVE-2018-0794) MS Rating: Important

Microsoft Office Remote Code Execution (CVE-2018-0795) MS Rating: Important

Microsoft Excel Remote Code Execution (CVE-2018-0796) MS Rating: Important

Microsoft Word Memory Corruption Vulnerability (CVE-2018-0797) MS Rating: Critical

An Office RTF remote code execution vulnerability exists in Microsoft Office software when the Office software fails to properly handle RTF files. An attacker can exploit this issue to run arbitrary code in the context of the current user.

Microsoft Office Memory Corruption Vulnerability (CVE-2018-0798) MS Rating: Important

Microsoft Office Remote Code Execution Vulnerability (CVE-2018-0801) MS Rating: Important

Microsoft Office Memory Corruption Vulnerability (CVE-2018-0802) MS Rating: Important

Microsoft Office Memory Corruption Vulnerability (CVE-2018-0804) MS Rating: Low

Microsoft Office Memory Corruption Vulnerability (CVE-2018-0805) MS Rating: Important

Microsoft Office Memory Corruption Vulnerability (CVE-2018-0806) MS Rating: Important

Microsoft Office Memory Corruption Vulnerability (CVE-2018-0807) MS Rating: Important

Microsoft Office Memory Corruption Vulnerability (CVE-2018-0812) MS Rating: Important

Microsoft Office Memory Corruption Vulnerability (CVE-2018-0819) MS Rating: Important

Microsoft Access Tampering Vulnerability (CVE-2018-0799) MS Rating: Important

A cross-site-scripting (XSS) vulnerability exists when Microsoft Access does not properly sanitize inputs to image fields edited within Design view. An attacker can exploit this issue by sending a specially crafted file to a victim, or by hosting the file on a web server.

Cumulative Security Update for ASP.NET

ASP.NET Core Elevation Of Privilege Vulnerability (CVE-2018-0784) MS Rating: Important

An elevation of privilege vulnerability exists when the ASP.NET Core fails to properly sanitize web requests. An attacker can exploit this issue to perform content injection attacks and run script in the security context of the logged-on user.

ASP.NET Core Cross Site Request Forgery Vulnerabilty (CVE-2018-0785) MS Rating: Moderate

A Cross Site Request Forgery (CSRF) vulnerability exists when a ASP.NET Core web application is created using vulnerable project templates. An attacker can exploit this issue to change the recovery codes associated with the victim's user account without his/her consent.

Cumulative Security Update for .NET Framework

.NET Security Feature Bypass Vulnerability (CVE-2018-0786) MS Rating: Important

A security feature bypass vulnerability exists when Microsoft .NET Framework (and .NET Core) components do not completely validate certificates. An attacker can exploit this issue by presenting a certificate that is marked invalid for a specific use, but the component uses it for that purpose.

.NET and .NET Core Denial Of Service Vulnerability (CVE-2018-0764) MS Rating: Important

A Denial of Service vulnerability exists when .NET, and .NET core, improperly process XML documents. An attacker can exploit this issue to cause a denial of service against a .NET application.

Cumulative Security Update for Microsoft Windows

Microsoft Color Management Information Disclosure Vulnerability (CVE-2018-0741) MS Rating: Important

An information disclosure vulnerabilities exists in the way that the Color Management Module (ICM32.dll) handles objects in memory. An attacker can exploit this issue to retrieve information to bypass usermode ASLR (Address Space Layout Randomization) on a targeted system.

Windows Subsystem for Linux Elevation of Privilege Vulnerability (CVE-2018-0743) MS Rating: Important

An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux. An attacker can exploit this issue to execute code with elevated permissions.

Windows Elevation of Privilege Vulnerability (CVE-2018-0744) MS Rating: Important

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker can exploit this issue to run arbitrary code in kernel mode.

Windows Information Disclosure Vulnerability (CVE-2018-0745) MS Rating: Important

An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass. An attacker can exploit this issue to retrieve the memory address of a kernel object.

Windows Information Disclosure Vulnerability (CVE-2018-0746) MS Rating: Important

An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass. An attacker can exploit this issue to retrieve the memory address of a kernel object.

Windows Information Disclosure Vulnerability (CVE-2018-0747) MS Rating: Important

An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass. An attacker can exploit this issue to retrieve the memory address of a kernel object.

Windows Elevation of Privilege Vulnerability (CVE-2018-0748) MS Rating: Important

An elevation of privilege vulnerability exists in the way that the Windows Kernel API enforces permissions. An attacker can exploit this issue to impersonate processes, interject cross-process communication, or interrupt system functionality.

SMB Server Elevation of Privilege Vulnerability (CVE-2018-0749) MS Rating: Important

An elevation of privilege vulnerability exists in the Microsoft Server Message Block (SMB) Server when an attacker with valid credentials attempts to open a specially crafted file over the SMB protocol on the same machine. An attacker can exploit this issue to bypass certain security checks in the operating system.

Windows GDI Information Disclosure Vulnerability (CVE-2018-0750) MS Rating: Important

A Win32k information disclosure vulnerability exists when the Windows GDI component improperly discloses kernel memory addresses. An attacker can exploit this issue to obtain information to further compromise the user's system.

Windows Elevation of Privilege Vulnerability (CVE-2018-0751) MS Rating: Important

Windows Elevation of Privilege Vulnerability (CVE-2018-0752) MS Rating: Important

Windows IPSec Denial of Service Vulnerability (CVE-2018-0753) MS Rating: Important

A denial of service vulnerability exists in the way that Windows handles objects in memory. An attacker can exploit this issue cause a target system to stop responding.

ATMFD.dll Information Disclosure Vulnerability (CVE-2018-0754) MS Rating: Important

An information disclosure vulnerability exists in Adobe Type Manager Font Driver (ATMFD.dll) when it fails to properly handle objects in memory. An attacker can exploit this issue to potentially read data that was not intended to be disclosed.

ATMFD.dll Information Disclosure Vulnerability (CVE-2018-0788) MS Rating: Important