Symantec product detections for Microsoft monthly Security Bulletins - August 2018
Article ID: 172265
Updated On:
Products
Issue/Introduction
This document describes Symantec product detections for the Microsoft vulnerabilities for which Microsoft releases patches in their monthly Security Bulletins.
Note: Symantec posts this information shortly after it becomes available from Microsoft. Any missing information will be added to the document as it becomes available.
Note: These have been referred to previously as Security Advisories. The language has been updated to Security Bulletins to maintain cadence with Microsoft's terminology
Note: The fields for KB and Bulletin are no longer populated or used by Microsoft, and they no longer appear here as of April 2017
Resolution
|
ID and Rating |
CAN/CVE ID: ADV180020 BID: N/A Microsoft Rating: Critical |
|
Vulnerability Type |
August 2018 Adobe Flash Security Update |
|
Vulnerability Affects |
See Adobe.com for details |
|
Details |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180020 |
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8266 BID: 104977 Microsoft Rating: Critical |
|
Vulnerability Type |
Chakra Scripting Engine Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft Edge Microsoft ChakraCore |
|
Details |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. |
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8273 BID: 104967 Microsoft Rating: Critical |
|
Vulnerability Type |
Microsoft SQL Server Remote Code Execution Vulnerability |
|
Vulnerability Affects |
Microsoft SQL Server 2016 for x64-based Systems Service Pack 1 Microsoft SQL Server 2016 for x64-based Systems Service Pack 2 Microsoft SQL Server 2017 for x64-based Systems |
|
Details |
A buffer overflow vulnerability exists in the Microsoft SQL Server that could allow remote code execution on an affected system. An attacker who successfully exploited this vulnerability could execute code in the context of the SQL Server Database Engine service account.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8302 BID: 104973 Microsoft Rating: Critical |
|
Vulnerability Type |
Microsoft Exchange Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft Exchange Server 2010 SP3 Update Rollup 23 Microsoft Exchange Server 2013 Cumulative Update 20 Microsoft Exchange Server 2013 Cumulative Update 21 Microsoft Exchange Server 2016 Cumulative Update 10 Microsoft Exchange Server 2016 Cumulative Update 9
|
|
Details |
A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the System user.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8338 BID: TBD Microsoft Rating: Critical |
|
Vulnerability Type |
Windows DHCP Server Remote Code Execution Vulnerability |
|
Vulnerability Affects |
TBD |
|
Details |
TBD |
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8344 BID: 104983 Microsoft Rating: Critical |
|
Vulnerability Type |
Microsoft Graphics Remote Code Execution Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016
|
|
Details |
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8345 BID: 105027 Microsoft Rating: Critical |
|
Vulnerability Type |
LNK Remote Code Execution Vulnerability |
|
Vulnerability Affects |
Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows Server 2016 Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows Server 2012 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows Server 1803 Microsoft Windows Server 1709
|
|
Details |
A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a '.LNK' file is processed. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8350 BID: 104985 Microsoft Rating: Critical |
|
Vulnerability Type |
Windows PDF Remote Code Execution Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows Server 1709 Microsoft Windows Server 1803
|
|
Details |
A remote code execution vulnerability exists when Microsoft Windows PDF Library improperly handles objects in memory. The vulnerability could corrupt memory in a way that enables an attacker to execute arbitrary code in the context of the current user.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8355 BID: 104978 Microsoft Rating: Critical |
|
Vulnerability Type |
Chakra Scripting Engine Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft Edge Microsoft ChakraCore
|
|
Details |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Analysis |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8359 BID: 104990 Microsoft Rating: Critical |
|
Vulnerability Type |
Scripting Engine Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft ChakraCore
|
|
Details |
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8371 BID: 105035 Microsoft Rating: Critical |
|
Vulnerability Type |
Scripting Engine Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft Internet Explorer 11 Microsoft Internet Explorer 10 Microsoft Internet Explorer 9
|
|
Details |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8372 BID: 105038 Microsoft Rating: Critical |
|
Vulnerability Type |
Scripting Engine Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft Edge Microsoft Internet Explorer 11 Microsoft Internet Explorer 10 Microsoft Internet Explorer 9 Microsoft ChakraCore
|
|
Details |
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Analysis |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8373 BID: 105037 Microsoft Rating: Critical |
|
Vulnerability Type |
Scripting Engine Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft Internet Explorer 11 Microsoft Internet Explorer 10 Microsoft Internet Explorer 9
|
|
Details |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: Exp.CVE-2018-8373
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8377 BID: 105020 Microsoft Rating: Critical |
|
Vulnerability Type |
Microsoft Edge Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft Edge
|
|
Details |
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. This vulnerability may corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8380 BID: 104979 Microsoft Rating: Critical |
|
Vulnerability Type |
Chakra Scripting Engine Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft Edge Microsoft ChakraCore
|
|
Details |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8381 BID: 104980 Microsoft Rating: Critical |
|
Vulnerability Type |
Chakra Scripting Engine Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft Edge Microsoft ChakraCore
|
|
Details |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8384 BID: 104981 Microsoft Rating: Critical |
|
Vulnerability Type |
Chakra Scripting Engine Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft ChakraCore
|
|
Details |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8385 BID: 105039 Microsoft Rating: Critical |
|
Vulnerability Type |
Scripting Engine Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft Edge Microsoft Internet Explorer 11 Microsoft Internet Explorer 10 Microsoft Internet Explorer 9 Microsoft ChakraCore
|
|
Details |
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8387 BID: 105021 Microsoft Rating: Critical |
|
Vulnerability Type |
Microsoft Edge Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft Edge |
|
Details |
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. This vulnerability may corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8390 BID: 105041 Microsoft Rating: Critical |
|
Vulnerability Type |
Scripting Engine Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft Edge Microsoft ChakraCore
|
|
Details |
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8397 BID: 104994 Microsoft Rating: Critical |
|
Vulnerability Type |
GDI+ Remote Code Execution Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1
|
|
Details |
A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8403 BID: 105033 Microsoft Rating: Critical |
|
Vulnerability Type |
Microsoft Browser Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft Edge Microsoft Internet Explorer 11 Microsoft Internet Explorer 10
|
|
Details |
A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: ADV180018 BID: 105080 Microsoft Rating: Important |
|
Vulnerability Type |
Guidance to mitigate L1TF variant |
|
Vulnerability Affects |
Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1703 for 32-bit Systems Windows 10 Version 1703 for x64-based Systems Windows 10 Version 1709 for 32-bit Systems Windows 10 Version 1709 for 64-based Systems Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for x64-based Systems Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows RT 8.1 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2012 Windows Server 2012 R2 Windows Server 2016 Windows Server 1709 Windows Server 1803 Intel Software Guard Extensions (SGX) Intel Operating System (OS) Intel System Management Mode (SMM) Intel Virtual Machine Manager (VMM) Intel Core i3 processor Intel Core i5 processor Intel Core i7 processor Intel Core M processor family Intel 2nd generation Core processors Intel 3rd generation Core processors Intel 4th generation Core processors Intel 5th generation Core processors Intel 6th generation Core processors Intel 7th generation Core processors Intel 8th generation Core processors Intel Core X-series Processor Family for Intel X99 platforms Intel Core X-series Processor Family for Intel X299 platforms Intel Xeon processor 3400 series Intel Xeon processor 3600 series Intel Xeon processor 5500 series Intel Xeon processor 5600 series Intel Xeon processor 6500 series Intel Xeon processor 7500 series Intel Xeon Processor E3 Family Intel Xeon Processor E3 v2 Family Intel Xeon Processor E3 v3 Family Intel Xeon Processor E3 v4 Family Intel Xeon Processor E3 v5 Family Intel Xeon Processor E3 v6 Family Intel Xeon Processor E5 Family Intel Xeon Processor E5 v2 Family Intel Xeon Processor E5 v3 Family Intel Xeon Processor E5 v4 Family Intel Xeon Processor E7 Family Intel Xeon Processor E7 v2 Family Intel Xeon Processor E7 v3 Family Intel Xeon Processor E7 v4 Family Intel Xeon Processor Scalable Family Intel Xeon Processor D-1500 Intel Xeon Processor D-2100
|
|
Details |
Speculative execution side-channel vulnerabilities such as L1 Terminal Fault (L1TF) can be used to read the content of memory across a trusted boundary and if exploited, can lead to information disclosure.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: ADV180022 BID: N/A Microsoft Rating: Important |
|
Vulnerability Type |
Windows Denial of Service Vulnerability |
|
Vulnerability Affects |
Microsoft Windows |
|
Details |
See https://portal.msrc.microsoft.com/en-us/security-guidance
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-0952 BID: 105048 Microsoft Rating: Important |
|
Vulnerability Type |
DiagN/Astic Hub Standard Collector Elevation Of Privilege Vulnerability |
|
Vulnerability Affects |
Microsoft Visual Studio 2017 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 1709 Microsoft Windows Server 1803
|
|
Details |
A privilege escalation vulnerability exists when Diagnostics Hub Standard Collector allows file creation in arbitrary locations. To exploit the vulnerability, an attacker would first have to log on to the system.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8200 BID: 105007 Microsoft Rating: Important |
|
Vulnerability Type |
Device Guard Code Integrity Policy Security Feature Bypass Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 1709 Microsoft Windows Server 1803
|
|
Details |
A security bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session. An attacker who successfully exploited this vulnerability could inject code into a trusted PowerShell process to bypass the Device Guard Code Integrity policy on the local machine.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8204 BID: 105008 Microsoft Rating: Important |
|
Vulnerability Type |
Device Guard Code Integrity Policy Security Feature Bypass Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 1709 Microsoft Windows Server 1803
|
|
Details |
A security bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session. An attacker who successfully exploited this vulnerability could inject code into a trusted PowerShell process to bypass the Device Guard Code Integrity policy on the local machine.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8253 BID: 105009 Microsoft Rating: Important |
|
Vulnerability Type |
Cortana Elevation of Privilege Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016
|
|
Details |
A privilege escalation vulnerability exists when Cortana allows arbitrary website browsing on the lockscreen. An attacker who successfully exploited the vulnerability could steal browser stored passwords or log on to websites as another user.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8316 BID: 105013 Microsoft Rating: Important |
|
Vulnerability Type |
Internet Explorer Remote Code Execution Vulnerability |
|
Vulnerability Affects |
Microsoft Internet Explorer 10 Microsoft Internet Explorer 11 Microsoft Internet Explorer 9
|
|
Details |
A remote code execution vulnerability exists when Internet Explorer improperly validates hyperlinks before loading executable libraries. An attacker who successfully exploited this vulnerability could take control of an affected system. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8339 BID: 105030 Microsoft Rating: Important |
|
Vulnerability Type |
Windows Installer Elevation of Privilege Vulnerability |
|
Vulnerability Affects |
Microsoft Windows Server 2016 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows RT 8.1 Microsoft Windows 8.1 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows Server 1709 Microsoft Windows Server 1803
|
|
Details |
A privilege escalation vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior. A locally authenticated attacker could run arbitrary code with elevated system privileges.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8340 BID: 105029 Microsoft Rating: Important |
|
Vulnerability Type |
AD FS Security Feature Bypass Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 1709 Microsoft Windows Server 1803
|
|
Details |
A security bypass vulnerability exists when Active Directory Federation Services (AD FS) improperly handles multi-factor authentication requests. To exploit this vulnerability, an attacker could send a specially crafted authentication request.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8341 BID: 104987 Microsoft Rating: Important |
|
Vulnerability Type |
Windows Kernel Information Disclosure Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for 64-bit Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016
|
|
Details |
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8342 BID: 104975 Microsoft Rating: Important |
|
Vulnerability Type |
Windows NDIS Elevation of Privilege Vulnerability |
|
Vulnerability Affects |
Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 7 for 32-bit Systems SP1
|
|
Details |
A privilege escalation vulnerability exists in the Network Driver Interface Specification (NDIS) when 'ndis.sys' fails to check the length of a buffer prior to copying memory to it.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8343 BID: 104982 Microsoft Rating: Important |
|
Vulnerability Type |
Windows NDIS Elevation of Privilege Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016
|
|
Details |
A privilege escalation vulnerability exists in the Network Driver Interface Specification (NDIS) when 'ndis.sys' fails to check the length of a buffer prior to copying memory to it.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8346 BID: 105028 Microsoft Rating: Important |
|
Vulnerability Type |
LNK Remote Code Execution Vulnerability |
|
Vulnerability Affects |
Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 7 for 32-bit Systems SP1
|
|
Details |
A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a '.LNK' file is processed. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8347 BID: 104988 Microsoft Rating: Important |
|
Vulnerability Type |
Windows Kernel Elevation of Privilege Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows Server 2016
|
|
Details |
A privilege escalation vulnerability exists in Microsoft Windows when the Windows kernel fails to properly handle parsing of certain symbolic links. An attacker who successfully exploited this vulnerability could potentially access privileged registry keys and thereby elevate permissions.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8348 BID: 104992 Microsoft Rating: Important |
|
Vulnerability Type |
Windows Kernel Information Disclosure Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for 64-bit Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016
|
|
Details |
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8349 BID: 104984 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft COM for Windows Remote Code Execution Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 1709 Microsoft Windows Server 1803
|
|
Details |
A remote code execution vulnerability exists in "Microsoft COM for Windows" when it fails to properly handle serialized objects. An attacker who successfully exploited the vulnerability could use a specially crafted file or script to perform actions.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8351 BID: 105015 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft Edge Information Disclosure Vulnerability |
|
Vulnerability Affects |
Microsoft Edge Microsoft Internet Explorer 10 Microsoft Internet Explorer 11
|
|
Details |
An information disclosure vulnerability exists when the Microsoft Edge Fetch API incorrectly handles a filtered response type. An attacker could use the vulnerability to read the URL of a cross-origin request. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8353 BID: 105034 Microsoft Rating: Important |
|
Vulnerability Type |
Scripting Engine Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft Internet Explorer 11 Microsoft Internet Explorer 10 Microsoft Internet Explorer 9
|
|
Details |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8357 BID: 105022 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft Browser Elevation of Privilege Vulnerability |
|
Vulnerability Affects |
Microsoft Edge Microsoft Internet Explorer 11
|
|
Details |
A privilege escalation vulnerability exists in Microsoft browsers allowing sandbox escape. An attacker who successfully exploited the vulnerability could use the sandbox escape to elevate privileges on an affected system. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8358 BID: 105017 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft Browser Security Feature Bypass Vulnerability |
|
Vulnerability Affects |
Microsoft Edge
|
|
Details |
A security bypass vulnerability exists when Microsoft browsers improperly handle redirect requests. The vulnerability allows Microsoft browsers to bypass CORS redirect restrictions, and to follow redirect requests that should otherwise be ignored. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8360 BID: 104986 Microsoft Rating: Important |
|
Vulnerability Type |
.NET Framework Information Disclosure Vulnerability |
|
Vulnerability Affects |
Microsoft .NET Framework 2.0 Microsoft .NET Framework 3.0 Microsoft .NET Framework 3.5 Microsoft .NET Framework 3.5.1 Microsoft .NET Framework 4.5.2 Microsoft .NET Framework 4.6 Microsoft .NET Framework 4.6.1 Microsoft .NET Framework 4.6.2 Microsoft .NET Framework 4.7.2
|
|
Details |
An information disclosure vulnerability exists in Microsoft . NET Framework that could allow an attacker to access information in multi-tenant environments.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8370 BID: 105019 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft Edge Information Disclosure Vulnerability |
|
Vulnerability Affects |
Microsoft Edge
|
|
Details |
A information disclosure vulnerability exists when WebAudio Library improperly handles audio requests. An attacker who has successfully exploited this vulnerability might be able to read privileged data across trust boundaries. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8375 BID: 104989 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft Excel Remote Code Execution Vulnerability |
|
Vulnerability Affects |
Microsoft Office 2016 Click-to-Run (C2R) for 64-bit edition Microsoft Office 2016 Click-to-Run (C2R) for 32-bit edition Microsoft Office 2016 (64-bit edition) Microsoft Office 2016 (32-bit edition) Microsoft Office 2013 Service Pack 1 (64-bit editions) Microsoft Office 2013 Service Pack 1 (32-bit editions) Microsoft Office 2013 RT Service Pack 1 Microsoft Office 2010 Service Pack 2 (64-bit editions) Microsoft Office 2010 Service Pack 2 (32-bit editions) Microsoft Excel 2016 for Mac Microsoft Excel Viewer 2007 Service Pack 3 Microsoft Office Compatibility Pack Service Pack 3
|
|
Details |
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8376 BID: 104991 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft PowerPoint Remote Code Execution Vulnerability |
|
Vulnerability Affects |
Microsoft PowerPoint 2010 Service Pack 2 (32-bit editions) Microsoft PowerPoint 2010 Service Pack 2 (64-bit editions)
|
|
Details |
A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8378 BID: 104996 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft Office Information Disclosure Vulnerability |
|
Vulnerability Affects |
Microsoft Excel Viewer 2007 Service Pack 3 Microsoft Office 2010 Service Pack 2 (32-bit editions) Microsoft Office 2010 Service Pack 2 (64-bit editions) Microsoft Office 2013 RT Service Pack 1 Microsoft Office 2013 Service Pack 1 (32-bit editions) Microsoft Office 2013 Service Pack 1 (64-bit editions) Microsoft Office 2016 (32-bit edition) Microsoft Office 2016 (64-bit edition) Microsoft Office 2016 Click-to-Run (C2R) for 32-bit edition Microsoft Office 2016 Click-to-Run (C2R) for 64-bit edition Microsoft Office Compatibility Pack Service Pack 3 Microsoft Office Web Apps 2013 SP1 Microsoft Office Word Viewer Microsoft PowerPoint Viewer 2007 Microsoft SharePoint Enterprise Server 2013 Service Pack 1 Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Server 2013 SP1
|
|
Details |
An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory. An attacker who successfully exploited the vulnerability could view out of bound memory.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8379 BID: 104997 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft Excel Remote Code Execution Vulnerability |
|
Vulnerability Affects |
Microsoft Excel 2016 Click-to-Run (C2R) for 32-bit edition Microsoft Excel 2016 Click-to-Run (C2R) for 64-bit edition Microsoft Excel 2010 Service Pack 2 (32-bit editions) Microsoft Excel 2010 Service Pack 2 (64-bit editions) Microsoft Excel 2013 RT Service Pack 1 Microsoft Excel 2013 Service Pack 1 (32-bit editions) Microsoft Excel 2013 Service Pack 1 (64-bit editions) Microsoft Excel 2016 (32-bit editions) Microsoft Excel 2016 (64-bit editions)
|
|
Details |
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8382 BID: 105000 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft Excel Information Disclosure Vulnerability |
|
Vulnerability Affects |
Microsoft Excel 2016 Click-to-Run (C2R) for 32-bit edition Microsoft Excel 2016 Click-to-Run (C2R) for 64-bit edition Microsoft Excel 2010 Service Pack 2 (32-bit editions) Microsoft Excel 2010 Service Pack 2 (64-bit editions) Microsoft Excel 2013 RT Service Pack 1 Microsoft Excel 2013 Service Pack 1 (32-bit editions) Microsoft Excel 2013 Service Pack 1 (64-bit editions) Microsoft Excel 2016 (32-bit editions) Microsoft Excel 2016 (64-bit editions) Microsoft Excel 2016 for Mac Microsoft Excel Viewer 2007 Service Pack 3 Microsoft Office Compatibility Pack Service Pack 3
|
|
Details |
An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the user’s computer or data.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8383 BID: 105024 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft Edge Spoofing Vulnerability |
|
Vulnerability Affects |
Microsoft Edge
|
|
Details |
A spoofing vulnerability exists when Microsoft Edge does not properly parse HTTP content. An attacker who successfully exploited this vulnerability could trick a user by redirecting the user to a specially crafted website. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8389 BID: 105036 Microsoft Rating: Important |
|
Vulnerability Type |
Scripting Engine Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft Internet Explorer 11 Microsoft Internet Explorer 10 Microsoft Internet Explorer 9
|
|
Details |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8394 BID: 105001 Microsoft Rating: Important |
|
Vulnerability Type |
Windows GDI Information Disclosure Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016
|
|
Details |
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8396 BID: 105002 Microsoft Rating: Important |
|
Vulnerability Type |
Windows GDI Information Disclosure Vulnerability |
|
Vulnerability Affects |
Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP
|
|
Details |
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8398 BID: 104995 Microsoft Rating: Important |
|
Vulnerability Type |
Windows GDI Information Disclosure Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for 64-bit Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016
|
|
Details |
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8399 BID: 104998 Microsoft Rating: Important |
|
Vulnerability Type |
Win32k Elevation of Privilege Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems
|
|
Details |
A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8400 BID: 105005 Microsoft Rating: Important |
|
Vulnerability Type |
DirectX Graphics Kernel Elevation of Privilege Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems
|
|
Details |
A privilege escalation vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8401 BID: 105006 Microsoft Rating: Important |
|
Vulnerability Type |
DirectX Graphics Kernel Elevation of Privilege Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 1709 Microsoft Windows Server 1803
|
|
Details |
A privilege escalation vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8404 BID: 104999 Microsoft Rating: Important |
|
Vulnerability Type |
Win32k Elevation of Privilege Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for 64-bit Systems Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016
|
|
Details |
A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8405 BID: 105011 Microsoft Rating: Important |
|
Vulnerability Type |
DirectX Graphics Kernel Elevation of Privilege Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016
|
|
Details |
A privilege escalation vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8406 BID: 105012 Microsoft Rating: Important |
|
Vulnerability Type |
DirectX Graphics Kernel Elevation of Privilege Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows Server 2016
|
|
Details |
A privilege escalation vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8412 BID: 105014 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft (MAU) Office Elevation of Privilege Vulnerability |
|
Vulnerability Affects |
Microsoft Office 2016 for Mac
|
|
Details |
A privilege escalation vulnerability exists when the Microsoft AutoUpdate (MAU) application for Mac improperly validates updates before executing them. An attacker who successfully exploited the vulnerability who already has the ability to execute code on a system could elevate privileges.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8414 BID: 105016 Microsoft Rating: Important |
|
Vulnerability Type |
Windows Shell Remote Code Execution Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems
|
|
Details |
A remote code execution vulnerability exists when the Windows Shell does not properly validate file paths. An attacker who successfully exploited this vulnerability could run arbitrary code in the context of the current user.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Web Attack: Microsoft Windows RCE CVE-2018-8414 |
|
Other Detections |
AV: Exp.CVE-2018-8414
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8388 BID: 105025 Microsoft Rating: Low |
|
Vulnerability Type |
Microsoft Edge Spoofing Vulnerability |
|
Vulnerability Affects |
Microsoft Edge
|
|
Details |
A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content. An attacker who successfully exploited this vulnerability could trick a user into believing that the user was on a legitimate website. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8374 BID: 104993 Microsoft Rating: Moderate |
|
Vulnerability Type |
Microsoft Exchange Server Tampering Vulnerability |
|
Vulnerability Affects |
Microsoft Exchange Server 2016 Cumulative Update 10 Microsoft Exchange Server 2016 Cumulative Update 9
|
|
Details |
A tampering vulnerability exists when Microsoft Exchange Server fails to properly handle profile data. An attacker who successfully exploited this vulnerability could modify a targeted user's profile data.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: ADV180021 BID: N/A Microsoft Rating: None |
|
Vulnerability Type |
Microsoft Office Defense in Depth Update |
|
Vulnerability Affects |
Office Update |
|
Details |
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
Feedback
