Symantec product detections for Microsoft monthly Security Bulletins - January 2018

book

Article ID: 170752

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

This document describes Symantec product detections for the Microsoft vulnerabilities for which Microsoft releases patches in their monthly Security Bulletins.

Note: Symantec posts this information shortly after it becomes available from Microsoft. Any missing information will be added to the document as it becomes available.
Note: These have been referred to previously as Security Advisories. The language has been updated to Security Bulletins to maintain cadence with Microsoft's terminology
Note: The fields for KB and Bulletin are no longer populated or used by Microsoft, and they no longer appear here as of April 2017 

Resolution

 

ID and Rating

CAN/CVE ID: ADV180001

BID: N/A

Microsoft Rating: Critical

Vulnerability Type

January 2018 Adobe Flash Security Update

Vulnerability Affects

See Adobe.com for details

Details

See Adobe.com for details

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0758

BID: 102405

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability
Remote Code Execution

Vulnerability Affects

Microsoft Edge

Details

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. An attacker can exploit this issue to execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Web Attack: CVE-2018-0758 Remote Memory Corruption Vulnerability

Other Detections

AV: Exp.CVE-2018-0758

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0762

BID: 102408

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability
Remote Code Execution

Vulnerability Affects

Microsoft Edge Microsoft Internet Explorer 9 Microsoft Internet Explorer 10 Microsoft Internet Explorer 11

Details

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. An attacker can exploit this issue to execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: Exp.CVE-2018-0762

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0767

BID: 102393

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Edge

 

Details

An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge. An attacker can exploit this issue to obtain information to further compromise the user’s system.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0769

BID: 102396

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability
Remote Code Execution

Vulnerability Affects

Microsoft Edge

 

Details

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. An attacker can exploit this issue to execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: Exp.CVE-2018-0769

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0770

BID: 102397

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability
Remote Code Execution

Vulnerability Affects

Microsoft Edge

Details

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. An attacker can exploit this issue to execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0772

BID: 102409

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability
Remote Code Execution

Vulnerability Affects

Microsoft Edge Microsoft Internet Explorer 9 Microsoft Internet Explorer 10 Microsoft Internet Explorer 11

Details

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. An attacker can exploit this issue to execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0773

BID: 102398

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability
Remote Code Execution

Vulnerability Affects

Microsoft Edge

Details

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. An attacker can exploit this issue to execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Web Attack: CVE-2018-0773 Remote Memory Corruption Vulnerability

Other Detections

AV: Exp.CVE-2018-0773

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0774

BID: 102399

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability
Remote Code Execution

Vulnerability Affects

Microsoft Edge

Details

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. An attacker can exploit this issue to execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: Exp.CVE-2018-0774

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0775

BID: 102400

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability
Remote Code Execution

Vulnerability Affects

Microsoft Edge

 

Details

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. An attacker can exploit this issue to execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: Exp.CVE-2018-0775

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0776

BID: 102401

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability
Remote Code Execution

Vulnerability Affects

Microsoft Edge

Details

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. An attacker can exploit this issue to execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: Exp.CVE-2018-0776

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0777

BID: 102402

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability
Remote Code Execution

Vulnerability Affects

Microsoft Edge

 

Details

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. An attacker can exploit this issue to execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: Exp.CVE-2018-0777

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0778

BID: 102403

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability
Remote Code Execution

Vulnerability Affects

Microsoft Edge

 

Details

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. An attacker can exploit this issue to execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0780

BID: 102389

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Edge

Details

An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge. An attacker can exploit this issue to obtain information to further compromise the user’s system.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0781

BID: 102404

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability
Remote Code Execution

Vulnerability Affects

Microsoft Edge

Details

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. An attacker can exploit this issue to execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0797

BID: 102406

Microsoft Rating: Critical

Vulnerability Type

Microsoft Word Memory Corruption Vulnerability
Remote Code Execution

Vulnerability Affects

Microsoft Word 2007 SP3 Microsoft Word 2010 Service Pack 2 (32-bit editions) Microsoft Word 2010 Service Pack 2 (64-bit editions) Microsoft Office 2010 Service Pack 2 (32-bit editions) Microsoft Office 2010 Service Pack 2 (64-bit editions) Microsoft Word 2016 (32-bit edition) Microsoft Word 2016 (64-bit edition) Microsoft SharePoint Server 2010 SP2 Microsoft Office Web Apps 2010 SP2 Microsoft Word 2013 Service Pack 1 (32-bit editions) Microsoft Word 2013 Service Pack 1 (64-bit editions) Microsoft Word 2013 RT Service Pack 1 Microsoft Office Web Apps Server 2013 SP1 Microsoft Office Online Server 2016 Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Enterprise Server 2013 Service Pack 1 Microsoft Office Word Viewer Microsoft Office Compatibility Pack Service Pack 3

