Symantec product detections for Microsoft monthly Security Bulletins - May 2018

book

Article ID: 171645

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

This document describes Symantec product detections for the Microsoft vulnerabilities for which Microsoft releases patches in their monthly Security Bulletins.

Note: Symantec posts this information shortly after it becomes available from Microsoft. Any missing information will be added to the document as it becomes available.
Note: These have been referred to previously as Security Advisories. The language has been updated to Security Bulletins to maintain cadence with Microsoft's terminology
Note: The fields for KB and Bulletin are no longer populated or used by Microsoft, and they no longer appear here as of April 2017 

Resolution

 

ID and Rating

CAN/CVE ID: ADV180008

BID: N/A

Microsoft Rating: Critical

Vulnerability Type

May 2018 Adobe Flash Security Update

Vulnerability Affects

See Adobe.com for details

Details

See Adobe.com for details

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0943

BID: 103980

Microsoft Rating: Critical

Vulnerability Type

Chakra Scripting Engine Memory Corruption Vulnerability
Remote Code Execution

Vulnerability Affects

Microsoft ChakraCore Microsoft Edge

Details

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0945

BID: 103987

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability
Remote Code Execution

Vulnerability Affects

Microsoft ChakraCore Microsoft Edge

Details

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0946

BID: 103989

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability
Remote Code Execution

Vulnerability Affects

Microsoft ChakraCore Microsoft Edge

Details

 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: Exp.CVE-2018-0946

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0951

BID: 103983

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability
Remote Code Execution

Vulnerability Affects

Microsoft ChakraCore Microsoft Edge

Details

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: Exp.CVE-2018-0951

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0953

BID: 103990

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability
Remote Code Execution

Vulnerability Affects

Microsoft ChakraCore Microsoft Edge

 

Details

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Web Attack: CVE-2018-0953 Remote Memory Corruption Vulnerability

Other Detections

AV: Exp.CVE-2018-0953

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0954

BID: 103991

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability
Remote Code Execution

Vulnerability Affects

Microsoft ChakraCore Microsoft Edge Microsoft Internet Explorer 11 Microsoft Internet Explorer 10 Microsoft Internet Explorer 9

 

Details

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Web Attack: CVE-2018-0954 Remote Memory Corruption Vulnerability

Other Detections

AV: Exp.CVE-2018-0954

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0955

BID: 103993

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability
Remote Code Execution

Vulnerability Affects

Microsoft Internet Explorer 11 Microsoft Internet Explorer 10 Microsoft Internet Explorer 9

 

Details

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: Exp.CVE-2018-0955

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0959

BID: 104031

Microsoft Rating: Critical

Vulnerability Type

Hyper-V Remote Code Execution Vulnerability

Vulnerability Affects

Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016

 

Details

A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause the Hyper-V host operating system to execute arbitrary code.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0961

BID: 104032

Microsoft Rating: Critical

Vulnerability Type

Hyper-V vSMB Remote Code Execution Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows Server 2016

 

Details

A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate vSMB packet data. An attacker who successfully exploited these vulnerabilities could execute arbitrary code on a target operating system.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-1022

BID: 103978

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability
Remote Code Execution

Vulnerability Affects

Microsoft Edge

Details

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-8114

BID: 103994

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability
Remote Code Execution

Vulnerability Affects

Microsoft Internet Explorer 11

 

Details

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: Exp.CVE-2018-8114

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-8115

BID: 104061

Microsoft Rating: Critical

Vulnerability Type

Windows Host Compute Service Shim Remote Code Execution Vulnerability

Vulnerability Affects

Microsoft Windows Host Compute Service Shim 0.6.9 Microsoft Windows Host Compute Service Shim 0.6.0 Microsoft Windows Host Compute Service Shim 0.5.0 Microsoft Windows Host Compute Service Shim 0.4.0 Microsoft Windows Host Compute Service Shim 0.3.0 Microsoft Windows Host Compute Service Shim 0.2.0 Microsoft Windows Host Compute Service Shim 0.1.0

 

Details

Microsoft Windows Host Compute Service Shim is prone to a remote code-execution vulnerability. Specifically, this issue occurs because the library fails to properly validate input from specially-crafted container images.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-8122

BID: 103995

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability
Remote Code Execution

Vulnerability Affects

Microsoft Internet Explorer 11

 

Details

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: Exp.CVE-2018-8122

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-8128

BID: 103979

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability
Remote Code Execution

Vulnerability Affects

Microsoft Edge

 

Details

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-8130

BID: 103981

Microsoft Rating: Critical

Vulnerability Type

Chakra Scripting Engine Memory Corruption Vulnerability
Remote Code Execution

Vulnerability Affects

Microsoft ChakraCore Microsoft Edge

 

Details

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-8133

BID: 103982

Microsoft Rating: Critical

Vulnerability Type

Chakra Scripting Engine Memory Corruption Vulnerability
Remote Code Execution

Vulnerability Affects

Microsoft ChakraCore Microsoft Edge

 

Details

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: Exp.CVE-2018-8133

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-8137

BID: 103967

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability
Remote Code Execution

Vulnerability Affects

Microsoft Edge

 

Details

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Exp.CVE-2018-8137

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-8139

BID: 103977

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability
Remote Code Execution

Vulnerability Affects

Microsoft Edge

 

Details

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-8174

BID: 103998

Microsoft Rating: Critical

Vulnerability Type

Windows VBScript Engine Remote Code Execution Vulnerability

Vulnerability Affects

Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1703 for 32-bit Systems Windows 10 Version 1703 for x64-based Systems Windows 10 Version 1709 for 32-bit Systems Windows 10 Version 1709 for x64-based Systems Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for x64-based Systems Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows RT 8.1 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for Itanium-Based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 R2 for Itanium-Based Systems SP 1 Windows Server 2008 R2 for x64-based Systems SP 1 Windows Server 2012 Windows Server 2012 R2 Windows Server 2016

 

Details

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Web Attack: Microsoft VBScript Engine RCE CVE-2018-8174

Other Detections

AV:  Exp.CVE-2018-8174

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-8177

BID: 104090

Microsoft Rating: Critical

Vulnerability Type

Chakra Scripting Engine Memory Corruption Vulnerability
Remote Code Execution

Vulnerability Affects

Microsoft ChakraCore

 

Details

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-8178

BID: 104076

Microsoft Rating: Critical

Vulnerability Type

Microsoft Browser Memory Corruption Vulnerability
Remote Code Execution

Vulnerability Affects

Microsoft Internet Explorer 11 Microsoft Edge Microsoft Internet Explorer 10 Microsoft ChakraCore Microsoft Internet Explorer 9

 

Details

A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. This vulnerability may corrupt memory in such a way that could allow an attacker to execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0765

BID: 104060

Microsoft Rating: Important

Vulnerability Type

.NET and .NET Core Denial of Service Vulnerability

Vulnerability Affects

Microsoft ASP.NET Core 2.0 Microsoft .NET Framework 2.0 Microsoft .NET Framework 3.0 Microsoft .NET Framework 3.5 Microsoft .NET Framework 3.5.1 Microsoft .NET Framework 4.5.2 Microsoft .NET Framework 4.6 Microsoft .NET Framework 4.6.1 Microsoft .NET Framework 4.6.2 Microsoft .NET Framework 4.7

 

Details

A denial of service vulnerability exists when .NET and .NET Core improperly process XML documents.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0824

BID: 104030

Microsoft Rating: Important

Vulnerability Type

Microsoft COM for Windows Remote Code Execution Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016

 

Details

A remote code execution vulnerability exists in Microsoft COM for Windows when it fails to properly handle serialized objects. An attacker who successfully exploited the vulnerability could use a specially crafted file or script to perform actions.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0854

BID: 104029

Microsoft Rating: Important

Vulnerability Type

Windows Security Feature Bypass Vulnerability

Vulnerability Affects

Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows Server 2016

 

Details

A security bypass vulnerability exists in Windows Scripting Host which could allow an attacker to bypass Device Guard. An attacker who successfully exploited this vulnerability could circumvent a User Mode Code Integrity (UMCI) policy on the machine.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0905

BID: 103962

Microsoft Rating: Important

Vulnerability Type

Microsoft Edge Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Edge

 

Details

An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-0958

BID: 104064

Microsoft Rating: Important

Vulnerability Type

Windows Security Feature Bypass Vulnerability

Vulnerability Affects

Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems

Details

A security bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard. An attacker who successfully exploited this vulnerability could circumvent a User Mode Code Integrity (UMCI) policy on the machine.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-1021

BID: 103964

Microsoft Rating: Important

Vulnerability Type

Microsoft Edge Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Edge

 

Details

An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-1025

BID: 103984

Microsoft Rating: Important

Vulnerability Type

Microsoft Browser Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Internet Explorer 11 Microsoft Edge Microsoft Internet Explorer 10

 

Details

An information disclosure vulnerability exists when affected Microsoft browsers improperly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-1039

BID: 104072

Microsoft Rating: Important

Vulnerability Type

.NET Framework Device Guard Security Feature Bypass Vulnerability

Vulnerability Affects

Microsoft .NET Framework 2.0 SP2 Microsoft .NET Framework 3.0 SP2 Microsoft .NET Framework 3.5 Microsoft .NET Framework 3.5.1 Microsoft .NET Framework 4.5.2 Microsoft .NET Framework 4.6 Microsoft .NET Framework 4.7 Microsoft .NET Framework 4.7.1 Microsoft .NET Framework 4.6.2 Microsoft .NET Framework 4.6.1

 

Details

A security bypass vulnerability exists in . Net Framework which could allow an attacker to bypass Device Guard.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-8112

BID: 103963

Microsoft Rating: Important

Vulnerability Type

Microsoft Edge Security Feature Bypass Vulnerability

Vulnerability Affects

Microsoft Edge

 

Details

A security bypass vulnerability exists when Microsoft Edge improperly handles requests of different origins. The vulnerability allows Microsoft Edge to bypass Same-Origin Policy (SOP) restrictions, and to allow requests that should otherwise be ignored.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-8119

BID: 104070

Microsoft Rating: Important

Vulnerability Type

Azure IoT SDK Spoofing Vulnerability

Vulnerability Affects

Microsoft C SDK for Azure IoT Microsoft C# SDK for Azure IoT Microsoft Java SDK for Azure IoT

 

Details

A spoofing vulnerability exists when the Azure IoT Device Provisioning AMQP Transport library improperly validates certificates over the AMQP protocol. An attacker who successfully exploited this vulnerability could impersonate a server used duing the provisioning process.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-8120

BID: 104034

Microsoft Rating: Important

Vulnerability Type

Win32k Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1

 

Details

A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-8123

BID: 103965

Microsoft Rating: Important

Vulnerability Type

Microsoft Edge Memory Corruption Vulnerability
Remote Code Execution

Vulnerability Affects

Microsoft Edge

 

Details

A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. This vulnerability may corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: Exp.CVE-2018-8123

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-8124

BID: 104037

Microsoft Rating: Important

Vulnerability Type

Win32k Elevation of Privilege Vulnerability
Remote Code Execution

Vulnerability Affects

Microsoft Edge

 

Details

A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. This vulnerability may corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-8126

BID: 103997

Microsoft Rating: Important

Vulnerability Type

Internet Explorer Security Feature Bypass Vulnerability

Vulnerability Affects

Microsoft Internet Explorer 11

 

Details

A security bypass vulnerability exists when Internet Explorer fails to validate User Mode Code Integrity (UMCI) policies. The vulnerability could allow an attacker to bypass Device Guard UMCI policies.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-8127

BID: 104040

Microsoft Rating: Important

Vulnerability Type

Windows Kernel Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016

 

Details

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-8129

BID: 104065

Microsoft Rating: Important

Vulnerability Type

Windows Security Feature Bypass Vulnerability

Vulnerability Affects

Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems

 

Details

A security bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard. An attacker who successfully exploited this vulnerability could circumvent a User Mode Code Integrity (UMCI) policy on the machine.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-8132

BID: 104066

Microsoft Rating: Important

Vulnerability Type

Windows Security Feature Bypass Vulnerability

Vulnerability Affects

Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems

 

Details

A security bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard. An attacker who successfully exploited this vulnerability could circumvent a User Mode Code Integrity (UMCI) policy on the machine.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-8134

BID: 104041

Microsoft Rating: Important

Vulnerability Type

Windows Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems

 

Details

A privilege escalation vulnerability exists in the way that the Windows Kernel API enforces permissions. An attacker who successfully exploited the vulnerability could impersonate processes, interject cross-process communication, or interrupt system functionality.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-8141

BID: 104078

Microsoft Rating: Important

Vulnerability Type

Windows Kernel Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows Server 1709

 

Details

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-8145

BID: 103986

Microsoft Rating: Important

Vulnerability Type

Chakra Scripting Engine Memory Corruption Vulnerability
Information Disclosure

Vulnerability Affects

Microsoft Internet Explorer 11 Microsoft Edge Microsoft Internet Explorer 10

 

Details

An information disclosure vulnerability exists when Chakra improperly discloses the contents of its memory, which could provide an attacker with information to further compromise the user’s computer or data. To exploit the vulnerability, an attacker must know the memory address of where the object was created.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-8147

BID: 104035

Microsoft Rating: Important

Vulnerability Type

Microsoft Excel Remote Code Execution Vulnerability

Vulnerability Affects

Microsoft Excel 2013 Service Pack 1 (64-bit editions) Microsoft Excel 2013 Service Pack 1 (32-bit editions) Microsoft Excel 2013 RT Service Pack 1 Microsoft Excel 2010 Service Pack 2 (64-bit editions) Microsoft Excel 2010 Service Pack 2 (32-bit editions) Microsoft Excel 2016 (32-bit editions) Microsoft Excel 2016 (64-bit editions) Microsoft Office 2010 Service Pack 2 (32-bit editions) Microsoft Office 2010 Service Pack 2 (64-bit editions) Microsoft Office 2013 RT Service Pack 1 Microsoft Office 2013 Service Pack 1 (32-bit editions) Microsoft Office 2013 Service Pack 1 (64-bit editions) Microsoft Office 2016 Click-to-Run (C2R) for 32-bit edition Microsoft Office 2016 Click-to-Run (C2R) for 64-bit edition Microsoft Office 2016 for Mac Microsoft Office Compatibility Pack Service Pack 3

 

Details

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: Exp.CVE-2018-8147

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-8148

BID: 104053

Microsoft Rating: Important

Vulnerability Type

Microsoft Excel Remote Code Execution Vulnerability

Vulnerability Affects

Microsoft Excel 2013 Service Pack 1 (64-bit editions) Microsoft Excel 2013 Service Pack 1 (32-bit editions) Microsoft Excel 2013 RT Service Pack 1 Microsoft Excel 2010 Service Pack 2 (64-bit editions) Microsoft Excel 2010 Service Pack 2 (32-bit editions) Microsoft Excel 2016 (32-bit editions) Microsoft Excel 2016 (64-bit editions) Microsoft Office 2010 Service Pack 2 (32-bit editions) Microsoft Office 2010 Service Pack 2 (64-bit editions) Microsoft Office 2013 RT Service Pack 1 Microsoft Office 2013 Service Pack 1 (32-bit editions) Microsoft Office 2013 Service Pack 1 (64-bit editions) Microsoft Office 2016 (32-bit edition) Microsoft Office 2016 (64-bit edition) Microsoft Office 2016 Click-to-Run (C2R) for 32-bit edition Microsoft Office 2016 Click-to-Run (C2R) for 64-bit edition Microsoft Office Compatibility Pack Service Pack 3

 

Details

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: Exp.CVE-2018-8148

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-8149

BID: 104036

Microsoft Rating: Important

Vulnerability Type

Microsoft SharePoint Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Enterprise Server 2013 Service Pack 1 Microsoft SharePoint Server 2010 SP2

 

Details

A privilege escalation vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-8150

BID: 104039

Microsoft Rating: Important

Vulnerability Type

Microsoft Outlook Security Feature Bypass Vulnerability

Vulnerability Affects

Microsoft Office 2016 Click-to-Run (C2R) for 32-bit edition Microsoft Office 2016 Click-to-Run (C2R) for 64-bit edition

 

Details

A security bypass vulnerability exists when the Microsoft Outlook attachment block filter does not properly handle attachments. An attacker who successfully exploited the vulnerability could execute arbitrary commands.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-8151

BID: 104042

Microsoft Rating: Important

Vulnerability Type

Microsoft Exchange Memory Corruption Vulnerability
Remote Code Execution

Vulnerability Affects

Microsoft Exchange Server 2010 SP3 Update Rollup 21 Microsoft Exchange Server 2013 Cumulative Update 19 Microsoft Exchange Server 2013 Cumulative Update 20 Microsoft Exchange Server 2013 SP1 Microsoft Exchange Server 2016 Cumulative Update 8 Microsoft Exchange Server 2016 Cumulative Update 9

 

Details

An information disclosure vulnerability exists when Microsoft Exchange improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the remote system.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-8152

BID: 104043

Microsoft Rating: Important

Vulnerability Type

Microsoft Exchange Server Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Exchange Server 2016 Cumulative Update 8 Microsoft Exchange Server 2016 Cumulative Update 9

 

Details

A privilege escalation vulnerability exists when Microsoft Exchange Outlook Web Access (OWA) fails to properly handle web requests. An attacker who successfully exploited this vulnerability could perform script/content injection attacks and attempt to trick the user into disclosing sensitive information.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-8154

BID: 104054

Microsoft Rating: Important

Vulnerability Type

Microsoft Exchange Memory Corruption Vulnerability
Remote Code Execution

Vulnerability Affects

Microsoft Exchange Server 2010 SP3 Update Rollup 21 Microsoft Exchange Server 2013 Cumulative Update 19 Microsoft Exchange Server 2013 Cumulative Update 20 Microsoft Exchange Server 2013 SP1 Microsoft Exchange Server 2016 Cumulative Update 8 Microsoft Exchange Server 2016 Cumulative Update 9

 

Details

A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the System user.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-8155

BID: 104047

Microsoft Rating: Important

Vulnerability Type

Microsoft SharePoint Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Enterprise Server 2013 Service Pack 1

 

Details

A privilege escalation vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-8156

BID: 104048

Microsoft Rating: Important

Vulnerability Type

Microsoft SharePoint Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Enterprise Server 2013 Service Pack 1 Microsoft Project Server 2010 Service Pack 2

 

Details

A privilege escalation vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-8157

BID: 104046

Microsoft Rating: Important

Vulnerability Type

Microsoft Office Remote Code Execution Vulnerability

Vulnerability Affects

Microsoft Office 2010 Service Pack 2 (32-bit editions) Microsoft Office 2010 Service Pack 2 (64-bit editions) Microsoft Office 2013 RT Service Pack 1 Microsoft Office 2013 Service Pack 1 (32-bit editions) Microsoft Office 2013 Service Pack 1 (64-bit editions) Microsoft Office 2016 (32-bit edition) Microsoft Office 2016 (64-bit edition) Microsoft Office 2016 Click-to-Run (C2R) for 32-bit edition Microsoft Office 2016 Click-to-Run (C2R) for 64-bit edition

