Symantec product detections for Microsoft monthly Security Bulletins - February 2018

book

Article ID: 171015

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

This document describes Symantec product detections for the Microsoft vulnerabilities for which Microsoft releases patches in their monthly Security Bulletins.

Note: Symantec posts this information shortly after it becomes available from Microsoft. Any missing information will be added to the document as it becomes available.
Note: These have been referred to previously as Security Advisories. The language has been updated to Security Bulletins to maintain cadence with Microsoft's terminology
Note: The fields for KB and Bulletin are no longer populated or used by Microsoft, and they no longer appear here as of April 2017 

Resolution

 

ID and Rating

CAN/CVE ID: ADV180004

BID: N/A

Microsoft Rating: Critical

Vulnerability Type

February 2018 Adobe Flash Security Update

Vulnerability Affects

Adobe Flash Player

Details

See Adobe.com

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0763

BID: 102873

Microsoft Rating: Critical

Vulnerability Type

Microsoft Edge Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Edge

Details

An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory. An attacker can exploit this issue to obtain sensitive information to further compromise the user’s system.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0825

BID: 102920

Microsoft Rating: Critical

Vulnerability Type

StructuredQuery Remote Code Execution Vulnerability

Vulnerability Affects

Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems

Details

A remote code execution vulnerability exists in StructuredQuery when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: Exp.CVE-2018-0825

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0834

BID: 102859

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability

Vulnerability Affects

Microsoft Edge Microsoft ChakraCore

Details

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: Exp.CVE-2018-0834

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0835

BID: 102874

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability
Remote Code Execution

Vulnerability Affects

Microsoft Edge Microsoft ChakraCore

Details

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Web Attack: CVE-2018-0835 Remote Memory Corruption Vulnerability

Other Detections

AV: Exp.CVE-2018-0835

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0837

BID: 102876

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability
Remote Code Execution

Vulnerability Affects

Microsoft Edge Microsoft ChakraCore

Details

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: Exp.CVE-2018-0837

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0838

BID: 102877

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability
Remote Code Execution

Vulnerability Affects

Microsoft Edge Microsoft ChakraCore

Details

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Exp.CVE-2018-0838

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0840

BID: 102886

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability
Remote Code Execution

Vulnerability Affects

Microsoft Internet Explorer 11 Microsoft Edge Microsoft Internet Explorer 10 Microsoft ChakraCore

Details

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: Exp.CVE-2018-0840

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0852

BID: 102871

Microsoft Rating: Critical

Vulnerability Type

Microsoft Outlook Memory Corruption Vulnerability
Remote Code Execution

Vulnerability Affects

Microsoft Outlook 2013 RT Service Pack 1 Microsoft Outlook 2010 (32-bit editions) Service Pack 2 Microsoft Outlook 2010 (64-bit editions) Service Pack 2 Microsoft Outlook 2016 (32-bit editions) Microsoft Outlook 2016 (64-bit editions) Microsoft Outlook 2013 Service Pack 1 (32-bit editions) Microsoft Outlook 2013 Service Pack 1 (64-bit editions) Microsoft Outlook 2016 Click-to-Run (C2R) for 32-bit edition Microsoft Outlook 2016 Click-to-Run (C2R) for 64-bit edition Microsoft Outlook 2007 Service Pack 3

 

Details

A remote code execution vulnerability exists in Microsoft Outlook when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.

 

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0856

BID: 102880

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability
Remote Code Execution

Vulnerability Affects

Microsoft Edge Microsoft ChakraCore

Details

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0857

BID: 102881

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability
Remote Code Execution

Vulnerability Affects

Microsoft Edge Microsoft ChakraCore

Details

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0858

BID: 102865

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability
Remote Code Execution

Vulnerability Affects

Microsoft ChakraCore

Details

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Web Attack: CVE-2018-0858 Remote Memory Corruption Vulnerability

Other Detections

AV: Exp.CVE-2018-0858

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0859

BID: 102882

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability
Remote Code Execution

Vulnerability Affects

Microsoft Edge Microsoft ChakraCore

Details

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0860

BID: 102883

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability
Remote Code Execution

Vulnerability Affects

Microsoft Edge Microsoft ChakraCore

Details

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: Exp.CVE-2018-0860

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0861

BID: 102884

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability
Remote Code Execution

Vulnerability Affects

Microsoft Edge

Details

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0863

BID: 102885

Microsoft Rating: Critical

Vulnerability Type

Microsoft Edge Memory Corruption Vulnerability
Remote Code Execution

Vulnerability Affects

Microsoft Edge

Details

A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. This vulnerability may corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0742

BID: 102937

Microsoft Rating: Important

Vulnerability Type

Windows Kernel Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2

Details

A privilege escalation vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: Exp.CVE-2018-0742

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0755

BID: 102934

Microsoft Rating: Important

Vulnerability Type

Windows EOT Font Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1

Details

An information disclosure vulnerability exists in the way that the Microsoft Windows Embedded OpenType (EOT) font engine parses specially crafted embedded fonts. An attacker who successfully exploited this vulnerability could potentially read data that was not intended to be disclosed.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0756

BID: 102941

Microsoft Rating: Important

Vulnerability Type

Windows Kernel Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems

Details

A privilege escalation vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: Exp.CVE-2018-0756

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0757

BID: 102947

Microsoft Rating: Important

Vulnerability Type

Windows Kernel Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows Server 2016 Microsoft Windows RT 8.1 Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows Server 2012 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems

 

Details

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0760

BID: 102953

Microsoft Rating: Important

Vulnerability Type

Windows EOT Font Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012

Details

An information disclosure vulnerability exists in the way that the Microsoft Windows Embedded OpenType (EOT) font engine parses specially crafted embedded fonts. An attacker who successfully exploited this vulnerability could potentially read data that was not intended to be disclosed.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0761

BID: 102952

Microsoft Rating: Important

Vulnerability Type

Windows EOT Font Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1

Details

An information disclosure vulnerability exists in the way that the Microsoft Windows Embedded OpenType (EOT) font engine parses specially crafted embedded fonts. An attacker who successfully exploited this vulnerability could potentially read data that was not intended to be disclosed.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0808

BID: 102956

Microsoft Rating: Important

Vulnerability Type

ASP.NET Core Denial Of Service Vulnerability

Vulnerability Affects

Microsoft ASP.NET

Details

A denial of service vulnerability exists when ASP. NET Core improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against an ASP.NET Core web application.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0809

BID: 102933

Microsoft Rating: Important

Vulnerability Type

Windows Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems

Details

A privilege escalation vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0810

BID: 102938

Microsoft Rating: Important

Vulnerability Type

Windows Kernel Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows Server 2016 Microsoft Windows RT 8.1 Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows Server 2012 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows Server 2008 for x64-based Systems SP2

Details

An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0820

BID: 102945

Microsoft Rating: Important

Vulnerability Type

Windows Kernel Elevation Of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2

 

Details

A privilege escalation vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0821

BID: 102939

Microsoft Rating: Important

Vulnerability Type

Windows AppContainer Elevation Of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 10 version 1703 for x64-based Systems

Details

A privilege escalation vulnerability exists when AppContainer improperly implements constrained impersonation. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0822

BID: 102942

Microsoft Rating: Important

Vulnerability Type

Windows NTFS Global Reparse Point Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 10 version 1703 for x64-based Systems

Details

A privilege escalation vulnerability exists when NTFS improperly handles objects. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0823

BID: 102919

Microsoft Rating: Important

Vulnerability Type

Named Pipe File System Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems

Details

A privilege escalation vulnerability exists when Named Pipe File System improperly handles objects. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0826

BID: 102944

Microsoft Rating: Important

Vulnerability Type

Windows Storage Services Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 10 version 1703 for x64-based Systems

 

Details

A privilege escalation vulnerability exists when Storage Services improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0827

BID: 102927

Microsoft Rating: Important

Vulnerability Type

Windows Security Feature Bypass Vulnerability

Vulnerability Affects

Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 version 1703 for x64-based Systems

 

Details

A security bypass vulnerability exists in Windows Scripting Host which could allow an attacker to bypass Device Guard. An attacker who successfully exploited this vulnerability could circumvent a User Mode Code Integrity (UMCI) policy on the machine.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0828

BID: 102935

Microsoft Rating: Important

Vulnerability Type

Windows Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems

Details

A privilege escalation vulnerability exists in Microsoft Windows when the MultiPoint management account password is improperly secured. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated privileges.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0829

BID: 102948

Microsoft Rating: Important

Vulnerability Type

Windows Kernel Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows Server 2016 Microsoft Windows RT 8.1 Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows Server 2012 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems

 

Details

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0830

BID: 102949

Microsoft Rating: Important

Vulnerability Type

Windows Kernel Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows Server 2016 Microsoft Windows RT 8.1 Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows Server 2012 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems

 

Details

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0831

BID: 102943

Microsoft Rating: Important

Vulnerability Type

Windows Kernel Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows Server 2016

Details

A privilege escalation vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0832

BID: 102923

Microsoft Rating: Important

Vulnerability Type

Windows Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems

 

Details

An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass. An attacker who successfully exploited the vulnerability could retrieve the memory address of a kernel object.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0836

BID: 102875

Microsoft Rating: Important

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability
Remote Code Execution

Vulnerability Affects

Microsoft Edge Microsoft ChakraCore

Details

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0839

BID: 102860

Microsoft Rating: Important

Vulnerability Type

Microsoft Edge Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Edge

Details

An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory. An attacker can exploit this issue to obtain sensitive information to further compromise the user’s system.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0841

BID: 102957

Microsoft Rating: Important

Vulnerability Type

Microsoft Office Remote Code Execution Vulnerability

Vulnerability Affects

Microsoft Office 2016 Click-to-Run (C2R) for 32-bit edition Microsoft Office 2016 Click-to-Run (C2R) for 64-bit edition

 

Details

A remote code execution vulnerability exists in Microsoft Office software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: Exp.CVE-2018-0841

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0842

BID: 102946

Microsoft Rating: Important

Vulnerability Type

Windows Remote Code Execution Vulnerability

Vulnerability Affects

Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016

 

Details

A remote code execution vulnerability exist when Windows improperly handles objects in memory. An attacker who successfully exploited these vulnerabilities could take control of an affected system.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: Exp.CVE-2018-0842

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0843

BID: 102951

Microsoft Rating: Important

Vulnerability Type

Windows Kernel Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems

Details

An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0844

BID: 102929

Microsoft Rating: Important

Vulnerability Type

Windows Common Log File System Driver Elevation Of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows Server 2008 for x64-based Systems R2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows Server 2012 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems

 

Details

A privilege escalation vulnerability exist when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0846

BID: 102931

Microsoft Rating: Important

Vulnerability Type

Windows Common Log File System Driver Elevation Of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows Server 2012 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows Server 2008 for x64-based Systems R2

 

Details

A privilege escalation vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0847

BID: 102861

Microsoft Rating: Important

Vulnerability Type

Internet Explorer Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Internet Explorer 10 Microsoft Internet Explorer 11

Details

An information disclosure vulnerability exists when Internet Explorer improperly handles objects in memory. An attacker can exploit this issue to obtain sensitive information to further compromise the user’s system.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0850

BID: 102866

Microsoft Rating: Important

Vulnerability Type

Microsoft Outlook Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Outlook 2007 Service Pack 3 Microsoft Outlook 2013 RT Service Pack 1 Microsoft Outlook 2010 (32-bit editions) Service Pack 2 Microsoft Outlook 2010 (64-bit editions) Service Pack 2 Microsoft Outlook 2016 (32-bit editions) Microsoft Outlook 2016 (64-bit editions) Microsoft Outlook 2013 Service Pack 1 (32-bit editions) Microsoft Outlook 2013 Service Pack 1 (64-bit editions) Microsoft Office 2016 Click-to-Run (C2R) for 32-bit edition Microsoft Office 2016 Click-to-Run (C2R) for 64-bit edition

 

Details

A privilege escalation vulnerability exists when Outlook initiates processing of incoming messages without sufficient validation of the formatting of the messages. An attacker who successfully exploited the vulnerability could attempt to force Outlook to load a local or remote message store (over SMB).

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0851

BID: 102870

Microsoft Rating: Important

Vulnerability Type

Microsoft Office Memory Corruption Vulnerability
Remote Code Execution

Vulnerability Affects

Microsoft Office 2013 Service Pack 1 (32-bit editions) Microsoft Office 2013 Service Pack 1 (64-bit editions) Microsoft Office 2016 (32-bit edition) Microsoft Office 2016 (64-bit edition) Microsoft Office 2016 Click-to-Run (C2R) for 32-bit edition Microsoft Office 2016 Click-to-Run (C2R) for 64-bit edition Microsoft Office Word Viewer Microsoft Office 2010 Service Pack 2 (32-bit editions) Microsoft Office 2010 Service Pack 2 (64-bit editions) Microsoft Office 2013 RT Service Pack 1

 

Details

A remote code execution vulnerability exists in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0853

BID: 102868

Microsoft Rating: Important

Vulnerability Type

Microsoft Office Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Office 2013 Service Pack 1 (64-bit editions) Microsoft Office 2010 Service Pack 2 (32-bit editions) Microsoft Office 2010 Service Pack 2 (64-bit editions) Microsoft Office 2013 RT Service Pack 1 Microsoft Office 2016 (32-bit edition) Microsoft Office 2016 (64-bit edition) Microsoft Office 2016 Click-to-Run (C2R) for 32-bit edition Microsoft Office 2016 Click-to-Run (C2R) for 64-bit edition Microsoft Office 2013 Service Pack 1 (32-bit editions)

 

Details

An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory. An attacker who successfully exploited the vulnerability could view out of bound memory.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0854

BID: 102928

Microsoft Rating: Important

Vulnerability Type

Windows Security Feature Bypass Vulnerability

Vulnerability Affects

Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems

 

Details

A security bypass vulnerability exists in Windows Scripting Host which could allow an attacker to bypass Device Guard. An attacker who successfully exploited this vulnerability could circumvent a User Mode Code Integrity (UMCI) policy on the machine.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0855

BID: 102936

Microsoft Rating: Important

Vulnerability Type

Windows EOT Font Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1

Details

An information disclosure vulnerability exists in the way that the Microsoft Windows Embedded OpenType (EOT) font engine parses specially crafted embedded fonts. An attacker who successfully exploited this vulnerability could potentially read data that was not intended to be disclosed.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0864

BID: 102962

Microsoft Rating: Important

Vulnerability Type

Microsoft SharePoint Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Project Server 2013 Service Pack 1 Microsoft SharePoint Enterprise Server 2016

Details

A privilege escalation vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0869

BID: 102963

Microsoft Rating: Important

Vulnerability Type

Clone of Microsoft SharePoint Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft SharePoint Enterprise Server 2016

 

Details

A privilege escalation vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0771

BID: 102857

Microsoft Rating: Moderate

Vulnerability Type

Microsoft Edge Security Feature Bypass

Vulnerability Affects

Microsoft Edge

Details

A security bypass vulnerability exists when Microsoft Edge improperly handles requests of different origins. The vulnerability allows Microsoft Edge to bypass Same-Origin Policy (SOP) restrictions, and to allow requests that should otherwise be ignored.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0833

BID: 102924

Microsoft Rating: Moderate

Vulnerability Type

SMBv2/SMBv3 Null Dereference Denial of Service Vulnerability

Vulnerability Affects

Microsoft Windows RT 8.1 Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems

Details

A denial of service vulnerability exists in implementations of the Microsoft Server Message Block. The vulnerability is due to improper handling of certain requests sent by a malicious SMB server to the client.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security: