search cancel

Symantec product detections for Microsoft monthly Security Bulletins - December 2018

book

Article ID: 173197

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

This document describes Symantec product detections for the Microsoft vulnerabilities for which Microsoft releases patches in their monthly Security Bulletins.

Note: Symantec posts this information shortly after it becomes available from Microsoft. Any missing information will be added to the document as it becomes available.
Note: These have been referred to previously as Security Advisories. The language has been updated to Security Bulletins to maintain cadence with Microsoft's terminology
Note: The fields for KB and Bulletin are no longer populated or used by Microsoft, and they no longer appear here as of April 2017 

Resolution

 

ID and Rating

CAN/CVE ID: CVE-2018-8540

BID: 106073

Microsoft Rating: Critical

Vulnerability Type

.NET Framework Remote Code Injection Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft .NET Framework 3.5 Microsoft .NET Framework 3.5.1 Microsoft .NET Framework 4.5.2 Microsoft .NET Framework 4.6 Microsoft .NET Framework 4.6.1 Microsoft .NET Framework 4.6.2 Microsoft .NET Framework 4.7 Microsoft .NET Framework 4.7.1 Microsoft .NET Framework 4.7.2

 

Details

A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

 

 

ID and Rating

CAN/CVE ID: CVE-2018-8583

BID: 106111

Microsoft Rating: Critical

Vulnerability Type

Chakra Scripting Engine Memory Corruption Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft Edge Microsoft ChakraCore

 

Details

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

 

Intrusion Protection System (IPS) Response

Sig ID:
Web Attack: Microsoft Edge CVE-2018-8456

Other Detections

AV: N/A

 

 

ID and Rating

CAN/CVE ID: CVE-2018-8617

BID: 106112

Microsoft Rating: Critical

Vulnerability Type

Chakra Scripting Engine Memory Corruption Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft Edge Microsoft ChakraCore

 

Details

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

 

Intrusion Protection System (IPS) Response

Sig ID: Web Attack: Microsoft Edge CVE-2018-8456

Other Detections

AV: N/A

 

 

ID and Rating

CAN/CVE ID: CVE-2018-8618

BID: 106113

Microsoft Rating: Critical

Vulnerability Type

Chakra Scripting Engine Memory Corruption Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft Edge Microsoft ChakraCore

 

Details

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

 

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: N/A

 

 

ID and Rating

CAN/CVE ID: CVE-2018-8624

BID: 106114

Microsoft Rating: Critical

Vulnerability Type

Chakra Scripting Engine Memory Corruption Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft Edge Microsoft ChakraCore

 

Details

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

 

 

ID and Rating

CAN/CVE ID: CVE-2018-8626

BID: 106076

Microsoft Rating: Critical

Vulnerability Type

Windows DNS Server Heap Overflow Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1709 Microsoft Windows Server 1803

 

Details

A remote code execution vulnerability exists in Windows Domain Name System (DNS) servers when they fail to properly handle requests. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the Local System Account.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

 

 

ID and Rating

CAN/CVE ID: CVE-2018-8629

BID: 106115

Microsoft Rating: Critical

Vulnerability Type

Chakra Scripting Engine Memory Corruption Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft Edge Microsoft ChakraCore

 

Details

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

 

 

ID and Rating

CAN/CVE ID: CVE-2018-8631

BID: 106118

Microsoft Rating: Critical

Vulnerability Type

Internet Explorer Memory Corruption Vulnerability
Remote Code Execution (RCE)

Vulnerability Affects

Microsoft Internet Explorer 9 Microsoft Internet Explorer 10 Microsoft Internet Explorer 11

 

Details

A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

 

 

ID and Rating

CAN/CVE ID: CVE-2018-8634

BID: 106078

Microsoft Rating: Critical

Vulnerability Type

Microsoft Text-To-Speech Remote Code Execution Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1709 Microsoft Windows Server 1803

 

Details

A remote code execution vulnerability exists in Windows where Microsoft text-to-speech fails to properly handle objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system.

 

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV: N/A

 

 

ID and Rating

CAN/CVE ID: CVE-2018-8477

BID: 106081

Microsoft Rating: Important

Vulnerability Type

Windows Kernel Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 1709 Microsoft Windows Server 1803 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows Server 2019

 

Details

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user system.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Analysis

Other Detections

AV: Under Analysis

 

 

ID and Rating

CAN/CVE ID: CVE-2018-8514

BID: 106079

Microsoft Rating: Important

Vulnerability Type

Remote Procedure Call runtime Information Disclosure Vulnerability

Vulnerability Affects

 

Details

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

 

 

ID and Rating

CAN/CVE ID: CVE-2018-8517

BID: 106075

Microsoft Rating: Important

Vulnerability Type

.NET Framework Denial Of Service Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1709 Microsoft Windows Server 1803

 

Details

An information disclosure vulnerability exists when Remote Procedure Call runtime improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

 

 

ID and Rating

CAN/CVE ID: CVE-2018-8652

BID: 106155

Microsoft Rating: Important

Vulnerability Type

Windows Azure Pack Cross Site Scripting Vulnerability
Remote Code Execution (RCE)
 
 
 
 
 
 

Vulnerability Affects

Microsoft Windows Azure Pack Rollup 13.1
 
 

Details

A Cross-site Scripting (XSS) vulnerability exists when Windows Azure Pack does not properly sanitize user-provided input.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

 

 

ID and Rating

CAN/CVE ID: CVE-2018-8580

BID: 106096

Microsoft Rating: Important

Vulnerability Type

Microsoft Sharepoint Information Disclosure Vulnerability

Vulnerability Affects

Microsoft SharePoint Enterprise Server 2013 Service Pack 1 Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Foundation 2010 SP2

 

Details

An information disclosure vulnerability exists where certain modes of the search function in Microsoft SharePoint Server are vulnerable to cross-site search attacks (a variant of cross-site request forgery, CSRF). When users are simultaneously logged in to Microsoft SharePoint Server and visit a malicious web page, the attacker can, through standard browser functionality, induce the browser to invoke search queries as the logged in user.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

 

 

ID and Rating

CAN/CVE ID: CVE-2018-8587

BID: 106097

Microsoft Rating: Important

Vulnerability Type

Microsoft Outlook Remote Code Execution Vulnerability

Vulnerability Affects

Microsoft Office 2019 for 32-bit editions Microsoft Office 2019 for 64-bit editions Microsoft Outlook 2010 (32-bit editions) Service Pack 2 Microsoft Outlook 2010 (64-bit editions) Service Pack 2 Microsoft Outlook 2013 RT Service Pack 1 Microsoft Outlook 2013 Service Pack 1 (32-bit editions) Microsoft Outlook 2013 Service Pack 1 (64-bit editions) Microsoft Outlook 2016 (32-bit editions) Microsoft Outlook 2016 (64-bit editions) Microsoft Office 365 ProPlus for 32-bit Systems Microsoft Office 365 ProPlus for 64-bit Systems

 

Details

A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Analysis

Other Detections

AV: N/A

 

 

 

ID and Rating

CAN/CVE ID: CVE-2018-8595

BID: 106083

Microsoft Rating: Important

Vulnerability Type

Windows GDI Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1709 Microsoft Windows Server 1803

 

Details

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user system.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

 

 

ID and Rating

CAN/CVE ID: CVE-2018-8596

BID: 106086

Microsoft Rating: Important

Vulnerability Type

Windows GDI Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1709 Microsoft Windows Server 1803

 

Details

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user system.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

 

 

ID and Rating

CAN/CVE ID: CVE-2018-8597

BID: 106100

Microsoft Rating: Important

Vulnerability Type

Microsoft Excel Remote Code Execution Vulnerability

Vulnerability Affects

Microsoft Excel 2010 Service Pack 2 (32-bit editions) Microsoft Excel 2010 Service Pack 2 (64-bit editions) Microsoft Excel 2013 RT Service Pack 1 Microsoft Excel 2013 Service Pack 1 (32-bit editions) Microsoft Excel 2013 Service Pack 1 (64-bit editions) Microsoft Excel 2016 (32-bit editions) Microsoft Excel 2016 (64-bit editions) Microsoft Office 2010 (32-bit edition) SP2 Microsoft Office 2010 (64-bit edition) SP2 Microsoft Office 2016 for Mac Microsoft Office 2019 for 32-bit editions Microsoft Office 2019 for 64-bit editions Microsoft Office 2019 for Mac Microsoft Office Compatibility Pack Service Pack 3 Microsoft Office 365 ProPlus for 32-bit Systems Microsoft Office 365 ProPlus for 64-bit Systems

 

Details

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

 

 

ID and Rating

CAN/CVE ID: CVE-2018-8598

BID: 106102

Microsoft Rating: Important

Vulnerability Type

Microsoft Excel Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Excel 2010 Service Pack 2 (32-bit editions) Microsoft Excel 2010 Service Pack 2 (64-bit editions) Microsoft Excel 2013 RT Service Pack 1 Microsoft Excel 2013 Service Pack 1 (32-bit editions) Microsoft Excel 2013 Service Pack 1 (64-bit editions) Microsoft Excel 2016 (32-bit editions) Microsoft Excel 2016 (64-bit editions) Microsoft Office 2019 for 32-bit editions Microsoft Office 2019 for 64-bit editions Microsoft Office 365 ProPlus for 32-bit Systems Microsoft Office 365 ProPlus for 64-bit Systems

 

Details

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the user’s computer or data.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

 

 

 

ID and Rating

CAN/CVE ID: CVE-2018-8604

BID: 106103

Microsoft Rating: Important

Vulnerability Type

Microsoft Exchange Server Tampering Vulnerability

Vulnerability Affects

Microsoft Exchange Server 2016 Cumulative Update 10 Microsoft Exchange Server 2016 Cumulative Update 11

 

Details

A tampering vulnerability exists when Microsoft Exchange Server fails to properly handle profile data. An attacker who successfully exploited this vulnerability could modify a targeted user's profile data.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

 

 

ID and Rating

CAN/CVE ID: CVE-2018-8611

BID: 106082

Microsoft Rating: Important

Vulnerability Type

Windows Kernel Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1709 Microsoft Windows Server 1803 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for 64-bit Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2

 

Details

A privilege escalation vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

 

Intrusion Protection System (IPS) Response

Sig ID: Under review

Other Detections

AV:  Exp.CVE-2018-8611

 

 

ID and Rating

CAN/CVE ID: CVE-2018-8612

BID: 106087

Microsoft Rating: Important

Vulnerability Type

Connected User Experiences and Telemetry Service Denial of Service Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1709 Microsoft Windows Server 1803

 

Details

A Denial Of Service vulnerability exists when Connected User Experiences and Telemetry Service fails to validate certain function values. An attacker who successfully exploited this vulnerability could deny dependent security feature functionality.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

 


 

 

ID and Rating

CAN/CVE ID: CVE-2018-8619

BID: 106119

Microsoft Rating: Important

Vulnerability Type

Internet Explorer Remote Code Execution Vulnerability

Vulnerability Affects

Microsoft VBScript Microsoft Internet Explorer 9 Microsoft Internet Explorer 10 Microsoft Internet Explorer 11

 

Details

A remote code execution vulnerability exists when the Internet Explorer VBScript execution policy does not properly restrict VBScript under specific conditions. An attacker who exploited the vulnerability could run arbitrary code with medium-integrity level privileges (the permissions of the current user).

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

 

 

ID and Rating

CAN/CVE ID: CVE-2018-8621

BID: 106085

Microsoft Rating: Important

Vulnerability Type

Windows Kernel Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1

 

Details

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user system.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

 

 

ID and Rating

CAN/CVE ID: CVE-2018-8622

BID: 106088

Microsoft Rating: Important

Vulnerability Type

Windows Kernel Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2

 

Details

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user system.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

 

 

ID and Rating

CAN/CVE ID: CVE-2018-8625

BID: 106122

Microsoft Rating: Important

Vulnerability Type

Windows VBScript Engine Remote Code Execution Vulnerability

Vulnerability Affects

Microsoft Internet Explorer 9 Microsoft Internet Explorer 10 Microsoft Internet Explorer 11

 

Details

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Analysis

Other Detections

AV: N/A

 

 

ID and Rating

CAN/CVE ID: CVE-2018-8627

BID: 106120

Microsoft Rating: Important

Vulnerability Type

Microsoft Excel Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Excel Services on Microsoft SharePoint Server 2010 Service Pack 1 Microsoft Excel 2010 SP2 (32-bit editions) Microsoft Excel 2010 SP2 (64-bit editions) Microsoft Excel 2013 RT Service Pack 1 Microsoft Excel 2013 Service Pack 1 (32-bit editions) Microsoft Excel 2013 Service Pack 1 (64-bit editions) Microsoft Excel 2016 (32-bit editions) Microsoft Excel 2016 (64-bit editions) Microsoft Excel Viewer 2007 Service Pack 3 Microsoft Office 2010 (32-bit edition) SP2 Microsoft Office 2010 (64-bit edition) SP2 Microsoft Office 2016 for Mac Microsoft Office 2019 for 32-bit editions Microsoft Office 2019 for 64-bit editions Microsoft Office 2019 for Mac Microsoft Office Compatibility Pack Service Pack 3 Microsoft Office 365 ProPlus for 32-bit Systems Microsoft Office 365 ProPlus for 64-bit Systems

 

Details

An information disclosure vulnerability exists when Microsoft Excel software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory. An attacker who successfully exploited the vulnerability could view out of bound memory.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

 

 

ID and Rating

CAN/CVE ID: CVE-2018-8628

BID: 106104

Microsoft Rating: Important

Vulnerability Type

Microsoft PowerPoint Remote Code Execution Vulnerability

Vulnerability Affects

Microsoft Office 2016 for Mac Microsoft Office 2019 for 32-bit editions Microsoft Office 2019 for 64-bit editions Microsoft Office 2019 for Mac Microsoft Office Compatibility Pack SP3 Microsoft Office Web Apps 2010 SP2 Microsoft Office Web Apps 2013 SP1 Microsoft PowerPoint 2010 Service Pack 2 (32-bit editions) Microsoft PowerPoint 2010 Service Pack 2 (64-bit editions) Microsoft PowerPoint 2013 RT Service Pack 1 Microsoft PowerPoint 2013 Service Pack 1 (32-bit editions) Microsoft PowerPoint 2013 Service Pack 1 (64-bit editions) Microsoft PowerPoint 2016 (32-bit edition) Microsoft PowerPoint 2016 (64-bit edition) Microsoft PowerPoint Viewer Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Foundation 2013 SP1 Microsoft Office SharePoint Server 2007 SP3 (32-bit) Microsoft SharePoint Server 2013 SP1 Microsoft SharePoint Server 2019 Microsoft Office 365 ProPlus for 32-bit Systems Microsoft Office 365 ProPlus for 64-bit Systems

 

Details

A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Analysis

Other Detections

AV: N/A

 

 

ID and Rating

CAN/CVE ID: CVE-2018-8635

BID: 106121

Microsoft Rating: Important

Vulnerability Type

Microsoft SharePoint Server Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft SharePoint Enterprise Server 2013 Service Pack 1 Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Server 2010 SP2

 

Details

A privilege escalation vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted authentication request to an affected SharePoint server. An attacker who successfully exploited this vulnerability could execute malicious code on a vulnerable server in the context of the SharePoint application pool account.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

 

 

ID and Rating

CAN/CVE ID: CVE-2018-8636

BID: 106101

Microsoft Rating: Important

Vulnerability Type

Microsoft Excel Remote Code Execution Vulnerability

Vulnerability Affects

Microsoft Excel 2010 Service Pack 2 (32-bit editions) Microsoft Excel 2010 Service Pack 2 (64-bit editions) Microsoft Excel 2013 RT Service Pack 1 Microsoft Excel 2013 Service Pack 1 (32-bit editions) Microsoft Excel 2013 Service Pack 1 (64-bit editions) Microsoft Excel 2016 (32-bit editions) Microsoft Excel 2016 (64-bit editions) Microsoft Office 2019 for 32-bit editions Microsoft Office 2019 for 64-bit editions Microsoft Office 365 ProPlus for 32-bit Systems Microsoft Office 365 ProPlus for 64-bit Systems

 

Details

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

 

 

ID and Rating

CAN/CVE ID: CVE-2018-8637

BID: 106095

Microsoft Rating: Important

Vulnerability Type

Win32k Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 1803

 

Details

An information disclosure vulnerability exists in Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (KASLR) bypass. An attacker who successfully exploited this vulnerability could retrieve the memory address of a kernel object.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

 

 

ID and Rating

CAN/CVE ID: CVE-2018-8638

BID: 106089

Microsoft Rating: Important

Vulnerability Type

DirectX Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1709 Microsoft Windows Server 1803

 

Details

An information disclosure vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user system.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

 

 

ID and Rating

CAN/CVE ID: CVE-2018-8639

BID: 106093

Microsoft Rating: Important

Vulnerability Type

Win32k Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1709 Microsoft Windows Server 1803 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2

 

Details

A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Analysis

Other Detections

AV: N/A

 

 

ID and Rating

CAN/CVE ID: CVE-2018-8641

BID: 106090

Microsoft Rating: Important

Vulnerability Type

Win32k Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1709 Microsoft Windows Server 1803 Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems

 

Details

A privilege escalation vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

 

 

ID and Rating

CAN/CVE ID: CVE-2018-8643

BID: 106117

Microsoft Rating: Important

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability

Vulnerability Affects

Microsoft Internet Explorer 11 Microsoft Internet Explorer 9 Microsoft Internet Explorer 10

 

Details

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Analysis

Other Detections

AV: N/A

 

 

ID and Rating

CAN/CVE ID: CVE-2018-8649

BID: 106091

Microsoft Rating: Important

Vulnerability Type

Windows Denial of Service Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems

 

Details

A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Analysis

Other Detections

AV: Under Analysis

 

 

ID and Rating

CAN/CVE ID: CVE-2018-8651

BID: 106077

Microsoft Rating: Important

Vulnerability Type

Microsoft Dynamics NAV Cross Site Scripting Vulnerability

Vulnerability Affects

Microsoft Dynamics NAV 2016 Microsoft Dynamics NAV 2017

 

Details

A cross site scripting vulnerability exists when Microsoft Dynamics NAV does not properly sanitize a specially crafted web request to an affected Dynamics NAV server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics NAV server.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Analysis

Other Detections

AV: Under Analysis

 

 

Windows Azure Pack Cross Site Scripting Vulnerability