Symantec product detections for Microsoft monthly Security Bulletins - September 2018
Article ID: 172442
Updated On:
Products
Issue/Introduction
This document describes Symantec product detections for the Microsoft vulnerabilities for which Microsoft releases patches in their monthly Security Bulletins.
Note: Symantec posts this information shortly after it becomes available from Microsoft. Any missing information will be added to the document as it becomes available.
Note: These have been referred to previously as Security Advisories. The language has been updated to Security Bulletins to maintain cadence with Microsoft's terminology
Note: The fields for KB and Bulletin are no longer populated or used by Microsoft, and they no longer appear here as of April 2017
Resolution
|
ID and Rating |
CAN/CVE ID: ADV180023 BID: N/A Microsoft Rating: Critical |
|
Vulnerability Type |
September 2018 Adobe Flash Security Update |
|
Vulnerability Affects |
See Adobe.com |
|
Details |
See Adobe.com |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-0965 BID: 105229 Microsoft Rating: Critical |
|
Vulnerability Type |
Windows Hyper-V Remote Code Execution Vulnerability |
|
Vulnerability Affects |
Microsoft Windows Server 1803 Microsoft Windows Server 1709 Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Hyper-V
|
|
Details |
A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause the Hyper-V host operating system to execute arbitrary code. An attacker who successfully exploited the vulnerability could execute arbitrary code on the host operating system.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8332 BID: 105248 Microsoft Rating: Critical |
|
Vulnerability Type |
Win32k Graphics Remote Code Execution Vulnerability |
|
Vulnerability Affects |
Microsoft Office 2016 Click-to-Run (C2R) for 32-bit edition Microsoft Office 2016 Click-to-Run (C2R) for 64-bit edition Microsoft Office 2016 for Mac Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for 64-bit Systems Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 1709 Microsoft Windows Server 1803
|
|
Details |
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited this vulnerability could take control of the affected system.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8367 BID: 105245 Microsoft Rating: Critical |
|
Vulnerability Type |
Chakra Scripting Engine Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft ChakraCore Microsoft Edge
|
|
Details |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8391 BID: 105231 Microsoft Rating: Critical |
|
Vulnerability Type |
Scripting Engine Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft ChakraCore
|
|
Details |
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8420 BID: 105259 Microsoft Rating: Critical |
|
Vulnerability Type |
MS XML Remote Code Execution Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for 64-bit Systems Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 1709 Microsoft Windows Server 1803 Microsoft Windows RT 8.1
|
|
Details |
A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input. An attacker who successfully exploited the vulnerability could run malicious code remotely to take control of the user’s system. To exploit the vulnerability, an attacker could host a specially crafted website designed to invoke MSXML through a web browser.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Web Attack: Microsoft XML Core Services RCE CVE-2018-8420 |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8421 BID: 105222 Microsoft Rating: Critical |
|
Vulnerability Type |
.NET Framework Remote Code Execution Vulnerability |
|
Vulnerability Affects |
A remote code execution vulnerability exists when Microsoft .NET Framework processes untrusted input. An attacker can exploit this issue using the .NET framework to take control of an affected system.
|
|
Details |
A remote code execution vulnerability exists when Microsoft .NET Framework processes untrusted input. An attacker can exploit this issue using the .NET framework to take control of an affected system.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8439 BID: 105233 Microsoft Rating: Critical |
|
Vulnerability Type |
Windows Hyper-V Remote Code Execution Vulnerability |
|
Vulnerability Affects |
Microsoft Windows Server 1803 Microsoft Windows Server 1709 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Hyper-V
|
|
Details |
A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause the Hyper-V host operating system to execute arbitrary code. An attacker who successfully exploited the vulnerability could execute arbitrary code on the host operating system.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8447 BID: 105257 Microsoft Rating: Critical |
|
Vulnerability Type |
Internet Explorer Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft Internet Explorer 11 Microsoft Internet Explorer 9 Microsoft Internet Explorer 10
|
|
Details |
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8456 BID: 105227 Microsoft Rating: Critical |
|
Vulnerability Type |
Scripting Engine Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft ChakraCore Microsoft Edge
|
|
Details |
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Web Attack: Microsoft Edge CVE-2018-8456 |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8457 BID: 105207 Microsoft Rating: Critical |
|
Vulnerability Type |
Scripting Engine Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft Edge Microsoft Internet Explorer 10 Microsoft Internet Explorer 11
|
|
Details |
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8459 BID: 105230 Microsoft Rating: Critical |
|
Vulnerability Type |
Scripting Engine Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft ChakraCore Microsoft Edge
|
|
Details |
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8461 BID: 105258 Microsoft Rating: Critical |
|
Vulnerability Type |
Internet Explorer Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft Internet Explorer 11
|
|
Details |
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8464 BID: 105265 Microsoft Rating: Critical |
|
Vulnerability Type |
Microsoft Edge PDF Remote Code Execution Vulnerability |
|
Vulnerability Affects |
Microsoft Edge
|
|
Details |
An remote code execution vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8465 BID: 105242 Microsoft Rating: Critical |
|
Vulnerability Type |
Chakra Scripting Engine Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft ChakraCore Microsoft Edge
|
|
Details |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8466 BID: 105243 Microsoft Rating: Critical |
|
Vulnerability Type |
Chakra Scripting Engine Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft ChakraCore Microsoft Edge
|
|
Details |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Web Attack: MSEDGE CVE-2018-8296 |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8467 BID: 105244 Microsoft Rating: Critical |
|
Vulnerability Type |
Chakra Scripting Engine Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft ChakraCore Microsoft Edge
|
|
Details |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Web Attack: MSEDGE CVE-2018-8296 |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8475 BID: 105277 Microsoft Rating: Critical |
|
Vulnerability Type |
Windows Remote Code Execution Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for 64-bit Systems Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 1709 Microsoft Windows Server 1803 Microsoft Windows RT 8.1
|
|
Details |
A remote code execution vulnerability exists when Windows image file loading functionality does not properly handle malformed image files. An attacker who successfully exploited the vulnerability could execute arbitrary code. To exploit the vulnerability, an attacker would have to convince a user to load a malformed image file from either a webpage or an email message.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: ADV180022 BID: N/A Microsoft Rating: Important |
|
Vulnerability Type |
Windows Denial of Service Vulnerability |
|
Vulnerability Affects |
See Microsoft.com |
|
Details |
See Microsoft.com |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8269 BID: 105322 Microsoft Rating: Important |
|
Vulnerability Type |
OData Denial of Service Vulnerability |
|
Vulnerability Affects |
Microsoft OData |
|
Details |
A denial of service vulnerability exists when OData Library improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against an OData web application. A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to the OData application.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8271 BID: 105247 Microsoft Rating: Important |
|
Vulnerability Type |
Windows Information Disclosure Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for 64-bit Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 1709 Microsoft Windows Server 1803
|
|
Details |
An information disclosure vulnerability exists in Windows when the Windows bowser.sys kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could potentially disclose contents of System memory. To exploit this vulnerability, an attacker would have to log on to the system first and then run a specially crafted application in user mode.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8315 BID: 105251 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft Scripting Engine Information Disclosure Vulnerability |
|
Vulnerability Affects |
Microsoft Edge Microsoft Internet Explorer 10 Microsoft Internet Explorer 11 Microsoft ChakraCore
|
|
Details |
An information disclosure vulnerability exists when the browser scripting engine improperly handle object types. An attacker who has successfully exploited this vulnerability might be able to read privileged data across trust boundaries. In browsing scenarios, an attacker could convince a user to visit a malicious site and leverage the vulnerability to obtain privileged information from the browser process, such as sensitive data from other opened tabs. An attacker could also inject malicious code into advertising networks used by trusted sites or embed malicious code on a compromised, but trusted, site.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8331 BID: 105206 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft Excel Remote Code Execution Vulnerability |
|
Vulnerability Affects |
Microsoft Office 2016 Click-to-Run (C2R) for 32-bit edition Microsoft Office 2016 Click-to-Run (C2R) for 64-bit edition Microsoft Office 2016 for Mac
|
|
Details |
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8335 BID: 105224 Microsoft Rating: Important |
|
Vulnerability Type |
Windows SMB Denial of Service Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 1709 Microsoft Windows Server 1803
|
|
Details |
A denial of service vulnerability exists in the Microsoft Server Block Message (SMB) when an attacker sends specially crafted requests to the server. An attacker who exploited this vulnerability could cause the affected system to crash. To attempt to exploit this issue, an attacker would need to send specially crafted SMB requests to the target system.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8336 BID: 105246 Microsoft Rating: Important |
|
Vulnerability Type |
Windows Kernel Information Disclosure Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 1709 Microsoft Windows Server 1803 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2
|
|
Details |
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system. An authenticated attacker could exploit this vulnerability by running a specially crafted application.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8337 BID: 105250 Microsoft Rating: Important |
|
Vulnerability Type |
Windows Subsystem for Linux Security Feature Bypass Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows Server 1709
|
|
Details |
A security feature bypass vulnerability exists when Windows Subsystem for Linux improperly handles case sensitivity. An attacker who successfully exploited this vulnerability could replace or delete abitrary files as a low privilege user. An attacker could exploit this vulnerability by running a specially crafted application.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8354 BID: 105232 Microsoft Rating: Important |
|
Vulnerability Type |
Scripting Engine Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft ChakraCore Microsoft Edge
|
|
Details |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8361 BID: 105235 Microsoft Rating: Important |
|
Vulnerability Type |
Windows Hyper-V Denial of Service Vulnerability |
|
Vulnerability Affects |
Microsoft Hyper-V Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows Server 1709 Microsoft Windows Server 1803 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1
|
|
Details |
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application that causes a host machine to crash.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8366 BID: 105253 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft Edge Information Disclosure Vulnerability |
|
Vulnerability Affects |
Microsoft Edge
|
|
Details |
An information disclosure vulnerability exists when the Microsoft Edge Fetch API incorrectly handles a filtered response type. An attacker could use the vulnerability to read the URL of a cross-origin request. Websites that that do not securely populate the URL with confidential information could allow information to be disclosed to an attacker.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8392 BID: 105213 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft JET Database Engine Remote Code Execution Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows Server 1803 Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows Server 2016 Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows Server 2012 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows Server 1709
|
|
Details |
A buffer overflow vulnerability exists in the Microsoft JET Database Engine that could allow remote code execution on an affected system. An attacker who successfully exploited this vulnerability could take control of an affected system.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8393 BID: 105214 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft JET Database Engine Remote Code Execution Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows Server 1803 Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows Server 2016 Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows Server 2012 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows Server 1709
|
|
Details |
A buffer overflow vulnerability exists in the Microsoft JET Database Engine that could allow remote code execution on an affected system. An attacker who successfully exploited this vulnerability could take control of an affected system.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8409 BID: 105223 Microsoft Rating: Important |
|
Vulnerability Type |
ASP.NET Core Denial of Service |
|
Vulnerability Affects |
Microsoft ASP.NET Core 1.0 Microsoft ASP.NET Core 1.1 Microsoft ASP.NET Core 2.0
|
|
Details |
A denial of service vulnerability exists when ASP.NET Core improperly handles web requests. An attacker can exploit this issue to cause a denial of service against a ASP.NET Core web application. The vulnerability can be exploited remotely, without authentication.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8410 BID: 105256 Microsoft Rating: Important |
|
Vulnerability Type |
Windows Registry Elevation of Privilege Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for 64-bit Systems Microsoft Windows RT Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 1803
|
|
Details |
An elevation of privilege vulnerability exists when the Windows Kernel API improperly handles registry objects in memory. An attacker who successfully exploited the vulnerability could gain elevated privileges on a targeted system. A locally authenticated attacker could exploit this vulnerability by running a specially crafted application.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8419 BID: 105238 Microsoft Rating: Important |
|
Vulnerability Type |
Windows Kernel Information Disclosure Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2016 Microsoft Windows Server 1709 Microsoft Windows Server 1803
|
|
Details |
An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8423 BID: 105216 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft JET Database Engine Remote Code Execution Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows Server 1709 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows RT 8.1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for x64-based Systems Microsoft Windows 10 version 1511 for 32-bit Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows Server 1803 Microsoft Windows 10 Version 1803 for x64-based Systems
|
|
Details |
A buffer overflow vulnerability exists in the Microsoft JET Database Engine that could allow remote code execution on an affected system. An attacker who successfully exploited this vulnerability could take control of an affected system.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8424 BID: 105261 Microsoft Rating: Important |
|
Vulnerability Type |
Windows GDI Information Disclosure Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 1709 Microsoft Windows Server 1803
|
|
Details |
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8425 BID: 105255 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft Edge Spoofing Vulnerability |
|
Vulnerability Affects |
Microsoft Edge
|
|
Details |
A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content. An attacker who successfully exploited this vulnerability could trick a user into believing that the user was on a legitimate website. The specially crafted website could either spoof content or serve as a pivot to chain an attack with other vulnerabilities in web services.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8426 BID: 105208 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft Office SharePoint XSS Vulnerability |
|
Vulnerability Affects |
Microsoft SharePoint Enterprise Server 2013 Service Pack 1 Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Server 2010 SP2
|
|
Details |
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8428 BID: 105209 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft SharePoint Elevation of Privilege Vulnerability |
|
Vulnerability Affects |
Microsoft SharePoint Enterprise Server 2013 Service Pack 1 Microsoft SharePoint Enterprise Server 2016
|
|
Details |
An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8429 BID: 105219 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft Excel Information Disclosure Vulnerability |
|
Vulnerability Affects |
Microsoft Excel 2010 Service Pack 2 (32-bit editions) Microsoft Excel 2010 Service Pack 2 (64-bit editions) Microsoft Excel 2013 RT Service Pack 1 Microsoft Excel 2013 Service Pack 1 (32-bit editions) Microsoft Excel 2013 Service Pack 1 (64-bit editions) Microsoft Excel 2016 (32-bit editions) Microsoft Excel 2016 (64-bit editions) Microsoft Excel Viewer 2007 Service Pack 3 Microsoft Office Compatibility Pack Service Pack 3 Microsoft Office 2016 for Mac Microsoft Office 2016 Click-to-Run (C2R) for 32-bit edition Microsoft Office 2016 Click-to-Run (C2R) for 64-bit edition
|
|
Details |
An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory. An attacker who exploited the vulnerability could access information previously deleted from the active worksheet. To exploit the vulnerability, an attacker could craft a special document file and then convince the user to open it.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8430 BID: 105212 Microsoft Rating: Important |
|
Vulnerability Type |
Word PDF Remote Code Execution Vulnerability |
|
Vulnerability Affects |
Microsoft Office 2016 Click-to-Run (C2R) for 32-bit edition Microsoft Office 2016 Click-to-Run (C2R) for 64-bit edition Microsoft Word 2013 RT Service Pack 1 Microsoft Word 2013 Service Pack 1 (32-bit editions) Microsoft Word 2013 Service Pack 1 (64-bit editions) Microsoft Word 2016 (32-bit edition) Microsoft Word 2016 (64-bit edition)
|
|
Details |
A remote code execution vulnerability exists in Microsoft Word 2013 and Microsoft Word 2016 if a user opens a specially crafted PDF file. An attacker who successfully exploited the vulnerability could cause arbitrary code to execute in the context of the current user. To exploit the vulnerability, an attacker must entice the user to open a specially crafted PDF file.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8431 BID: 105221 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft SharePoint Elevation of Privilege Vulnerability |
|
Vulnerability Affects |
Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Enterprise Server 2013 Service Pack 1 Microsoft SharePoint Server 2010 SP2
|
|
Details |
An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8433 BID: 105264 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft Graphics Component Information Disclosure Vulnerability |
|
Vulnerability Affects |
|
|
Details |
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8434 BID: 105239 Microsoft Rating: Important |
|
Vulnerability Type |
Windows Hyper-V Information Disclosure Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for 64-bit Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 1709 Microsoft Windows Server 1803
|
|
Details |
An information disclosure vulnerability exists when the Windows Graphics component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system. An authenticated attacker could exploit this vulnerability by running a specially crafted application.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8435 BID: 105240 Microsoft Rating: Important |
|
Vulnerability Type |
Windows Hyper-V Security Feature Bypass Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows Server 1709 Microsoft Windows Server 1803 Microsoft Windows Server 2016 Microsoft Hyper-V
|
|
Details |
A security feature bypass vulnerability exists when Windows Hyper-V BIOS loader fails to provide a high-entropy source. To exploit this vulnerability, an attacker would need to reboot a guest virtual machine numerous times until the vulnerability is triggered.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8436 BID: 105236 Microsoft Rating: Important |
|
Vulnerability Type |
Windows Hyper-V Denial of Service Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows Server 1803 Microsoft Hyper-V
|
|
Details |
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application that causes a host machine to crash.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8437 BID: 105237 Microsoft Rating: Important |
|
Vulnerability Type |
Windows Hyper-V Denial of Service Vulnerability |
|
Vulnerability Affects |
Microsoft Hyper-V Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows Server 1803
|
|
Details |
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application that causes a host machine to crash. |
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8438 BID: 105249 Microsoft Rating: Important |
|
Vulnerability Type |
Windows Denial of Service Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for 64-bit Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 1709 Microsoft Windows Server 1803
|
|
Details |
A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8440 BID: 105153 Microsoft Rating: Important |
|
Vulnerability Type |
Windows ALPC Elevation of Privilege Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for 64-bit Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Windows Server, version 1709 Windows Server, version 1803
|
|
Details |
An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC). An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8441 BID: 105271 Microsoft Rating: Important |
|
Vulnerability Type |
Windows Subsystem for Linux Elevation of Privilege Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows Server 1803
|
|
Details |
An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8442 BID: 105234 Microsoft Rating: Important |
|
Vulnerability Type |
Windows Kernel Information Disclosure Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 1709 Microsoft Windows Server 1803 Microsoft Windows 8.1 for 64-bit Systems Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2
|
|
Details |
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system. An authenticated attacker could exploit this vulnerability by running a specially crafted application.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8443 BID: 105228 Microsoft Rating: Important |
|
Vulnerability Type |
Windows Kernel Information Disclosure Vulnerability |
|
Vulnerability Affects |
Microsoft Windows Server 1803 Microsoft Windows Server 1709 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows Server 2016 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows RT 8.1 Microsoft Windows 8.1 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 8.1 for 64-bit Systems Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 x64 SP1
|
|
Details |
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system. An authenticated attacker could exploit this vulnerability by running a specially crafted application.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8444 BID: 105226 Microsoft Rating: Important |
|
Vulnerability Type |
Windows SMB Information Disclosure Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2
|
|
Details |
An information disclosure vulnerability exists in the way that the Microsoft Server Message Block 2.0 (SMBv2) server handles certain requests. An attacker who successfully exploited this vulnerability could craft a special packet, which could lead to information disclosure from the server. To exploit the vulnerability, in most situations, an unauthenticated attacker could send a specially crafted packet to a targeted SMBv2 server.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8445 BID: 105225 Microsoft Rating: Important |
|
Vulnerability Type |
Windows Kernel Information Disclosure Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows Server 1803
|
|
Details |
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system. An authenticated attacker could exploit this vulnerability by running a specially crafted application.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8446 BID: 105217 Microsoft Rating: Important |
|
Vulnerability Type |
Windows Kernel Information Disclosure Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows Server 1709 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for 64-bit Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 1803 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 7 for 32-bit Systems SP1
|
|
Details |
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system. An authenticated attacker could exploit this vulnerability by running a specially crafted application.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8449 BID: 105272 Microsoft Rating: Important |
|
Vulnerability Type |
Device Guard Security Feature Bypass Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 1709 Microsoft Windows Server 1803
|
|
Details |
A security feature bypass exists when Device Guard incorrectly validates an untrusted file. An attacker who successfully exploited this vulnerability could make an unsigned file appear to be signed. Because Device Guard relies on the signature to determine the file is non-malicious, Device Guard could then allow a malicious file to execute.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8452 BID: 105252 Microsoft Rating: Important |
|
Vulnerability Type |
Scripting Engine Information Disclosure Vulnerability |
|
Vulnerability Affects |
Microsoft Edge Microsoft Internet Explorer 11 Microsoft ChakraCore
|
|
Details |
An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft browsers. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8455 BID: 105211 Microsoft Rating: Important |
|
Vulnerability Type |
Windows Kernel Elevation of Privilege Vulnerability |
|
Vulnerability Affects |
Microsoft Windows Server 1709 Microsoft Windows Server 1803 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for 64-bit Systems Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows RT 8.1
|
|
Details |
An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8462 BID: 105274 Microsoft Rating: Important |
|
Vulnerability Type |
DirectX Graphics Kernel Elevation of Privilege Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 1709 Microsoft Windows Server 1803
|
|
Details |
An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8463 BID: 105260 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft Edge Elevation of Privilege Vulnerability |
|
Vulnerability Affects |
Microsoft Edge
|
|
Details |
An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to escape from the AppContainer sandbox in the browser. An attacker who successfully exploited this vulnerability could gain elevated privileges and break out of the Edge AppContainer sandbox.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8468 BID: 105275 Microsoft Rating: Important |
|
Vulnerability Type |
Windows Elevation of Privilege Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for 64-bit Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 1709 Microsoft Windows Server 1803
|
|
Details |
An elevation of privilege vulnerability exists when Windows, allowing a sandbox escape. An attacker who successfully exploited the vulnerability could use the sandbox escape to elevate privileges on an affected system.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8469 BID: 105263 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft Edge Elevation of Privilege Vulnerability |
|
Vulnerability Affects |
Microsoft Edge
|
|
Details |
An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to escape from the AppContainer sandbox in the browser. An attacker who successfully exploited this vulnerability could gain elevated privileges and break out of the Edge AppContainer sandbox.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8470 BID: 105267 Microsoft Rating: Important |
|
Vulnerability Type |
Internet Explorer Security Feature Bypass Vulnerability |
|
Vulnerability Affects |
Microsoft Internet Explorer 11
|
|
Details |
A Security Seature Bypass vulnerability exists in Internet Explorer due to how scripts are handled that allows a universal cross-site scripting (UXSS) condition. An attacker could use the UXSS vulnerability to access any session belonging to web pages currently opened (or cached) by the browser at the time the attack is triggered.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8479 BID: 105323 Microsoft Rating: Important |
|
Vulnerability Type |
Azure IoT SDK Spoofing Vulnerability |
|
Vulnerability Affects |
Azure IoT
|
|
Details |
A spoofing vulnerability exists for the Azure IoT Device Provisioning for the C SDK library using the HTTP protocol on Windows platform. An attacker who successfully exploited this vulnerability could impersonate a server used during the provisioning process. To exploit this vulnerability, an attacker would need to perform a man-in-the-middle (MitM) attack on the network that provisioning was taking place.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8474 BID: 105268 Microsoft Rating: Moderate |
|
Vulnerability Type |
Lync for Mac 2011 Security Feature Bypass Vulnerability |
|
Vulnerability Affects |
Microsoft Lync for Mac 2011
|
|
Details |
A security feature bypass vulnerability exists when Lync for Mac 2011 fails to properly sanitize specially crafted messages. An attacker who successfully exploited this vulnerability could cause a targeted Lync for Mac 2011 user's system to browse to an attacker-specified website or automatically download file types on the operating system's safe file type list.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: N/A
|
Feedback