Details

An Office RTF remote code execution vulnerability exists in Microsoft Office software when the Office software fails to properly handle RTF files. An attacker can exploit this issue to run arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: Exp.CVE-2018-0797

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0800

BID: 102392

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Edge

Details

An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge. An attacker can exploit this issue to obtain information to further compromise the user’s system.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

 

ID and Rating

CAN/CVE ID: CVE-2018-0741

BID: 102349

Microsoft Rating: Important

Vulnerability Type

Microsoft Color Management Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2

Details

An information disclosure vulnerabilities exists in the way that the Color Management Module (ICM32.dll) handles objects in memory. An attacker can exploit this issue to retrieve information to bypass usermode ASLR (Address Space Layout Randomization) on a targeted system.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0743

BID: 102350

Microsoft Rating: Important

Vulnerability Type

Windows Subsystem for Linux Elevation of Privilege Vulnerability
Elevation of Privilege

Vulnerability Affects

Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems

Details

An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux. An attacker can exploit this issue to execute code with elevated permissions.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0744

BID: 102351

Microsoft Rating: Important

Vulnerability Type

Windows Elevation of Privilege Vulnerability
Elevation of Privilege

Vulnerability Affects

Microsoft Windows Server 2012 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems

Details

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker can exploit this issue to run arbitrary code in kernel mode.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0745

BID: 102353

Microsoft Rating: Important

Vulnerability Type

Windows Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems

Details

An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass. An attacker can exploit this issue to retrieve the memory address of a kernel object.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0746

BID: 102365

Microsoft Rating: Important

Vulnerability Type

Windows Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Windows Server 2012 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems

Details

 An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass. An attacker can exploit this issue to retrieve the memory address of a kernel object.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0747

BID: 102366

Microsoft Rating: Important

Vulnerability Type

Windows Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Windows Server 2012 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems

Details

An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass. An attacker can exploit this issue to retrieve the memory address of a kernel object.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0748

BID: 102354

Microsoft Rating: Important

Vulnerability Type

Windows Elevation of Privilege Vulnerability
Elevation of Privilege

Vulnerability Affects

Microsoft Windows Server 2012 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems

Details

An elevation of privilege vulnerability exists in the way that the Windows Kernel API enforces permissions. An attacker can exploit this issue to impersonate processes, interject cross-process communication, or interrupt system functionality.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0749

BID: 102355

Microsoft Rating: Important

Vulnerability Type

SMB Server Elevation of Privilege Vulnerability
Elevation of Privilege

Vulnerability Affects

Microsoft Windows Server 2012 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems

Details

An elevation of privilege vulnerability exists in the Microsoft Server Message Block (SMB) Server when an attacker with valid credentials attempts to open a specially crafted file over the SMB protocol on the same machine. An attacker can exploit this issue to bypass certain security checks in the operating system.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0750

BID: 102357

Microsoft Rating: Important

Vulnerability Type

Windows GDI Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2

Details

A Win32k information disclosure vulnerability exists when the Windows GDI component improperly discloses kernel memory addresses. An attacker can exploit this issue to obtain information to further compromise the user’s system.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0751

BID: 102359

Microsoft Rating: Important

Vulnerability Type

Windows Elevation of Privilege Vulnerability
Elevation of Privilege

Vulnerability Affects

Microsoft Windows Server 2012 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems

Details

An elevation of privilege vulnerability exists in the way that the Windows Kernel API enforces permissions. An attacker can exploit this issue to impersonate processes, interject cross-process communication, or interrupt system functionality.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0752

BID: 102360

Microsoft Rating: Important

Vulnerability Type

Windows Elevation of Privilege Vulnerability
Elevation of Privilege

Vulnerability Affects

Microsoft Windows Server 2012 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems

Details

An elevation of privilege vulnerability exists in the way that the Windows Kernel API enforces permissions. An attacker can exploit this issue to impersonate processes, interject cross-process communication, or interrupt system functionality.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0753

BID: 102361

Microsoft Rating: Important

Vulnerability Type

Windows IPSec Denial of Service Vulnerability
Denial of Service

Vulnerability Affects

Microsoft Windows Server 2012 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems

Details

 A denial of service vulnerability exists in the way that Windows handles objects in memory. An attacker can exploit this issue cause a target system to stop responding.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0754

BID: 102362

Microsoft Rating: Important

Vulnerability Type

ATMFD.dll Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Windows Server 2012 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems

Details

An information disclosure vulnerability exists in Adobe Type Manager Font Driver (ATMFD.dll) when it fails to properly handle objects in memory. An attacker can exploit this issue to potentially read data that was not intended to be disclosed.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0764

BID: 102387

Microsoft Rating: Important

Vulnerability Type

.NET and .NET Core Denial Of Service Vulnerability
Denial of Service

Vulnerability Affects

Microsoft .NET Framework 4.5.2 Microsoft .NET Framework 4.6 Microsoft .NET Framework 4.6.1 Microsoft .NET Framework 4.6.2 Microsoft .NET Framework 4.7 Microsoft .NET Framework 3.5 Microsoft .NET Framework 3.0 SP2 Microsoft .NET Framework 2.0 SP2 Microsoft .NET Framework 3.5.1 Microsoft Windows Server 2012 Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1

Details

A Denial of Service vulnerability exists when .NET, and .NET core, improperly process XML documents. An attacker can exploit this issue to cause a denial of service against a .NET application.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0766

BID: 102388

Microsoft Rating: Important

Vulnerability Type

Microsoft Edge Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Edge

Details

An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory. An attacker can exploit this issue to obtain information to further compromise the user’s system.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0768

BID: 102395

Microsoft Rating: Important

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability
Remote Code Execution

Vulnerability Affects

Microsoft Edge Microsoft ChakraCore

Details

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. An attacker can exploit this issue to execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0784

BID: 102377

Microsoft Rating: Important

Vulnerability Type

ASP.NET Core Elevation Of Privilege Vulnerability
Elevation of Privilege

Vulnerability Affects

Microsoft ASP.NET Microsoft ASP.NET Core 2.0 Microsoft Windows 10 version 1703 for 32-bit Systems

Details

An elevation of privilege vulnerability exists when the ASP.NET Core fails to properly sanitize web requests. An attacker can exploit this issue to perform content injection attacks and run script in the security context of the logged-on user.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0786

BID: 102380

Microsoft Rating: Important

Vulnerability Type

.NET Security Feature Bypass Vulnerability
Security Feature Bypass

Vulnerability Affects

Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows RT 8.1 Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows Server 2012 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 Datacenter SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft .NET Framework 4.5.2 Microsoft .NET Framework 4.6 Microsoft .NET Framework 4.6.1 Microsoft .NET Framework 4.6.2 Microsoft .NET Framework 4.7 Microsoft .NET Framework 3.5 Microsoft .NET Framework 3.0 SP2 Microsoft .NET Framework 3.5.1 Microsoft .NET Framework 2.0

Details

A security feature bypass vulnerability exists when Microsoft .NET Framework (and .NET Core) components do not completely validate certificates. An attacker can exploit this issue by presenting a certificate that is marked invalid for a specific use, but the component uses it for that purpose.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0787

BID: 102385

Microsoft Rating: Important

Vulnerability Type

ASP.NET Core Elevation Of Privilege Vulnerability
Elevation of Privilege

Vulnerability Affects

Microsoft ASP.NET Microsoft ASP.NET Core 2.0 Microsoft Windows 10 version 1703 for 32-bit Systems

Details

An Elevation of privilege vulnerability exists when web applications built from Visual Studio templates fail to validate web requests. An attacker can exploit this issue to perform Cross-Site Request Forgery(CSRF/XSRF) attacks.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0788

BID: 102364

Microsoft Rating: Important

Vulnerability Type

ATMFD.dll Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for 64-bit Systems Microsoft Windows Server 2012 R2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2

Details

An information disclosure vulnerability exists in Adobe Type Manager Font Driver (ATMFD.dll) when it fails to properly handle objects in memory. An attacker can exploit this issue to potentially read data that was not intended to be disclosed.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0789

BID: 102394

Microsoft Rating: Important

Vulnerability Type

Microsoft Office Spoofing Vulnerability
Spoofing

Vulnerability Affects

Microsoft SharePoint Server 2010 SP2 Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Enterprise Server 2013 Service Pack 1 Microsoft Outlook

Details

A spoofing vulnerability exists when Microsoft Outlook does not strictly adhere to RFC2046, and improperly identifies the end of a MIME attachment. An attacker can exploit this issue using improper MIME attachment ending that may cause antivirus or antispam scanning to not work as intended.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0790

BID: 102391

Microsoft Rating: Important

Vulnerability Type

Microsoft Office Information Disclosure Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft SharePoint Foundation 2010 SP2 Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Enterprise Server 2013 Service Pack 1

Details

An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory. An attacker can exploit this issue to compromise the user’s computer or data.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0791

BID: 102383

Microsoft Rating: Important

Vulnerability Type

Microsoft Outlook Remote Code Execution Vulnerability
Remote Code Execution

Vulnerability Affects

Microsoft Outlook 2007 Service Pack 3 Microsoft Outlook 2010 (32-bit editions) Service Pack 2 Microsoft Outlook 2010 (64-bit editions) Service Pack 2 Microsoft Outlook 2013 RT Service Pack 1 Microsoft Outlook 2016 (32-bit editions) Microsoft Outlook 2016 (64-bit editions) Microsoft Outlook 2013 Service Pack 1 (32-bit editions) Microsoft Outlook 2013 Service Pack 1 (64-bit editions)

Details

A remote code execution vulnerability exists in the way that Microsoft Outlook parses specially crafted email messages. An attacker can exploit this issue to take control of an affected system.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0792

BID: 102381

Microsoft Rating: Important

Vulnerability Type

Microsoft Word Remote Code Execution
Remote Code Execution

Vulnerability Affects

Microsoft Word 2016 (32-bit edition) Microsoft Word 2016 (64-bit edition) Microsoft Office Online Server 2016 Microsoft SharePoint Enterprise Server 2016

Details

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker can exploit this issue to run arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0793

BID: 102375

Microsoft Rating: Important

Vulnerability Type

Microsoft Outlook Remote Code Execution
Remote Code Execution

Vulnerability Affects

Microsoft Word 2007 Service Pack 3 Microsoft Word 2010 Service Pack 2 (32-bit editions) Microsoft Word 2010 Service Pack 2 (64-bit editions) Microsoft Office 2010 Service Pack 2 (32-bit editions) Microsoft Office 2010 Service Pack 2 (64-bit editions) Microsoft Word 2013 Service Pack 1 (32-bit editions) Microsoft Word 2013 Service Pack 1 (64-bit editions) Microsoft Word 2013 RT Service Pack 1 Microsoft Word 2016 (32-bit edition) Microsoft Word 2016 (64-bit edition) Microsoft Office Compatibility Pack Service Pack 3 Microsoft Outlook

Details

A remote code execution vulnerability exists in the way that Microsoft Outlook parses specially crafted email messages. An attacker can exploit this issue to take control of an affected system.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0794

BID: 102373

Microsoft Rating: Important

Vulnerability Type

Microsoft Word Remote Code Execution
Remote Code Execution

Vulnerability Affects

Microsoft Word 2007 SP3 Microsoft Word 2010 Service Pack 2 (32-bit editions) Microsoft Word 2010 Service Pack 2 (64-bit editions) Microsoft Office 2010 Service Pack 2 (32-bit editions) Microsoft Office 2010 Service Pack 2 (64-bit editions) Microsoft Word 2016 (32-bit edition) Microsoft Word 2016 (64-bit edition) Microsoft Office Compatibility Pack SP3 Microsoft Word 2013 Service Pack 1 (32-bit editions) Microsoft Word 2013 Service Pack 1 (64-bit editions) Microsoft Word 2013 RT Service Pack 1

Details

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker can exploit this issue to run arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0795

BID: 102356

Microsoft Rating: Important

Vulnerability Type

Microsoft Office Remote Code Execution
Remote Code Execution

Vulnerability Affects

Microsoft Office 2016 (32-bit edition) Microsoft Office 2016 (64-bit edition) Microsoft Office 2013 Service Pack 1 (32-bit editions) Microsoft Office 2013 Service Pack 1 (64-bit editions) Microsoft Office 2010 Service Pack 2 (32-bit editions) Microsoft Office 2010 Service Pack 2 (64-bit editions) Microsoft Office 2013 RT Service Pack 1

Details

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker can exploit this issue to run arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0796

BID: 102372

Microsoft Rating: Important

Vulnerability Type

Microsoft Excel Remote Code Execution
Remote Code Execution

Vulnerability Affects

Microsoft Office Compatibility Pack SP3 Microsoft Excel 2007 SP3 Microsoft Excel Viewer 2007 Service Pack 3 Microsoft Excel 2010 Service Pack 2 (32-bit editions) Microsoft Excel 2010 Service Pack 2 (64-bit editions) Microsoft Excel 2013 Service Pack 1 (32-bit editions) Microsoft Excel 2013 Service Pack 1 (64-bit editions) Microsoft Excel 2013 RT Service Pack 1 Microsoft Excel 2016 (32-bit editions) Microsoft Excel 2016 (64-bit editions)

Details

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker can exploit this issue to run arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0798

BID: 102370

Microsoft Rating: Important

Vulnerability Type

Microsoft Word Memory Corruption Vulnerability
Remote Code Execution

Vulnerability Affects

Microsoft Word 2007 SP3 Microsoft Word 2013 (32-bit editions) Microsoft Word 2013 (64-bit editions) Microsoft Word 2013 RT Microsoft Word 2010 Service Pack 2 (32-bit editions) Microsoft Word 2010 Service Pack 2 (64-bit editions) Microsoft Office 2010 Service Pack 2 (32-bit editions) Microsoft Office 2010 Service Pack 2 (64-bit editions) Microsoft Office 2013 Service Pack 1 (32-bit editions) Microsoft Office 2013 Service Pack 1 (64-bit editions) Microsoft Office 2013 RT Service Pack 1 Microsoft Word 2016 (32-bit edition) Microsoft Word 2016 (64-bit edition) Microsoft Office 2016 (32-bit edition) Microsoft Office 2016 (64-bit edition) Microsoft Office Compatibility Pack SP3 Microsoft Office 2007 SP3

 

Details

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker can exploit this issue to run arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0799

BID: 102411

Microsoft Rating: Important

Vulnerability Type

Microsoft Access Tampering Vulnerability
Tampering

Vulnerability Affects

Microsoft SharePoint Enterprise Server 2013 Service Pack 1 Microsoft SharePoint Enterprise Server 2016

Details

A cross-site-scripting (XSS) vulnerability exists when Microsoft Access does not properly sanitize inputs to image fields edited within Design view. An attacker can exploit this issue by sending a specially crafted file to a victim, or by hosting the file on a web server.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0801

BID: 102348

Microsoft Rating: Important

Vulnerability Type

Microsoft Office Remote Code Execution Vulnerability
Remote Code Execution

Vulnerability Affects

Microsoft Office 2016 (32-bit edition) Microsoft Office 2016 (64-bit edition)

Details

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker can exploit this issue to run arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0802

BID: 102347

Microsoft Rating: Important

Vulnerability Type

Microsoft Office Memory Corruption Vulnerability
Remote Code Execution

Vulnerability Affects

Microsoft Office 2016 (32-bit edition) Microsoft Office 2016 (64-bit edition)

Details

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker can exploit this issue to run arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0803

BID: 102384

Microsoft Rating: Important

Vulnerability Type

Microsoft Edge Elevation of Privilege Vulnerability
Security Feature Bypass

Vulnerability Affects

Microsoft Edge

Details

An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies. An attacker can exploit this issue to gain access to the information from one domain and inject it into another domain.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0805

BID: 102459

Microsoft Rating: Important

Vulnerability Type

Microsoft Word Remote Code Execution Vulnerability
Remote Code Execution

Vulnerability Affects

Microsoft Word 2010 Service Pack 2 (32-bit editions) Microsoft Word 2010 Service Pack 2 (64-bit editions) Microsoft Office 2010 Service Pack 2 (32-bit editions) Microsoft Office 2010 Service Pack 2 (64-bit editions) Microsoft Word 2016 (32-bit edition) Microsoft Word 2016 (64-bit edition) Microsoft Office Compatibility Pack SP3 Microsoft Word 2013 Service Pack 1 (32-bit editions) Microsoft Word 2013 Service Pack 1 (64-bit editions) Microsoft Word 2013 RT Service Pack 1 Microsoft Office 2007 SP3 Microsoft Office 2013 Service Pack 1 (32-bit editions) Microsoft Office 2013 Service Pack 1 (64-bit editions) Microsoft Office 2016 (32-bit edition) Microsoft Office 2016 (64-bit edition) Microsoft Office 2016 Click-to-Run (C2R) for 32-bit edition Microsoft Office 2016 Click-to-Run (C2R) for 64-bit edition Microsoft Word 2007 SP3

Details

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker can exploit this issue to run arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0806

BID: 102460

Microsoft Rating: Important

Vulnerability Type

Microsoft Word Remote Code Execution Vulnerability
Remote Code Execution

Vulnerability Affects

Microsoft Word 2007 SP3 Microsoft Word 2010 Service Pack 2 (32-bit editions) Microsoft Word 2010 Service Pack 2 (64-bit editions) Microsoft Office 2010 Service Pack 2 (32-bit editions) Microsoft Office 2010 Service Pack 2 (64-bit editions) Microsoft Word 2016 (32-bit edition) Microsoft Word 2016 (64-bit edition) Microsoft Office Compatibility Pack SP3 Microsoft Word 2013 Service Pack 1 (32-bit editions) Microsoft Word 2013 Service Pack 1 (64-bit editions) Microsoft Word 2013 RT Service Pack 1 Microsoft Office 2007 SP3 Microsoft Office 2013 Service Pack 1 (32-bit editions) Microsoft Office 2013 Service Pack 1 (64-bit editions) Microsoft Office 2016 (32-bit edition) Microsoft Office 2016 (64-bit edition) Microsoft Office 2016 Click-to-Run (C2R) for 32-bit edition Microsoft Office 2016 Click-to-Run (C2R) for 64-bit edition

 

Details

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker can exploit this issue to run arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0807

BID: 102461

Microsoft Rating: Important

Vulnerability Type

Microsoft Word Remote Code Execution Vulnerability
Remote Code Execution

Vulnerability Affects

Microsoft Word 2007 SP3 Microsoft Word 2010 Service Pack 2 (32-bit editions) Microsoft Word 2010 Service Pack 2 (64-bit editions) Microsoft Office 2010 Service Pack 2 (32-bit editions) Microsoft Office 2010 Service Pack 2 (64-bit editions) Microsoft Word 2016 (32-bit edition) Microsoft Word 2016 (64-bit edition) Microsoft Office Compatibility Pack SP3 Microsoft Word 2013 Service Pack 1 (32-bit editions) Microsoft Word 2013 Service Pack 1 (64-bit editions) Microsoft Word 2013 RT Service Pack 1 Microsoft Office 2007 SP3 Microsoft Office 2013 Service Pack 1 (32-bit editions) Microsoft Office 2013 Service Pack 1 (64-bit editions) Microsoft Office 2016 (32-bit edition) Microsoft Office 2016 (64-bit edition) Microsoft Office 2016 Click-to-Run (C2R) for 32-bit edition Microsoft Office 2016 Click-to-Run (C2R) for 64-bit edition

 

Details

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker can exploit this issue to run arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

 

ID and Rating

CAN/CVE ID: CVE-2018-0808

BID: 102462

Microsoft Rating: Important

Vulnerability Type

ASP.NET Core Denial of Service Vulnerability
Denial of Service

Vulnerability Affects

Microsoft ASP.NET

Details

 A denial of service vulnerability exists when ASP.NET Core improperly handles web requests. An attacker can exploit this issue to cause a denial of service against a ASP.NET Core web application by issuing specially crafted requests to the .NET Core application.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security: 

 

ID and Rating

CAN/CVE ID: CVE-2018-0812

BID: 102463

Microsoft Rating: Important

Vulnerability Type

Microsoft Word Memory Corruption Vulnerability
Remote Code Execution

Vulnerability Affects

Microsoft Office 2007 SP3 Microsoft Word 2010 Service Pack 2 (32-bit editions) Microsoft Word 2010 Service Pack 2 (64-bit editions) Microsoft Office 2010 (32-bit edition) SP2 Microsoft Office 2010 (64-bit edition) SP2 Microsoft Office 2013 Service Pack 1 (32-bit editions) Microsoft Office 2013 Service Pack 1 (64-bit editions) Microsoft Word 2013 Service Pack 1 (32-bit editions) Microsoft Word 2013 Service Pack 1 (64-bit editions) Microsoft Word 2013 RT Service Pack 1 Microsoft Word 2016 (32-bit edition) Microsoft Word 2016 (64-bit edition) Microsoft Office 2016 (32-bit edition) Microsoft Office 2016 (64-bit edition) Microsoft Office 2016 Click-to-Run (C2R) for 32-bit edition Microsoft Office 2016 Click-to-Run (C2R) for 64-bit edition Microsoft Office Compatibility Pack Service Pack 3

 

Details

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker can exploit this issue to run arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0818

BID: 102412

Microsoft Rating: Important

Vulnerability Type

Scripting Engine Security Feature Bypass
Security Feature Bypass

Vulnerability Affects

Microsoft ChakraCore

Details

A security feature bypass vulnerability exists in the Microsoft Chakra scripting engine that allows Control Flow Guard (CFG) to be bypassed.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0819

BID: 102464

Microsoft Rating: Important

Vulnerability Type

Spoofing Vulnerability in Microsoft Office for Mac
Spoofing

Vulnerability Affects

Microsoft Office 2016 for Mac

Details

A spoofing vulnerability exists when Microsoft Outlook for MAC does not properly handle the encoding and display of email addresses. An attacker can exploit this issue by sending a specially crafted email attachment to a user in an attempt to launch a social engineering attack, such as phishing.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: ADV180002

BID: N/A

Microsoft Rating: Important

Vulnerability Type

Vulnerability in CPU Microcode Could Allow Information Disclosure
Information Disclosure

Vulnerability Affects

Microsoft Internet Explorer 11 Microsoft Edge Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016

Details

CVE-2017-5715
CVE-2017-5753
CVE-2017-5754
Multiple vulnerabilities referred to as 'speculative execution side-channel attacks' affect many modern processors and operating systems including Intel, AMD, and ARM.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

 

 

ID and Rating

CAN/CVE ID: CVE-2018-0785

BID: 102379

Microsoft Rating: Moderate

Vulnerability Type

ASP.NET Core Cross Site Request Forgery Vulnerabilty
Tampering

Vulnerability Affects

Microsoft ASP.NET Core 2.0

Details

A Cross Site Request Forgery (CSRF) vulnerability exists when a ASP.NET Core web application is created using vulnerable project templates. An attacker can exploit this issue to change the recovery codes associated with the victim's user account without his/her consent.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0804

BID: 102457

Microsoft Rating: Low

Vulnerability Type

Microsoft Word Remote Code Execution Vulnerability
Remote Code Execution

Vulnerability Affects

Microsoft Word 2007 SP3 Microsoft Word 2010 Service Pack 2 (32-bit editions) Microsoft Word 2010 Service Pack 2 (64-bit editions) Microsoft Office 2010 Service Pack 2 (32-bit editions) Microsoft Office 2010 Service Pack 2 (64-bit editions) Microsoft Word 2016 (32-bit edition) Microsoft Word 2016 (64-bit edition) Microsoft Office Compatibility Pack SP3 Microsoft Word 2013 Service Pack 1 (32-bit editions) Microsoft Word 2013 Service Pack 1 (64-bit editions) Microsoft Word 2013 RT Service Pack 1 Microsoft Office 2007 SP3 Microsoft Office 2013 Service Pack 1 (32-bit editions) Microsoft Office 2013 Service Pack 1 (64-bit editions) Microsoft Office 2016 (32-bit edition) Microsoft Office 2016 (64-bit edition) Microsoft Office 2016 Click-to-Run (C2R) for 32-bit edition Microsoft Office 2016 Click-to-Run (C2R) for 64-bit edition

 

Details

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker can exploit this issue to run arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: ADV170021

BID: N/A

Microsoft Rating: None

Vulnerability Type

Microsoft Office Defense in Depth Update

Vulnerability Affects

 

Details

 

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: N/A

Data Center Security:

 

ID and Rating

CAN/CVE ID: ADV180003

BID: N/A

Microsoft Rating: None

Vulnerability Type

Microsoft Office Defense in Depth Update

Vulnerability Affects

 

Details

 

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security: