This document describes Symantec product detections for the Microsoft vulnerabilities for which Microsoft releases patches in their monthly Security Bulletins.
Note: Symantec posts this information shortly after it becomes available from Microsoft. Any missing information will be added to the document as it becomes available.
Note: These have been referred to previously as Security Advisories. The language has been updated to Security Bulletins to maintain cadence with Microsoft's terminology
Note: The fields for KB and Bulletin are no longer populated or used by Microsoft, and they no longer appear here as of April 2017
|
ID and Rating |
CAN/CVE ID: ADV180014 BID: N/A Microsoft Rating: Critical |
|
Vulnerability Type |
June 2018 Adobe Flash Security Update |
|
Vulnerability Affects |
See Adobe.com for details |
|
Details |
See Adobe.com for details |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Under review Data Center Security: |
|
ID and Rating |
CAN/CVE ID: CVE-2018-8110 BID: 104330 Microsoft Rating: Critical |
|
Vulnerability Type |
Microsoft Edge Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft Edge |
|
Details |
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. This vulnerability may corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. |
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: Exp.CVE-2018-8110 Data Center Security: |
|
ID and Rating |
CAN/CVE ID: CVE-2018-8111 BID: 104335 Microsoft Rating: Critical |
|
Vulnerability Type |
Microsoft Edge Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft Edge |
|
Details |
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. This vulnerability may corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. |
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: Exp.CVE-2018-8111 Data Center Security: |
|
ID and Rating |
CAN/CVE ID: CVE-2018-8213 BID: 104406 Microsoft Rating: Critical |
|
Vulnerability Type |
Windows Remote Code Execution Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 1709 Microsoft Windows Server 1803 |
|
Details |
A remote code execution vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited these vulnerabilities could take control of an affected system. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Review |
|
Other Detections |
AV: Under Review Data Center Security: |
|
ID and Rating |
CAN/CVE ID: CVE-2018-8225 BID: 104395 Microsoft Rating: Critical |
|
Vulnerability Type |
Windows DNSAPI Remote Code Execution Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows Server 1709 Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows Server 1803 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1
|
|
Details |
A remote code execution vulnerability exists in Windows Domain Name System (DNS) DNSAPI. dll when it fails to properly handle DNS responses. |
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A Data Center Security: |
|
ID and Rating |
CAN/CVE ID: CVE-2018-8229 BID: 104369 Microsoft Rating: Critical |
|
Vulnerability Type |
Chakra Scripting Engine Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft Edge Microsoft ChakraCore |
|
Details |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Web Attack: CVE-2018-8229 Microsoft Edge RCE Vulnerability |
|
Other Detections |
AV: Exp.CVE-2018-8229 Data Center Security: |
|
ID and Rating |
CAN/CVE ID: CVE-2018-8231 BID: 104373 Microsoft Rating: Critical |
|
Vulnerability Type |
HTTP Protocol Stack Remote Code Execution Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows Server 2016 |
|
Details |
A remote code execution vulnerability exists when HTTP Protocol Stack (Http.sys) improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code and take control of the affected system. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Review |
|
Other Detections |
AV: Under Review Data Center Security: |
|
ID and Rating |
CAN/CVE ID: CVE-2018-8236 BID: 104336 Microsoft Rating: Critical |
|
Vulnerability Type |
Microsoft Edge Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft Edge |
|
Details |
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. This vulnerability may corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. |
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: Exp.CVE-2018-8236 Data Center Security: |
|
ID and Rating |
CAN/CVE ID: CVE-2018-8243 BID: 104403 Microsoft Rating: Critical |
|
Vulnerability Type |
Scripting Engine Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft ChakraCore |
|
Details |
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Review |
|
Other Detections |
AV: Under Review Data Center Security: |
|
ID and Rating |
CAN/CVE ID: CVE-2018-8249 BID: 104363 Microsoft Rating: Critical |
|
Vulnerability Type |
Internet Explorer Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft Internet Explorer 11 |
|
Details |
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Web Attack: CVE-2018-8249 Microsoft Internet Explorer RCE Vulnerability |
|
Other Detections |
AV: Exp.CVE-2018-8249 Data Center Security: |
|
ID and Rating |
CAN/CVE ID: CVE-2018-8251 BID: 104398 Microsoft Rating: Critical |
|
Vulnerability Type |
Media Foundation Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for 64-bit Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 |
|
Details |
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A Data Center Security: |
|
ID and Rating |
CAN/CVE ID: CVE-2018-8267 BID: 104404 Microsoft Rating: Critical |
|
Vulnerability Type |
Scripting Engine Memory Corruption Vulnerability |
|
Vulnerability Affects |
|
|
Details |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: Exp.CVE-2018-8267 Data Center Security: |
|
ID and Rating |
CAN/CVE ID: CVE-2018-0871 BID: 104339 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft Edge Information Disclosure Vulnerability |
|
Vulnerability Affects |
Microsoft Edge |
|
Details |
An information disclosure vulnerability exists when Edge improperly marks files. An attacker who successfully exploited this vulnerability could exfiltrate file contents from disk. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Review |
|
Other Detections |
AV: Under Review Data Center Security: |
|
ID and Rating |
CAN/CVE ID: CVE-2018-0978 BID: 104364 Microsoft Rating: Important |
|
Vulnerability Type |
Internet Explorer Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft Internet Explorer 11 Microsoft Internet Explorer 9 Microsoft Internet Explorer 10 |
|
Details |
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Analysis |
|
Other Detections |
AV: Under Review Data Center Security: |
|
ID and Rating |
CAN/CVE ID: CVE-2018-0982 BID: 104382 Microsoft Rating: Important |
|
Vulnerability Type |
Windows Elevation of Privilege Vulnerability |
|
Vulnerability Affects |
Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows Server 1709 Microsoft Windows Server 1803
|
|
Details |
A privilege escalation vulnerability exists in the way that the Windows Kernel API enforces permissions. An attacker who successfully exploited the vulnerability could impersonate processes, interject cross-process communication, or interrupt system functionality.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Review |
|
Other Detections |
AV: Under Review Data Center Security: |
|
ID and Rating |
CAN/CVE ID: CVE-2018-1036 BID: 104360 Microsoft Rating: Important |
|
Vulnerability Type |
NTFS Elevation of Privilege Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for 64-bit Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 |
|
Details |
A privilege escalation vulnerability exists when NTFS improperly checks access. An attacker who successfully exploited this vulnerability could run processes in an elevated context. |
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A Data Center Security: |
|
ID and Rating |
CAN/CVE ID: CVE-2018-1040 BID: 104389 Microsoft Rating: Important |
|
Vulnerability Type |
Windows Code Integrity Module Denial of Service Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2016 Microsoft Windows Server 2012 R2 Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows Server 1803 Microsoft Windows Server 1709 |
|
Details |
A denial of service vulnerability exists in the way that the Windows Code Integrity Module performs hashing. An attacker who successfully exploited the vulnerability could cause a system to stop responding. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Review |
|
Other Detections |
AV: Under Review Data Center Security: |
|
ID and Rating |
CAN/CVE ID: CVE-2018-8113 BID: 104365 Microsoft Rating: Important |
|
Vulnerability Type |
Internet Explorer Security Feature Bypass Vulnerability |
|
Vulnerability Affects |
Microsoft Internet Explorer 11 |
|
Details |
A security bypass vulnerability exists in Internet Explorer that allows for bypassing Mark of the Web Tagging (MOTW). Failing to set the MOTW means that a large number of Microsoft security technologies are bypassed. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Review |
|
Other Detections |
AV: Under Review Data Center Security: |
|
ID and Rating |
CAN/CVE ID: CVE-2018-8121 BID: 104380 Microsoft Rating: Important |
|
Vulnerability Type |
Windows Kernel Information Disclosure Vulnerability |
|
Vulnerability Affects |
Microsoft Windows Server 2016 Microsoft Windows Server 1803 Microsoft Windows Server 1709 Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems |
|
Details |
An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. An attacker can exploit this issue by running a specially crafted application. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Review |
|
Other Detections |
AV: Under Review Data Center Security: |
|
ID and Rating |
CAN/CVE ID: CVE-2018-8140 BID: 104354 Microsoft Rating: Important |
|
Vulnerability Type |
Cortana Elevation of Privilege Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems |
|
Details |
A privilege escalation vulnerability exists when Cortana retrieves data from user input services without consideration for status. An attacker who successfully exploited the vulnerability could execute commands with elevated permissions. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Review |
|
Other Detections |
AV: Under Review Data Center Security: |
|
ID and Rating |
CAN/CVE ID: CVE-2018-8169 BID: 104356 Microsoft Rating: Important |
|
Vulnerability Type |
HIDParser Elevation of Privilege Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for 64-bit Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 |
|
Details |
A privilege escalation vulnerability exists when the (Human Interface Device) HID Parser Library driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A Data Center Security: |
|
ID and Rating |
CAN/CVE ID: CVE-2018-8175 BID: 104359 Microsoft Rating: Important |
|
Vulnerability Type |
WEBDAV Denial of Service Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems |
|
Details |
A denial of service vulnerability exists when Windows NT WEBDAV Minirdr attempts to query a WEBDAV directory. An attacker who successfully exploited the vulnerability could cause a denial of service. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Review |
|
Other Detections |
AV: Under Review Data Center Security: |
|
ID and Rating |
CAN/CVE ID: CVE-2018-8201 BID: 104331 Microsoft Rating: Important |
|
Vulnerability Type |
Device Guard Code Integrity Policy Security Feature Bypass Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows Server 2016
|
|
Details |
A security bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session. An attacker who successfully exploited this vulnerability could inject code into a trusted PowerShell process to bypass the Device Guard Code Integrity policy on the local machine.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Review |
|
Other Detections |
AV: Under Review Data Center Security: |
|
ID and Rating |
CAN/CVE ID: CVE-2018-8205 BID: 104391 Microsoft Rating: Important |
|
Vulnerability Type |
Windows Denial of Service Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2016 Microsoft Windows Server 2012 R2 Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows Server 1803 Microsoft Windows Server 1709
|
|
Details |
A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Review |
|
Other Detections |
AV: Under Review Data Center Security: |
|
ID and Rating |
CAN/CVE ID: CVE-2018-8207 BID: 104379 Microsoft Rating: Important |
|
Vulnerability Type |
Windows Kernel Information Disclosure Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 1709 Microsoft Windows Server 1803 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016
|
|
Details |
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Review |
|
Other Detections |
AV: Under Review Data Center Security: |
|
ID and Rating |
CAN/CVE ID: CVE-2018-8208 BID: 104392 Microsoft Rating: Important |
|
Vulnerability Type |
Windows Desktop Bridge Elevation of Privilege Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows Server 1803 Microsoft Windows Server 1709
|
|
Details |
A privilege escalation vulnerability exists in Windows when Desktop Bridge does not properly manage the virtual registry. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A Data Center Security: |
|
ID and Rating |
CAN/CVE ID: CVE-2018-8209 BID: 104393 Microsoft Rating: Important |
|
Vulnerability Type |
Windows Wireless Network Profile Information Disclosure Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows Server 1709 Microsoft Windows Server 1803 Microsoft Windows Server 2016
|
|
Details |
An information disclosure vulnerability exists when Windows allows a normal user to access the Wireless LAN profile of an administrative user. An authenticated attacker who successfully exploited the vulnerability could access the Wireless LAN profile of an administrative user, including passwords for wireless networks.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Review |
|
Other Detections |
AV: Under Review Data Center Security: |
|
ID and Rating |
CAN/CVE ID: CVE-2018-8210 BID: 104407 Microsoft Rating: Important |
|
Vulnerability Type |
Windows Remote Code Execution Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows Server 1709 Microsoft Windows Server 1803
|
|
Details |
A remote code execution vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited these vulnerabilities could take control of an affected system.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: Under Review Data Center Security: |
|
ID and Rating |
CAN/CVE ID: CVE-2018-8211 BID: 104326 Microsoft Rating: Important |
|
Vulnerability Type |
Device Guard Code Integrity Policy Security Feature Bypass Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems
|
|
Details |
A security bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session. An attacker who successfully exploited this vulnerability could inject code into a trusted PowerShell process to bypass the Device Guard Code Integrity policy on the local machine.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Review |
|
Other Detections |
AV: Under Review Data Center Security: |
|
ID and Rating |
CAN/CVE ID: CVE-2018-8212 BID: 104328 Microsoft Rating: Important |
|
Vulnerability Type |
Device Guard Code Integrity Policy Security Feature Bypass Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows Server 2016
|
|
Details |
A security bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session. An attacker who successfully exploited this vulnerability could inject code into a trusted PowerShell process to bypass the Device Guard Code Integrity policy on the local machine.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Review |
|
Other Detections |
AV: Under Review Data Center Security: |
|
ID and Rating |
CAN/CVE ID: CVE-2018-8214 BID: 104394 Microsoft Rating: Important |
|
Vulnerability Type |
Windows Desktop Bridge Elevation of Privilege Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows Server 1803 Microsoft Windows Server 1709
|
|
Details |
A privilege escalation vulnerability exists in Windows when Desktop Bridge does not properly manage the virtual registry. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A Data Center Security: |
|
ID and Rating |
CAN/CVE ID: CVE-2018-8215 BID: 104333 Microsoft Rating: Important |
|
Vulnerability Type |
Device Guard Code Integrity Policy Security Feature Bypass Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows Server 2016
|
|
Details |
A security bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session. An attacker who successfully exploited this vulnerability could inject code into a trusted PowerShell process to bypass the Device Guard Code Integrity policy on the local machine.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Review |
|
Other Detections |
AV: Under Review Data Center Security: |
|
ID and Rating |
CAN/CVE ID: CVE-2018-8216 BID: 104334 Microsoft Rating: Important |
|
Vulnerability Type |
Device Guard Code Integrity Policy Security Feature Bypass Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems
|
|
Details |
A security bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session. An attacker who successfully exploited this vulnerability could inject code into a trusted PowerShell process to bypass the Device Guard Code Integrity policy on the local machine.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Review |
|
Other Detections |
AV: Under Review Data Center Security: |
|
ID and Rating |
CAN/CVE ID: CVE-2018-8217 BID: 104337 Microsoft Rating: Important |
|
Vulnerability Type |
Device Guard Code Integrity Policy Security Feature Bypass Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems
|
|
Details |
A security bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session. An attacker who successfully exploited this vulnerability could inject code into a trusted PowerShell process to bypass the Device Guard Code Integrity policy on the local machine.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Review |
|
Other Detections |
AV: Under Review Data Center Security: |
|
ID and Rating |
CAN/CVE ID: CVE-2018-8218 BID: 104402 Microsoft Rating: Important |
|
Vulnerability Type |
Windows Hyper-V Denial of Service Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows Server 1709 |
|
Details |
A security bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session. An attacker who successfully exploited this vulnerability could inject code into a trusted PowerShell process to bypass the Device Guard Code Integrity policy on the local machine.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Review |
|
Other Detections |
AV: Under Review Data Center Security: |
|
ID and Rating |
CAN/CVE ID: CVE-2018-8219 BID: 104353 Microsoft Rating: Important |
|
Vulnerability Type |
Hypervisor Code Integrity Elevation of Privilege Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows Server 2016
|
|
Details |
A privilege escalation vulnerability exists when Windows Hyper-V instruction emulation fails to properly enforce privilege levels. An attacker who successfully exploited this vulnerability could gain elevated privileges on a target guest operating system.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Review |
|
Other Detections |
AV: Under Review Data Center Security: |
|
ID and Rating |
CAN/CVE ID: CVE-2018-8221 BID: 104338 Microsoft Rating: Important |
|
Vulnerability Type |
Device Guard Code Integrity Policy Security Feature Bypass Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems
|
|
Details |
A security bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session. An attacker who successfully exploited this vulnerability could inject code into a trusted PowerShell process to bypass the Device Guard Code Integrity policy on the local machine.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Review |
|
Other Detections |
AV: Under Review Data Center Security: |
|
ID and Rating |
CAN/CVE ID: CVE-2018-8224 BID: 104381 Microsoft Rating: Important |
|
Vulnerability Type |
Windows Kernel Elevation of Privilege Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1
|
|
Details |
A privilege escalation vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Review |
|
Other Detections |
AV: Under Review Data Center Security: |
|
ID and Rating |
CAN/CVE ID: CVE-2018-8226 BID: 104361 Microsoft Rating: Important |
|
Vulnerability Type |
HTTP.sys Denial of Service Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows Server 2016
|
|
Details |
A denial of service vulnerability exists in the HTTP 2.0 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP 2.0 requests. An attacker who successfully exploited the vulnerability could create a denial of service condition, causing the target system to become unresponsive.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Review |
|
Other Detections |
AV: Under Review Data Center Security: |
|
ID and Rating |
CAN/CVE ID: CVE-2018-8227 BID: 104368 Microsoft Rating: Important |
|
Vulnerability Type |
Chakra Scripting Engine Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft Edge Microsoft ChakraCore |
|
Details |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Review |
|
Other Detections |
AV: Under Review Data Center Security: |
|
ID and Rating |
CAN/CVE ID: CVE-2018-8233 BID: 104383 Microsoft Rating: Important |
|
Vulnerability Type |
Win32k Elevation of Privilege Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 1709 Microsoft Windows Server 1803 |
|
Details |
A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. |
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A Data Center Security: |
|
ID and Rating |
CAN/CVE ID: CVE-2018-8234 BID: 104340 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft Edge Information Disclosure Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 1709 Microsoft Windows Server 1803
|
|
Details |
A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Review |
|
Other Detections |
AV: Under Review Data Center Security: |
|
ID and Rating |
CAN/CVE ID: CVE-2018-8235 BID: 104343 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft Edge Security Feature Bypass Vulnerability |
|
Vulnerability Affects |
Microsoft Edge |
|
Details |
A security bypass vulnerability exists when Microsoft Edge improperly handles requests of different origins. The vulnerability allows Microsoft Edge to bypass Same-Origin Policy (SOP) restrictions, and to allow requests that should otherwise be ignored.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Review |
|
Other Detections |
AV: Under Review Data Center Security: |
|
ID and Rating |
CAN/CVE ID: CVE-2018-8239 BID: 104401 Microsoft Rating: Important |
|
Vulnerability Type |
Windows GDI Information Disclosure Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 1709 Microsoft Windows Server 1803
|
|
Details |
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker can exploit this issue to obtain sensitive information to further compromise the user’s system.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Review |
|
Other Detections |
AV: Under Review Data Center Security: |
|
ID and Rating |
CAN/CVE ID: CVE-2018-8244 BID: 104323 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft Outlook Elevation of Privilege Vulnerability |
|
Vulnerability Affects |
Microsoft Office 2016 Click-to-Run (C2R) for 32-bit edition Microsoft Office 2016 Click-to-Run (C2R) for 64-bit edition Microsoft Outlook 2010 (32-bit editions) Service Pack 2 Microsoft Outlook 2010 (64-bit editions) Service Pack 2 Microsoft Outlook 2013 RT Service Pack 1 Microsoft Outlook 2013 Service Pack 1 (32-bit editions) Microsoft Outlook 2013 Service Pack 1 (64-bit editions) Microsoft Outlook 2016 (32-bit editions) Microsoft Outlook 2016 (64-bit editions)
|
|
Details |
A privilege escalation vulnerability exists when Microsoft Outlook does not validate attachment headers properly. An attacker who successfully exploited the vulnerability could send an email with hidden attachments that would be opened or executed once a victim clicks a link within the email.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Review |
|
Other Detections |
AV: Under Review Data Center Security: |
|
ID and Rating |
CAN/CVE ID: CVE-2018-8245 BID: 104405 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft Office Elevation of Privilege Vulnerability |
|
Vulnerability Affects |
Microsoft Publisher 2010 Service Pack 2 (32-bit editions) Microsoft Publisher 2010 Service Pack 2 (64-bit editions)
|
|
Details |
A privilege escalation vulnerability exists when Microsoft Publisher fails to utilize features that lock down the Local Machine zone when instantiating OLE objects. An attacker who successfully exploited the vulnerability could force arbitrary code to be executed in the Local Machine zone.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Review |
|
Other Detections |
AV: Under Review Data Center Security: |
|
ID and Rating |
CAN/CVE ID: CVE-2018-8246 BID: 104322 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft Excel Information Disclosure Vulnerability |
|
Vulnerability Affects |
Microsoft Excel 2010 Service Pack 2 (32-bit editions) Microsoft Excel 2010 Service Pack 2 (64-bit editions) Microsoft Excel 2013 RT Service Pack 1 Microsoft Excel 2013 Service Pack 1 (32-bit editions) Microsoft Excel 2013 Service Pack 1 (64-bit editions) Microsoft Excel 2016 (32-bit editions) Microsoft Excel 2016 (64-bit editions) Microsoft Excel Viewer 2007 Service Pack 3 Microsoft Office 2010 Service Pack 2 (32-bit editions) Microsoft Office 2010 Service Pack 2 (64-bit editions) Microsoft Office 2016 Click-to-Run (C2R) for 32-bit edition Microsoft Office 2016 Click-to-Run (C2R) for 64-bit edition Microsoft Office Compatibility Pack Service Pack 3
|
|
Details |
An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the user’s computer or data.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Review |
|
Other Detections |
AV: Under Review Data Center Security: |
|
ID and Rating |
CAN/CVE ID: CVE-2018-8247 BID: 104319 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft Office Elevation of Privilege Vulnerability |
|
Vulnerability Affects |
Microsoft Office Web Apps Server 2013 SP1 Microsoft Office Online Server |
|
Details |
A privilege escalation vulnerability exists when Office Web Apps Server 2013 and Office Online Server fail to properly handle web requests. An attacker who successfully exploited this vulnerability could perform script/content injection attacks and attempt to trick the user into disclosing sensitive information.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Review |
|
Other Detections |
AV: Under Review Data Center Security: |
|
ID and Rating |
CAN/CVE ID: CVE-2018-8248 BID: 104318 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft Excel Remote Code Execution Vulnerability |
|
Vulnerability Affects |
Microsoft Office 2010 Service Pack 2 (32-bit editions) Microsoft Office 2010 Service Pack 2 (64-bit editions) Microsoft Office 2013 RT Service Pack 1 Microsoft Office 2013 Service Pack 1 (32-bit editions) Microsoft Office 2013 Service Pack 1 (64-bit editions) Microsoft Office 2016 (32-bit edition) Microsoft Office 2016 (64-bit edition) Microsoft Office 2016 Click-to-Run (C2R) for 32-bit edition Microsoft Office 2016 Click-to-Run (C2R) for 64-bit edition
|
|
Details |
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: Exp.CVE-2018-8248 Data Center Security: |
|
ID and Rating |
CAN/CVE ID: CVE-2018-8252 BID: 104317 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft SharePoint Elevation of Privilege Vulnerability |
|
Vulnerability Affects |
Microsoft SharePoint Foundation 2013 SP1 Microsoft SharePoint Enterprise Server 2016 |
|
Details |
A privilege escalation vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Review |
|
Other Detections |
AV: Under Review Data Center Security: |
|
ID and Rating |
CAN/CVE ID: CVE-2018-8254 BID: 104325 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft SharePoint Elevation of Privilege Vulnerability |
|
Vulnerability Affects |
Microsoft SharePoint Foundation 2013 SP1 Microsoft SharePoint Enterprise Server 2016 Microsoft Project Server 2010 Service Pack 2
|
|
Details |
A privilege escalation vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Review |
|
Other Detections |
AV: Under Review Data Center Security: |
|
ID and Rating |
CAN/CVE ID: ADV180015 BID: N/A Microsoft Rating: None |
|
Vulnerability Type |
Microsoft Office Defense in Depth Update |
|
Vulnerability Affects |
Microsoft Office |
|
Details |
See Microsoft.com for details |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Review |
|
Other Detections |
AV: Under Review Data Center Security: |