 

Details

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: Exp.CVE-2018-8157

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-8158

BID: 104049

Microsoft Rating: Important

Vulnerability Type

Microsoft Office Remote Code Execution Vulnerability

Vulnerability Affects

Microsoft Office 2010 Service Pack 2 (32-bit editions) Microsoft Office 2010 Service Pack 2 (64-bit editions) Microsoft Office 2013 RT Service Pack 1 Microsoft Office 2013 Service Pack 1 (32-bit editions) Microsoft Office 2013 Service Pack 1 (64-bit editions) Microsoft Office 2016 (32-bit edition) Microsoft Office 2016 (64-bit edition) Microsoft Office 2016 Click-to-Run (C2R) for 32-bit edition Microsoft Office 2016 Click-to-Run (C2R) for 64-bit edition

 

Details

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: Exp.CVE-2018-8158

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-8159

BID: 104056

Microsoft Rating: Important

Vulnerability Type

Microsoft Exchange Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Exchange Server 2016 Cumulative Update 8 Microsoft Exchange Server 2016 Cumulative Update 9 Microsoft Exchange Server 2013 Cumulative Update 19 Microsoft Exchange Server 2013 Cumulative Update 20

 

Details

A privilege escalation vulnerability exists when Microsoft Exchange Outlook Web Access (OWA) fails to properly handle web requests.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-8160

BID: 104051

Microsoft Rating: Important

Vulnerability Type

Microsoft Outlook Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Office Compatibility Pack Service Pack 3 Microsoft Office 2010 Service Pack 2 (32-bit editions) Microsoft Office 2010 Service Pack 2 (64-bit editions) Microsoft Office Web Apps Server 2010 Service Pack 2 Microsoft Word Automation Services on Microsoft SharePoint Server 2010 SP2

 

Details

An information disclosure vulnerability exists in Outlook when a message is opened. This vulnerability could potentially result in the disclosure of sensitive information to a malicious site.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-8161

BID: 104052

Microsoft Rating: Important

Vulnerability Type

Microsoft Office Remote Code Execution Vulnerability

Vulnerability Affects

Microsoft Office 2010 Service Pack 2 (32-bit editions) Microsoft Office 2010 Service Pack 2 (64-bit editions) Microsoft Office Web Apps Server 2013 Service Pack 1 Microsoft Office Web Apps 2010 SP2 Microsoft SharePoint Enterprise Server 2016 Microsoft Word 2010 Service Pack 2 (32-bit editions) Microsoft Word 2010 Service Pack 2 (64-bit editions) Microsoft Word 2013 RT Service Pack 1 Microsoft Word 2013 Service Pack 1 (32-bit editions) Microsoft Word 2013 Service Pack 1 (64-bit editions) Microsoft Word 2016 (32-bit edition) Microsoft Word 2016 (64-bit edition) Microsoft Word Automation Services on Microsoft SharePoint Server 2010 SP2 Microsoft Word Automation Services on Microsoft SharePoint Server 2013 Service Pack 1

 

Details

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: N/A

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-8162

BID: 104058

Microsoft Rating: Important

Vulnerability Type

Microsoft Excel Remote Code Execution Vulnerability

Vulnerability Affects

Microsoft Excel 2010 Service Pack 2 (32-bit editions) Microsoft Excel 2010 Service Pack 2 (64-bit editions) Microsoft Excel 2013 RT Service Pack 1 Microsoft Excel 2013 Service Pack 1 (32-bit editions) Microsoft Excel 2013 Service Pack 1 (64-bit editions) Microsoft Excel 2016 (32-bit editions) Microsoft Excel 2016 (64-bit editions) Microsoft Office 2016 Click-to-Run (C2R) for 32-bit edition Microsoft Office 2016 Click-to-Run (C2R) for 64-bit edition

 

Details

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-8163

BID: 104059

Microsoft Rating: Important

Vulnerability Type

Microsoft Excel Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Excel 2010 Service Pack 2 (32-bit editions) Microsoft Excel 2010 Service Pack 2 (64-bit editions) Microsoft Excel 2013 RT Service Pack 1 Microsoft Excel 2013 Service Pack 1 (32-bit editions) Microsoft Excel 2013 Service Pack 1 (64-bit editions) Microsoft Excel 2016 (32-bit editions) Microsoft Excel 2016 (64-bit editions) Microsoft Office 2016 Click-to-Run (C2R) for 32-bit edition Microsoft Office 2016 Click-to-Run (C2R) for 64-bit edition

 

Details

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the user’s computer or data.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-8164

BID: 104033

Microsoft Rating: Important

Vulnerability Type

Win32k Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 1709 Microsoft Windows Server 1803

 

Details

A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-8165

BID: 104038

Microsoft Rating: Important

Vulnerability Type

DirectX Graphics Kernel Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2016 Microsoft Windows Server 1709 Microsoft Windows Server 1803

 

Details

A privilege escalation vulnerability exists when the DirectX Graphics Kernel(DXGKRNL) driver improperly handles objects in memory.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-8166

BID: 104062

Microsoft Rating: Important

Vulnerability Type

Win32k Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 1709 Microsoft Windows Server 1803

 

Details

A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-8167

BID: 104063

Microsoft Rating: Important

Vulnerability Type

Windows Common Log File System Driver Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows Server 2012 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows Server 1709 Microsoft Windows Server 1803

 

Details

A privilege escalation vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-8168

BID: 104067

Microsoft Rating: Important

Vulnerability Type

Microsoft SharePoint Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft SharePoint Enterprise Server 2013 Service Pack 1

 

Details

A privilege escalation vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-8170

BID: 104068

Microsoft Rating: Important

Vulnerability Type

Windows Image Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows Server 1709

 

Details

A privilege escalation vulnerability exists in the way that the Windows kernel image handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-8173

BID: 104069

Microsoft Rating: Important

Vulnerability Type

Microsoft InfoPath Remote Code Execution Vulnerability

Vulnerability Affects

Microsoft InfoPath 2013 Service Pack 1 (32-bit editions) Microsoft InfoPath 2013 Service Pack 1 (64-bit editions)

 

Details

A remote code execution vulnerability exists in Microsoft InfoPath when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-8179

BID: 104077

Microsoft Rating: Important

Vulnerability Type

Microsoft Edge Memory Corruption Vulnerability
Remote Code Execution

Vulnerability Affects

Microsoft Edge Microsoft ChakraCore

 

Details

A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. This vulnerability may corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Exp.CVE-2018-8179

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-8897

BID: 104071

Microsoft Rating: Important

Vulnerability Type

Windows Kernel Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows Server 1709 Microsoft Windows Server 1803

 

Details

A privilege escalation vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-8136

BID: 104044

Microsoft Rating: Low

Vulnerability Type

Windows Remote Code Execution Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016

 

Details

A remote code execution vulnerability exists in the way that Windows handles objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code with elevated permissions on a target system.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security:

 

ID and Rating

CAN/CVE ID: CVE-2018-8153

BID: 104045

Microsoft Rating: Low

Vulnerability Type

Microsoft Exchange Spoofing Vulnerability

Vulnerability Affects

Microsoft Exchange Server 2016 Cumulative Update 8 Microsoft Exchange Server 2016 Cumulative Update 9

 

Details

A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web Access (OWA) fails to properly handle web requests. An attacker who successfully exploited the vulnerability could perform script or content injection attacks, and attempt to trick the user into disclosing sensitive information.

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: Under review

Data Center Security: