Symantec product detections for Microsoft monthly Security Bulletins - December 2018
Article ID: 173197
Updated On:
Products
Issue/Introduction
This document describes Symantec product detections for the Microsoft vulnerabilities for which Microsoft releases patches in their monthly Security Bulletins.
Note: Symantec posts this information shortly after it becomes available from Microsoft. Any missing information will be added to the document as it becomes available.
Note: These have been referred to previously as Security Advisories. The language has been updated to Security Bulletins to maintain cadence with Microsoft's terminology
Note: The fields for KB and Bulletin are no longer populated or used by Microsoft, and they no longer appear here as of April 2017
Resolution
|
ID and Rating |
CAN/CVE ID: CVE-2018-8540 BID: 106073 Microsoft Rating: Critical |
|
Vulnerability Type |
.NET Framework Remote Code Injection Vulnerability |
|
Vulnerability Affects |
Microsoft .NET Framework 3.5 Microsoft .NET Framework 3.5.1 Microsoft .NET Framework 4.5.2 Microsoft .NET Framework 4.6 Microsoft .NET Framework 4.6.1 Microsoft .NET Framework 4.6.2 Microsoft .NET Framework 4.7 Microsoft .NET Framework 4.7.1 Microsoft .NET Framework 4.7.2
|
|
Details |
A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8583 BID: 106111 Microsoft Rating: Critical |
|
Vulnerability Type |
Chakra Scripting Engine Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft Edge Microsoft ChakraCore
|
|
Details |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8617 BID: 106112 Microsoft Rating: Critical |
|
Vulnerability Type |
Chakra Scripting Engine Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft Edge Microsoft ChakraCore
|
|
Details |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Web Attack: Microsoft Edge CVE-2018-8456 |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8618 BID: 106113 Microsoft Rating: Critical |
|
Vulnerability Type |
Chakra Scripting Engine Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft Edge Microsoft ChakraCore
|
|
Details |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8624 BID: 106114 Microsoft Rating: Critical |
|
Vulnerability Type |
Chakra Scripting Engine Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft Edge Microsoft ChakraCore
|
|
Details |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8626 BID: 106076 Microsoft Rating: Critical |
|
Vulnerability Type |
Windows DNS Server Heap Overflow Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1709 Microsoft Windows Server 1803
|
|
Details |
A remote code execution vulnerability exists in Windows Domain Name System (DNS) servers when they fail to properly handle requests. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the Local System Account.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8629 BID: 106115 Microsoft Rating: Critical |
|
Vulnerability Type |
Chakra Scripting Engine Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft Edge Microsoft ChakraCore
|
|
Details |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8631 BID: 106118 Microsoft Rating: Critical |
|
Vulnerability Type |
Internet Explorer Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft Internet Explorer 9 Microsoft Internet Explorer 10 Microsoft Internet Explorer 11
|
|
Details |
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8634 BID: 106078 Microsoft Rating: Critical |
|
Vulnerability Type |
Microsoft Text-To-Speech Remote Code Execution Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1709 Microsoft Windows Server 1803
|
|
Details |
A remote code execution vulnerability exists in Windows where Microsoft text-to-speech fails to properly handle objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8477 BID: 106081 Microsoft Rating: Important |
|
Vulnerability Type |
Windows Kernel Information Disclosure Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 1709 Microsoft Windows Server 1803 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows Server 2019
|
|
Details |
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user system.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Analysis |
|
Other Detections |
AV: Under Analysis
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8514 BID: 106079 Microsoft Rating: Important |
|
Vulnerability Type |
Remote Procedure Call runtime Information Disclosure Vulnerability |
|
Vulnerability Affects |
|
|
Details |
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8517 BID: 106075 Microsoft Rating: Important |
|
Vulnerability Type |
.NET Framework Denial Of Service Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1709 Microsoft Windows Server 1803
|
|
Details |
An information disclosure vulnerability exists when Remote Procedure Call runtime improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8652 Microsoft Rating: Important |
|
Vulnerability Type |
Windows Azure Pack Cross Site Scripting Vulnerability
Remote Code Execution (RCE)
|
|
Vulnerability Affects |
Microsoft Windows Azure Pack Rollup 13.1
|
|
Details |
A Cross-site Scripting (XSS) vulnerability exists when Windows Azure Pack does not properly sanitize user-provided input.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8580 BID: 106096 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft Sharepoint Information Disclosure Vulnerability |
|
Vulnerability Affects |
Microsoft SharePoint Enterprise Server 2013 Service Pack 1 Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Foundation 2010 SP2
|
|
Details |
An information disclosure vulnerability exists where certain modes of the search function in Microsoft SharePoint Server are vulnerable to cross-site search attacks (a variant of cross-site request forgery, CSRF). When users are simultaneously logged in to Microsoft SharePoint Server and visit a malicious web page, the attacker can, through standard browser functionality, induce the browser to invoke search queries as the logged in user.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8587 BID: 106097 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft Outlook Remote Code Execution Vulnerability |
|
Vulnerability Affects |
Microsoft Office 2019 for 32-bit editions Microsoft Office 2019 for 64-bit editions Microsoft Outlook 2010 (32-bit editions) Service Pack 2 Microsoft Outlook 2010 (64-bit editions) Service Pack 2 Microsoft Outlook 2013 RT Service Pack 1 Microsoft Outlook 2013 Service Pack 1 (32-bit editions) Microsoft Outlook 2013 Service Pack 1 (64-bit editions) Microsoft Outlook 2016 (32-bit editions) Microsoft Outlook 2016 (64-bit editions) Microsoft Office 365 ProPlus for 32-bit Systems Microsoft Office 365 ProPlus for 64-bit Systems
|
|
Details |
A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Analysis |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8595 BID: 106083 Microsoft Rating: Important |
|
Vulnerability Type |
Windows GDI Information Disclosure Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1709 Microsoft Windows Server 1803
|
|
Details |
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user system.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8596 BID: 106086 Microsoft Rating: Important |
|
Vulnerability Type |
Windows GDI Information Disclosure Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1709 Microsoft Windows Server 1803
|
|
Details |
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user system.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8597 BID: 106100 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft Excel Remote Code Execution Vulnerability |
|
Vulnerability Affects |
Microsoft Excel 2010 Service Pack 2 (32-bit editions) Microsoft Excel 2010 Service Pack 2 (64-bit editions) Microsoft Excel 2013 RT Service Pack 1 Microsoft Excel 2013 Service Pack 1 (32-bit editions) Microsoft Excel 2013 Service Pack 1 (64-bit editions) Microsoft Excel 2016 (32-bit editions) Microsoft Excel 2016 (64-bit editions) Microsoft Office 2010 (32-bit edition) SP2 Microsoft Office 2010 (64-bit edition) SP2 Microsoft Office 2016 for Mac Microsoft Office 2019 for 32-bit editions Microsoft Office 2019 for 64-bit editions Microsoft Office 2019 for Mac Microsoft Office Compatibility Pack Service Pack 3 Microsoft Office 365 ProPlus for 32-bit Systems Microsoft Office 365 ProPlus for 64-bit Systems
|
|
Details |
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8598 BID: 106102 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft Excel Information Disclosure Vulnerability |
|
Vulnerability Affects |
Microsoft Excel 2010 Service Pack 2 (32-bit editions) Microsoft Excel 2010 Service Pack 2 (64-bit editions) Microsoft Excel 2013 RT Service Pack 1 Microsoft Excel 2013 Service Pack 1 (32-bit editions) Microsoft Excel 2013 Service Pack 1 (64-bit editions) Microsoft Excel 2016 (32-bit editions) Microsoft Excel 2016 (64-bit editions) Microsoft Office 2019 for 32-bit editions Microsoft Office 2019 for 64-bit editions Microsoft Office 365 ProPlus for 32-bit Systems Microsoft Office 365 ProPlus for 64-bit Systems
|
|
Details |
An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the user’s computer or data.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8604 BID: 106103 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft Exchange Server Tampering Vulnerability |
|
Vulnerability Affects |
Microsoft Exchange Server 2016 Cumulative Update 10 Microsoft Exchange Server 2016 Cumulative Update 11
|
|
Details |
A tampering vulnerability exists when Microsoft Exchange Server fails to properly handle profile data. An attacker who successfully exploited this vulnerability could modify a targeted user's profile data.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8611 BID: 106082 Microsoft Rating: Important |
|
Vulnerability Type |
Windows Kernel Elevation of Privilege Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1709 Microsoft Windows Server 1803 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for 64-bit Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2
|
|
Details |
A privilege escalation vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under review |
|
Other Detections |
AV: Exp.CVE-2018-8611
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8612 BID: 106087 Microsoft Rating: Important |
|
Vulnerability Type |
Connected User Experiences and Telemetry Service Denial of Service Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1709 Microsoft Windows Server 1803
|
|
Details |
A Denial Of Service vulnerability exists when Connected User Experiences and Telemetry Service fails to validate certain function values. An attacker who successfully exploited this vulnerability could deny dependent security feature functionality.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8619 BID: 106119 Microsoft Rating: Important |
|
Vulnerability Type |
Internet Explorer Remote Code Execution Vulnerability |
|
Vulnerability Affects |
Microsoft VBScript Microsoft Internet Explorer 9 Microsoft Internet Explorer 10 Microsoft Internet Explorer 11
|
|
Details |
A remote code execution vulnerability exists when the Internet Explorer VBScript execution policy does not properly restrict VBScript under specific conditions. An attacker who exploited the vulnerability could run arbitrary code with medium-integrity level privileges (the permissions of the current user).
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8621 BID: 106085 Microsoft Rating: Important |
|
Vulnerability Type |
Windows Kernel Information Disclosure Vulnerability |
|
Vulnerability Affects |
Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1
|
|
Details |
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user system.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8622 BID: 106088 Microsoft Rating: Important |
|
Vulnerability Type |
Windows Kernel Information Disclosure Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2
|
|
Details |
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user system.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8625 BID: 106122 Microsoft Rating: Important |
|
Vulnerability Type |
Windows VBScript Engine Remote Code Execution Vulnerability |
|
Vulnerability Affects |
Microsoft Internet Explorer 9 Microsoft Internet Explorer 10 Microsoft Internet Explorer 11
|
|
Details |
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Analysis |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8627 BID: 106120 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft Excel Information Disclosure Vulnerability |
|
Vulnerability Affects |
Microsoft Excel Services on Microsoft SharePoint Server 2010 Service Pack 1 Microsoft Excel 2010 SP2 (32-bit editions) Microsoft Excel 2010 SP2 (64-bit editions) Microsoft Excel 2013 RT Service Pack 1 Microsoft Excel 2013 Service Pack 1 (32-bit editions) Microsoft Excel 2013 Service Pack 1 (64-bit editions) Microsoft Excel 2016 (32-bit editions) Microsoft Excel 2016 (64-bit editions) Microsoft Excel Viewer 2007 Service Pack 3 Microsoft Office 2010 (32-bit edition) SP2 Microsoft Office 2010 (64-bit edition) SP2 Microsoft Office 2016 for Mac Microsoft Office 2019 for 32-bit editions Microsoft Office 2019 for 64-bit editions Microsoft Office 2019 for Mac Microsoft Office Compatibility Pack Service Pack 3 Microsoft Office 365 ProPlus for 32-bit Systems Microsoft Office 365 ProPlus for 64-bit Systems
|
|
Details |
An information disclosure vulnerability exists when Microsoft Excel software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory. An attacker who successfully exploited the vulnerability could view out of bound memory.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8628 BID: 106104 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft PowerPoint Remote Code Execution Vulnerability |
|
Vulnerability Affects |
Microsoft Office 2016 for Mac Microsoft Office 2019 for 32-bit editions Microsoft Office 2019 for 64-bit editions Microsoft Office 2019 for Mac Microsoft Office Compatibility Pack SP3 Microsoft Office Web Apps 2010 SP2 Microsoft Office Web Apps 2013 SP1 Microsoft PowerPoint 2010 Service Pack 2 (32-bit editions) Microsoft PowerPoint 2010 Service Pack 2 (64-bit editions) Microsoft PowerPoint 2013 RT Service Pack 1 Microsoft PowerPoint 2013 Service Pack 1 (32-bit editions) Microsoft PowerPoint 2013 Service Pack 1 (64-bit editions) Microsoft PowerPoint 2016 (32-bit edition) Microsoft PowerPoint 2016 (64-bit edition) Microsoft PowerPoint Viewer Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Foundation 2013 SP1 Microsoft Office SharePoint Server 2007 SP3 (32-bit) Microsoft SharePoint Server 2013 SP1 Microsoft SharePoint Server 2019 Microsoft Office 365 ProPlus for 32-bit Systems Microsoft Office 365 ProPlus for 64-bit Systems
|
|
Details |
A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Analysis |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8635 BID: 106121 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft SharePoint Server Elevation of Privilege Vulnerability |
|
Vulnerability Affects |
Microsoft SharePoint Enterprise Server 2013 Service Pack 1 Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Server 2010 SP2
|
|
Details |
A privilege escalation vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted authentication request to an affected SharePoint server. An attacker who successfully exploited this vulnerability could execute malicious code on a vulnerable server in the context of the SharePoint application pool account.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8636 BID: 106101 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft Excel Remote Code Execution Vulnerability |
|
Vulnerability Affects |
Microsoft Excel 2010 Service Pack 2 (32-bit editions) Microsoft Excel 2010 Service Pack 2 (64-bit editions) Microsoft Excel 2013 RT Service Pack 1 Microsoft Excel 2013 Service Pack 1 (32-bit editions) Microsoft Excel 2013 Service Pack 1 (64-bit editions) Microsoft Excel 2016 (32-bit editions) Microsoft Excel 2016 (64-bit editions) Microsoft Office 2019 for 32-bit editions Microsoft Office 2019 for 64-bit editions Microsoft Office 365 ProPlus for 32-bit Systems Microsoft Office 365 ProPlus for 64-bit Systems
|
|
Details |
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8637 BID: 106095 Microsoft Rating: Important |
|
Vulnerability Type |
Win32k Information Disclosure Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 1803
|
|
Details |
An information disclosure vulnerability exists in Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (KASLR) bypass. An attacker who successfully exploited this vulnerability could retrieve the memory address of a kernel object.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8638 BID: 106089 Microsoft Rating: Important |
|
Vulnerability Type |
DirectX Information Disclosure Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1709 Microsoft Windows Server 1803
|
|
Details |
An information disclosure vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user system.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8639 BID: 106093 Microsoft Rating: Important |
|
Vulnerability Type |
Win32k Elevation of Privilege Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1709 Microsoft Windows Server 1803 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2
|
|
Details |
A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Analysis |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8641 BID: 106090 Microsoft Rating: Important |
|
Vulnerability Type |
Win32k Elevation of Privilege Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1709 Microsoft Windows Server 1803 Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems
|
|
Details |
A privilege escalation vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8643 BID: 106117 Microsoft Rating: Important |
|
Vulnerability Type |
Scripting Engine Memory Corruption Vulnerability |
|
Vulnerability Affects |
Microsoft Internet Explorer 11 Microsoft Internet Explorer 9 Microsoft Internet Explorer 10
|
|
Details |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Analysis |
|
Other Detections |
AV: N/A
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8649 BID: 106091 Microsoft Rating: Important |
|
Vulnerability Type |
Windows Denial of Service Vulnerability |
|
Vulnerability Affects |
Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems
|
|
Details |
A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Analysis |
|
Other Detections |
AV: Under Analysis
|
|
ID and Rating |
CAN/CVE ID: CVE-2018-8651 BID: 106077 Microsoft Rating: Important |
|
Vulnerability Type |
Microsoft Dynamics NAV Cross Site Scripting Vulnerability |
|
Vulnerability Affects |
Microsoft Dynamics NAV 2016 Microsoft Dynamics NAV 2017
|
|
Details |
A cross site scripting vulnerability exists when Microsoft Dynamics NAV does not properly sanitize a specially crafted web request to an affected Dynamics NAV server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics NAV server.
|
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Analysis |
|
Other Detections |
AV: Under Analysis
|
Windows Azure Pack Cross Site Scripting Vulnerability
Feedback
