{"id": "CVE-2018-8284", "bulletinFamily": "NVD", "title": "CVE-2018-8284", "description": "A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka \".NET Framework Remote Code Injection Vulnerability.\" This affects Microsoft .NET Framework 2.0, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.6, Microsoft .NET Framework 4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.7.1/4.7.2, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6/4.6.1/4.6.2, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework 4.7.2.", "published": "2018-07-11T00:29:00", "modified": "2020-08-24T17:37:00", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8284", "reporter": "cve@mitre.org", "references": ["http://www.securityfocus.com/bid/104667", "http://www.securitytracker.com/id/1041257", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8284"], "cvelist": ["CVE-2018-8284"], "type": "cve", "lastseen": "2021-02-02T06:52:42", "edition": 5, "viewCount": 13, "enchantments": {"dependencies": {"references": [{"type": "symantec", "idList": ["SMNTC-104667"]}, {"type": "mskb", "idList": ["KB4340007", "KB4340557", "KB4340558", "KB4340006", "KB4340005", "KB4340004", "KB4340556", "KB4340559"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310813651", "OPENVAS:1361412562310813491", "OPENVAS:1361412562310813485", "OPENVAS:1361412562310813483", "OPENVAS:1361412562310813649", "OPENVAS:1361412562310813650", "OPENVAS:1361412562310813488", "OPENVAS:1361412562310813648", "OPENVAS:1361412562310813487", "OPENVAS:1361412562310813490"]}, {"type": "nessus", "idList": ["SMB_NT_MS18_JUL_4338819.NASL", "SMB_NT_MS18_JUL_4338826.NASL", "SMB_NT_MS18_JUL_4338818.NASL", "SMB_NT_MS18_JUL_4338829.NASL", "SMB_NT_MS18_JUL_4338830.NASL", "SMB_NT_MS18_JUL_4338825.NASL", "SMB_NT_MS18_JUL_4338815.NASL", "SMB_NT_MS18_JUL_DOTNET.NASL", "SMB_NT_MS18_JUL_4338814.NASL"]}, {"type": "kaspersky", "idList": ["KLA11288"]}, {"type": "trendmicroblog", "idList": ["TRENDMICROBLOG:D2DE4A375F3757187EBBB5A3EA061E42"]}, {"type": "talosblog", "idList": ["TALOSBLOG:64097F241B66E90D3723AFE8991AFAB4"]}], "modified": "2021-02-02T06:52:42", "rev": 2}, "score": {"value": 6.4, "vector": "NONE", "modified": "2021-02-02T06:52:42", "rev": 2}, "vulnersScore": 6.4}, "cpe": ["cpe:/a:microsoft:sharepoint_server:2013", "cpe:/a:microsoft:.net_framework:3.5.1", "cpe:/a:microsoft:sharepoint_foundation:2013", "cpe:/a:microsoft:.net_framework:3.5", "cpe:/a:microsoft:.net_framework:4.6.1", "cpe:/a:microsoft:.net_framework:4.7", "cpe:/a:microsoft:sharepoint_enterprise_server:2013", "cpe:/a:microsoft:.net_framework:2.0", "cpe:/a:microsoft:sharepoint_foundation:2010", "cpe:/a:microsoft:sharepoint_server:2010", "cpe:/a:microsoft:.net_framework:4.6.2", "cpe:/a:microsoft:.net_framework:4.7.2", "cpe:/a:microsoft:sharepoint_enterprise_server:2016", "cpe:/a:microsoft:project_server:2010", "cpe:/a:microsoft:.net_framework:4.5.2", "cpe:/a:microsoft:project_server:2013", "cpe:/a:microsoft:.net_framework:4.7.1", "cpe:/a:microsoft:.net_framework:3.0", "cpe:/a:microsoft:.net_framework:4.6"], "affectedSoftware": [{"cpeName": "microsoft:project_server", "name": "microsoft project server", "operator": "eq", "version": "2013"}, {"cpeName": "microsoft:sharepoint_foundation", "name": "microsoft sharepoint foundation", "operator": "eq", "version": "2013"}, {"cpeName": "microsoft:.net_framework", "name": "microsoft .net framework", "operator": "eq", "version": "4.7.1"}, {"cpeName": "microsoft:.net_framework", "name": "microsoft .net framework", "operator": "eq", "version": "4.7.1"}, {"cpeName": "microsoft:.net_framework", "name": "microsoft .net framework", "operator": "eq", "version": "4.7.1"}, {"cpeName": "microsoft:.net_framework", "name": "microsoft .net framework", "operator": "eq", "version": "4.7.1"}, {"cpeName": "microsoft:.net_framework", "name": "microsoft .net framework", "operator": "eq", "version": "3.0"}, {"cpeName": "microsoft:sharepoint_enterprise_server", "name": "microsoft sharepoint enterprise server", "operator": "eq", "version": "2016"}, {"cpeName": "microsoft:project_server", "name": "microsoft project server", "operator": "eq", "version": "2010"}, {"cpeName": "microsoft:.net_framework", "name": "microsoft .net framework", "operator": "eq", "version": "4.7.2"}, {"cpeName": "microsoft:.net_framework", "name": "microsoft .net framework", "operator": "eq", "version": "4.7.2"}, {"cpeName": "microsoft:.net_framework", "name": "microsoft .net framework", "operator": "eq", "version": "4.7.2"}, {"cpeName": "microsoft:.net_framework", "name": "microsoft .net framework", "operator": "eq", "version": "4.7.2"}, {"cpeName": "microsoft:.net_framework", "name": "microsoft .net framework", "operator": "eq", "version": "4.7.2"}, {"cpeName": "microsoft:.net_framework", "name": "microsoft .net framework", "operator": "eq", "version": "2.0"}, {"cpeName": "microsoft:.net_framework", "name": "microsoft .net framework", "operator": "eq", "version": "3.5"}, {"cpeName": "microsoft:sharepoint_foundation", "name": "microsoft sharepoint foundation", "operator": "eq", "version": "2010"}, {"cpeName": "microsoft:.net_framework", "name": "microsoft .net framework", "operator": "eq", "version": "3.5.1"}, {"cpeName": "microsoft:.net_framework", "name": "microsoft .net framework", "operator": "eq", "version": "4.6.2"}, {"cpeName": "microsoft:.net_framework", "name": "microsoft .net framework", "operator": "eq", "version": "4.6.2"}, {"cpeName": "microsoft:.net_framework", "name": "microsoft .net framework", "operator": "eq", "version": "4.6.2"}, {"cpeName": "microsoft:sharepoint_server", "name": "microsoft sharepoint server", "operator": "eq", "version": "2013"}, {"cpeName": "microsoft:sharepoint_server", "name": "microsoft sharepoint server", "operator": "eq", "version": "2010"}, {"cpeName": "microsoft:sharepoint_enterprise_server", "name": "microsoft sharepoint enterprise server", "operator": "eq", "version": "2013"}, {"cpeName": "microsoft:.net_framework", "name": "microsoft .net framework", "operator": "eq", "version": "4.6"}, {"cpeName": "microsoft:.net_framework", "name": "microsoft .net framework", "operator": "eq", "version": "4.6"}, {"cpeName": "microsoft:.net_framework", "name": "microsoft .net framework", "operator": "eq", "version": "4.6"}, {"cpeName": "microsoft:.net_framework", "name": "microsoft .net framework", "operator": "eq", "version": "4.5.2"}, {"cpeName": "microsoft:.net_framework", "name": "microsoft .net framework", "operator": "eq", "version": "4.7"}, {"cpeName": "microsoft:.net_framework", "name": "microsoft .net framework", "operator": "eq", "version": "4.7"}, {"cpeName": "microsoft:.net_framework", "name": "microsoft .net framework", "operator": "eq", "version": "4.7"}, {"cpeName": "microsoft:.net_framework", "name": "microsoft .net framework", "operator": "eq", "version": "4.6.1"}, {"cpeName": "microsoft:.net_framework", "name": "microsoft .net framework", "operator": "eq", "version": "4.6.1"}], "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.2, "impactScore": 5.9}, "cpe23": ["cpe:2.3:a:microsoft:sharepoint_enterprise_server:2016:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:.net_framework:4.7:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_enterprise_server:2013:sp1:*:*:*:*:*:*", "cpe:2.3:a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:*", "cpe:2.3:a:microsoft:project_server:2010:sp2:*:*:*:*:*:*", "cpe:2.3:a:microsoft:.net_framework:3.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:.net_framework:4.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:.net_framework:4.6:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:.net_framework:4.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_server:2010:sp2:*:*:*:*:*:*", "cpe:2.3:a:microsoft:.net_framework:3.0:sp2:*:*:*:*:*:*", "cpe:2.3:a:microsoft:.net_framework:4.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_foundation:2013:sp1:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_foundation:2010:sp2:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_server:2013:sp1:*:*:*:*:*:*", "cpe:2.3:a:microsoft:project_server:2013:sp1:*:*:*:*:*:*", "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*"], "cwe": ["CWE-94"], "scheme": null, "affectedConfiguration": [{"cpeName": "microsoft:windows_10", "name": "microsoft windows 10", "operator": "eq", "version": "-"}, {"cpeName": "microsoft:windows_10", "name": "microsoft windows 10", "operator": "eq", "version": "1607"}, {"cpeName": "microsoft:windows_server_2008", "name": "microsoft windows server 2008", "operator": "eq", "version": "r2"}, {"cpeName": "microsoft:windows_rt_8.1", "name": "microsoft windows rt 8.1", "operator": "eq", "version": "-"}, {"cpeName": "microsoft:windows_8.1", "name": "microsoft windows 8.1", "operator": "eq", "version": "*"}, {"cpeName": "microsoft:windows_server_2012", "name": "microsoft windows server 2012", "operator": "eq", "version": "r2"}, {"cpeName": "microsoft:windows_server_2008", "name": "microsoft windows server 2008", "operator": "eq", "version": "-"}, {"cpeName": "microsoft:windows_server_2012", "name": "microsoft windows server 2012", "operator": "eq", "version": "*"}, {"cpeName": "microsoft:windows_10", "name": "microsoft windows 10", "operator": "eq", "version": "1709"}, {"cpeName": "microsoft:windows_server", "name": "microsoft windows server", "operator": "eq", "version": "1709"}, {"cpeName": "microsoft:windows_10", "name": "microsoft windows 10", "operator": "eq", "version": "1703"}, {"cpeName": "microsoft:windows_7", "name": "microsoft windows 7", "operator": "eq", "version": "-"}, {"cpeName": "microsoft:windows_server_2008", "name": "microsoft windows server 2008", "operator": "eq", "version": "*"}, {"cpeName": "microsoft:windows_server", "name": "microsoft windows server", "operator": "eq", "version": "1803"}, {"cpeName": "microsoft:windows_10", "name": "microsoft windows 10", "operator": "eq", "version": "1803"}, {"cpeName": "microsoft:windows_server_2016", "name": "microsoft windows server 2016", "operator": "eq", "version": "-"}, {"cpeName": "microsoft:windows_server_2016", "name": "microsoft windows server 2016", "operator": "eq", "version": "*"}], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"children": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:o:microsoft:windows_server:1803:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "vulnerable": false}], "operator": "OR"}], "operator": "AND"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:a:microsoft:sharepoint_server:2010:sp2:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:microsoft:sharepoint_server:2013:sp1:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}, {"children": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "vulnerable": false}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.5.2:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}], "operator": "AND"}, {"children": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "vulnerable": false}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:3.0:sp2:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}], "operator": "AND"}, {"children": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.6.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.7:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.6:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.7.1:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "vulnerable": false}], "operator": "OR"}], "operator": "AND"}, {"children": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "vulnerable": false}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}], "operator": "AND"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:a:microsoft:sharepoint_foundation:2013:sp1:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:microsoft:sharepoint_foundation:2010:sp2:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:a:microsoft:sharepoint_enterprise_server:2016:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:microsoft:sharepoint_enterprise_server:2013:sp1:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}, {"children": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*", "vulnerable": false}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.7:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.7.1:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}], "operator": "AND"}, {"children": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.7:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.7.1:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "vulnerable": false}], "operator": "OR"}], "operator": "AND"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:a:microsoft:project_server:2010:sp2:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:microsoft:project_server:2013:sp1:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}, {"children": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.6:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:*:*", "vulnerable": false}], "operator": "OR"}], "operator": "AND"}, {"children": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*", "vulnerable": false}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:3.5.1:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}], "operator": "AND"}, {"children": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.7.1:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*", "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_server:1709:*:*:*:*:*:*:*", "vulnerable": false}], "operator": "OR"}], "operator": "AND"}, {"children": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.6.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.6:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "vulnerable": false}], "operator": "OR"}], "operator": "AND"}]}, "extraReferences": [{"name": "1041257", "refsource": "SECTRACK", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1041257"}, {"name": "104667", "refsource": "BID", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/104667"}, {"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8284", "refsource": "CONFIRM", "tags": ["Patch", "Vendor Advisory"], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8284"}]}

{"symantec": [{"lastseen": "2018-07-10T23:26:08", "bulletinFamily": "software", "cvelist": ["CVE-2018-8284"], "description": "### Description\n\nMicrosoft .NET Framework is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected system. Failed exploit attempts will result in denial-of-service conditions.\n\n### Technologies Affected\n\n * Microsoft .NET Framework 2.0 SP2 \n * Microsoft .NET Framework 3.0 SP2 \n * Microsoft .NET Framework 3.5 \n * Microsoft .NET Framework 3.5.1 \n * Microsoft .NET Framework 4.5.2 \n * Microsoft .NET Framework 4.6 \n * Microsoft .NET Framework 4.6.1 \n * Microsoft .NET Framework 4.6.2 \n * Microsoft .NET Framework 4.7 \n * Microsoft .NET Framework 4.7.1 \n * Microsoft .NET Framework 4.7.2 \n\n### Recommendations\n\n**Run all software as a nonprivileged user with minimal access rights.** \nTo reduce the impact of latent vulnerabilities, always run nonadministrative software as an unprivileged user with minimal access rights.\n\n**Deploy network intrusion detection systems to monitor network traffic for malicious activity.** \nDeploy NIDS to monitor network traffic for signs of anomalous or suspicious activity. This includes but is not limited to requests that include NOP sleds and unexplained incoming and outgoing traffic. This may indicate exploit attempts or activity that results from successful exploits\n\n**Do not follow links provided by unknown or untrusted sources.** \nWeb users should be cautious about following links to sites that are provided by unfamiliar or suspicious sources. Filtering HTML from emails may help remove a possible vector for transmitting malicious links to users.\n\n**Implement multiple redundant layers of security.** \nMemory-protection schemes (such as nonexecutable stack and heap configurations and randomly mapped memory segments) will complicate exploits of memory-corruption vulnerabilities.\n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "modified": "2018-07-10T00:00:00", "published": "2018-07-10T00:00:00", "id": "SMNTC-104667", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/104667", "type": "symantec", "title": "Microsoft .NET Framework CVE-2018-8284 Remote Code Execution Vulnerability", "cvss": {"score": 0.0, "vector": "NONE"}}], "mskb": [{"lastseen": "2021-01-01T22:47:43", "bulletinFamily": "microsoft", "cvelist": ["CVE-2018-8202", "CVE-2018-8356", "CVE-2018-8284"], "description": "<html><body><p>Resolves vulnerabilities that could allow remote code execution, an elevation of privilege, and a security feature bypass.</p><h2></h2><p>This article also applies to the following:</p><ul><li>Microsoft .NET Framework 3.5</li></ul><h2>Summary</h2><p>This security update resolves the following vulnerabilities:</p><ul><li><span><span>A \"remote code execution\" vulnerability exists when .NET Framework does not validate input correctly. An attacker who successfully exploits\u00a0this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts that have full user rights. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who have\u00a0administrative user rights. To exploit the vulnerability, an attacker would have to pass specific input to an application through susceptible .NET Framework methods. This security update addresses the vulnerability by correcting how .NET Framework validates input. To learn more about this vulnerability, see <a href=\"https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-8284\">Microsoft Common Vulnerabilities and Exposures CVE-2018-8284</a>.</span></span></li><li><span><span>An \"elevation of privilege\" vulnerability exists in .NET Framework that could allow an attacker to elevate their user rights level. To exploit the vulnerability, an attacker would first have to access the local computer, and then run a malicious program. This update addresses the vulnerability by correcting how .NET Framework enables COM objects. To learn more about this vulnerability, see <a href=\"https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-8202\">Microsoft Common Vulnerabilities and Exposures CVE-2018-8202</a>.</span></span></li><li><span><span>A \"security feature bypass\" vulnerability exists when .NET Framework components do not correctly validate certificates. An attacker could present expired certificates when challenged. This security update addresses the vulnerability by making sure that .NET Framework components correctly validate certificates. To learn more about this vulnerability, see <a href=\"https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-8356\">Microsoft Common Vulnerabilities and Exposures CVE-2018-8356</a>.</span></span></li></ul><h2></h2><p><strong><span class=\"text-base\">Important</span></strong></p><ul><li><span><span><span>All updates for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 require update <a data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/help/2919355\" target=\"_blank\">2919355</a> to be installed. We recommend that you install update <a data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/help/2919355\" target=\"_blank\">2919355</a> on your Windows RT 8.1-based, Windows 8.1-based or Windows Server 2012 R2-based computer so that you receive updates in the future</span></span></span>.</li><li>If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see <a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://technet.microsoft.com/library/hh825699\" managed-link=\"\" target=\"_blank\">Add language packs to Windows</a>.</li></ul><h2>Additional information about this security update</h2><div><span>The following articles contain additional information about this security update as it relates to individual product versions. The articles may contain known issue information.</span></div><div>\u00a0</div><ul><li><span><a data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/help/4338424\" managed-link=\"\" target=\"_blank\">4338424</a> Description of the Security and Quality Rollup updates for .NET Framework 3.5 for Windows 8.1, RT 8.1, and Server 2012 R2 (KB 4338424)</span></li><li><a data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/help/4338415\" managed-link=\"\" target=\"_blank\">4338415</a> Description of the Security and Quality Rollup updates for .NET Framework 4.5.2 for Windows 8.1, RT 8.1, and Server 2012 R2 (KB 4338415)</li><li><a data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/help/4338419\" managed-link=\"\" target=\"_blank\">4338419</a> Description of the Security and Quality Rollup updates for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows 8.1, RT 8.1, and Server 2012 R2 (KB 4338419)</li></ul><h2>Known issues</h2><ul class=\"indent-9\"><li><p>After you install any of the <span><a data-content-id=\"\" data-content-type=\"\" href=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8202\" target=\"\">July 2018 .NET Framework Security Updates</a></span>, a COM component fails to load because of \u201caccess denied,\u201d\u00a0\u201cclass not registered,\u201d\u00a0or \u201cinternal failure occurred for unknown reasons\u201d errors. The most common failure signature\u00a0is the following:</p><p class=\"indent-1\">Exception type:\u00a0System.UnauthorizedAccessException</p><p class=\"indent-1\"><span lang=\"EN-US\">Message:\u00a0Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))</span></p><p>For more information about this issue, see the following article in the Microsoft Knowledge Base:\u00a0</p><p class=\"indent-1\"><a href=\"https://support.microsoft.com/help/4345913\">4345913</a>\u00a0\"Access Denied\" errors and applications with COM activation fail after installing July 2018 Security and Quality Rollup updates for .NET Framework</p><p>To resolve this issue, i<span>nstall the August Security and Quality Rollup <a href=\"https://support.microsoft.com/help/4345592\" managed-link=\"\">KB <span>4345592</span></a>.</span></p></li><li><p><span>Assume that you run the Azure Active Directory (Azure AD) Connect Health for Sync monitoring agent on a system that has .NET Framework 4.7.2 or the July 2018 updates for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, or 4.7.2 <span>installed</span>. In this scenario, the system may experience slow performance and high CPU usage</span>.<br/><br/>For more information about this issue, see the following article in the Microsoft Knowledge Base:</p><p class=\"indent-1\"><a data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/help/4457331\" managed-link=\"\" target=\"_blank\">4457331</a> Slow performance and high CPU usage in Azure AD Connect Health for Sync monitoring agent on a system that has installed .NET Framework 4.7.2 or the July 2018 updates for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, or 4.7.2</p></li></ul><h2>How to obtain help and support for this security update</h2><ul><li><span>Help for installing updates: <a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/help/12373/windows-update-faq\" managed-link=\"\" target=\"_blank\">Windows Update FAQ</a></span></li><li><span>Security solutions for IT professionals: </span><a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://technet.microsoft.com/security/bb980617.aspx\" managed-link=\"\" target=\"_blank\">TechNet Security Support and Troubleshooting</a></li><li><span>Help for protecting your Windows-based products and services from viruses and malware: </span><a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/contactus/cu_sc_virsec_master\" managed-link=\"\" target=\"_blank\">Microsoft Secure</a></li><li><span>Local support according to your country: <a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"http://support.microsoft.com\" managed-link=\"\" target=\"_blank\">International Support</a></span></li></ul></body></html>", "edition": 9, "modified": "2019-09-27T02:49:15", "id": "KB4340558", "href": "https://support.microsoft.com/en-us/help/4340558/", "published": "2019-09-27T02:49:15", "title": "Security and Quality Rollup updates for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 and 4.7.2 for Windows 8.1, RT 8.1, and Server 2012 R2 (KB 4340558)", "type": "mskb", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T22:36:56", "bulletinFamily": "microsoft", "cvelist": ["CVE-2018-8202", "CVE-2018-8356", "CVE-2018-8284"], "description": "<html><body><p>Resolves vulnerabilities that could allow remote code execution, an Elevation of Privilege and a security feature bypass.</p><h2></h2><p>This article also applies to the following:</p><ul><li>Microsoft .NET Framework 3.5</li></ul><h2>Summary</h2><p>This security update resolves the following vulnerabilities:</p><ul><li><span><span>A \"remote code execution\" vulnerability exists when .NET Framework does not validate input correctly. An attacker who successfully exploits\u00a0this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts that have full user rights. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who have administrative user rights. To exploit the vulnerability, an attacker would have to pass specific input to an application through susceptible .NET Framework methods. This security update addresses the vulnerability by correcting how .NET Framework validates input. To learn more about this vulnerability, see <a href=\"https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-8284\">Microsoft Common Vulnerabilities and Exposures CVE-2018-8284</a>.</span></span></li><li><span><span>An \"elevation of privilege\" vulnerability exists in .NET Framework that could allow an attacker to elevate their user rights level. To exploit the vulnerability, an attacker would first have to access the local computer, and then run a malicious program. This update addresses the vulnerability by correcting how .NET Framework enables COM objects. To learn more about this vulnerability, see <a href=\"https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-8202\">Microsoft Common Vulnerabilities and Exposures CVE-2018-8202</a>.</span></span></li><li><span><span>A \"security feature bypass\" vulnerability exists when .NET Framework components do not correctly validate certificates. An attacker could present expired certificates when challenged. This security update addresses the vulnerability by making sure that .NET Framework components correctly validate certificates. To learn more about this vulnerability, see <a href=\"https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-8356\">Microsoft Common Vulnerabilities and Exposures CVE-2018-8356</a>.</span></span></li></ul><h2></h2><p><strong><span class=\"text-base\">Important</span></strong></p><ul><li><span><span><span><span><span><span>All updates for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 and 4.7.2 require the d3dcompiler_47.dll to be installed. We recommend that you install the included d3dcompiler_47.dll before you apply this update. For more information about the d3dcompiler_47.dll, see </span></span></span><a href=\"https://support.microsoft.com/en-us/help/4019990\"><span><span>KB 4019990</span></span></a><span><span><span>.</span></span></span></span></span></span></li><li>If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see <a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://technet.microsoft.com/en-us/library/hh825699\" managed-link=\"\" target=\"_blank\">Add language packs to Windows</a>.</li></ul><h2>Additional information about this security update</h2><div><span>The following articles contain additional information about this security\u00a0update as it relates to individual product versions.</span></div><div>\u00a0</div><ul><li><span><a data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/help/4338610\" managed-link=\"\" target=\"_blank\">4338610</a> Description of the Security Only update for .NET Framework 3.5 for Windows Server 2012 (KB 4338610)</span></li><li><a data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/help/4338601\" managed-link=\"\" target=\"_blank\">4338601</a> Description of the Security Only update for .NET Framework 4.5.2 for Windows Server 2012 (KB 4338601)</li><li><a data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/help/4338604\" managed-link=\"\" target=\"_blank\">4338604</a> Description of the Security Only update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows Server 2012 (KB 4338604)</li></ul><h2>Known issues</h2><ul class=\"indent-9\"><li><p>After you install any of the <span><a data-content-id=\"\" data-content-type=\"\" href=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8202\" target=\"\">July 2018 .NET Framework Security Updates</a></span>, a COM component fails to load because of \u201caccess denied,\u201d\u00a0\u201cclass not registered,\u201d\u00a0or \u201cinternal failure occurred for unknown reasons\u201d errors. The most common failure signature\u00a0is the following:</p><p class=\"indent-1\">Exception type:\u00a0System.UnauthorizedAccessException</p><p class=\"indent-1\"><span lang=\"EN-US\">Message:\u00a0Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))</span></p><p>For more information about this issue, see the following article in the Microsoft Knowledge Base:\u00a0</p><p class=\"indent-1\"><a href=\"https://support.microsoft.com/help/4345913\">4345913</a>\u00a0\"Access Denied\" errors and applications with COM activation fail after installing July 2018 Security and Quality Rollup updates for .NET Framework</p>To resolve this issue, install the August Security Only update <a href=\"https://support.microsoft.com/help/4345680\" managed-link=\"\">KB 4345680</a>.</li><li><p><span>Assume that you run the Azure Active Directory (Azure AD) Connect Health for Sync monitoring agent on a system that has .NET Framework 4.7.2 or the July 2018 updates for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, or 4.7.2 <span>installed</span>. In this scenario, the system may experience slow performance and high CPU usage</span>.<br/><br/>For more information about this issue, see the following article in the Microsoft Knowledge Base:</p><p class=\"indent-1\"><a data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/help/4457331\" managed-link=\"\" target=\"_blank\">4457331</a> Slow performance and high CPU usage in Azure AD Connect Health for Sync monitoring agent on a system that has installed .NET Framework 4.7.2 or the July 2018 updates for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, or 4.7.2</p></li></ul><h2>How to obtain help and support for this security update</h2><ul><li><span>Help for installing updates: <a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/en-us/help/12373/windows-update-faq\" managed-link=\"\" target=\"_blank\">Windows Update FAQ</a></span></li><li><span>Security solutions for IT professionals: </span><a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://technet.microsoft.com/security/bb980617.aspx\" managed-link=\"\" target=\"_blank\">TechNet Security Support and Troubleshooting</a></li><li><span>Help for protecting your Windows-based products and services from viruses and malware: </span><a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/contactus/cu_sc_virsec_master\" managed-link=\"\" target=\"_blank\">Microsoft Secure</a></li><li><span>Local support according to your country: <a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"http://support.microsoft.com\" managed-link=\"\" target=\"_blank\">International Support</a></span></li></ul></body></html>", "edition": 3, "modified": "2018-08-15T02:35:53", "id": "KB4340005", "href": "https://support.microsoft.com/en-us/help/4340005/", "published": "2018-08-15T02:35:53", "title": "Security Only update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 and 4.7.2 for Windows Server 2012 (KB 4340005)", "type": "mskb", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T22:47:58", "bulletinFamily": "microsoft", "cvelist": ["CVE-2018-8202", "CVE-2018-8356", "CVE-2018-8284"], "description": "<html><body><p>Resolves vulnerabilities that could allow remote code execution, an elevation of privilege, and a security feature bypass.</p><h2>Summary</h2><p>This security update resolves the following vulnerabilities:</p><ul><li><span><span>A \"remote code execution\" vulnerability exists when .NET Framework does not validate input correctly. An attacker who successfully exploits\u00a0this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts that have full user rights. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who have administrative user rights. To exploit the vulnerability, an attacker would have to pass specific input to an application through susceptible .NET Framework methods. This security update addresses the vulnerability by correcting how .NET Framework validates input. To learn more about this vulnerability, see <a href=\"https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-8284\">Microsoft Common Vulnerabilities and Exposures CVE-2018-8284</a>.</span></span></li><li><span><span>An \"elevation of privilege\" vulnerability exists in .NET Framework that could allow an attacker to elevate their user rights level. To exploit the vulnerability, an attacker would first have to access the local computer, and then run a malicious program. This update addresses the vulnerability by correcting how .NET Framework enables COM objects. To learn more about this vulnerability, see <a href=\"https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-8202\">Microsoft Common Vulnerabilities and Exposures CVE-2018-8202</a>.</span></span></li><li><span><span>A \"security feature bypass\" vulnerability exists when .NET Framework components do not correctly validate certificates. An attacker could present expired certificates when challenged. This security update addresses the vulnerability by making sure that .NET Framework components correctly validate certificates. To learn more about this vulnerability, see <a href=\"https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-8356\">Microsoft Common Vulnerabilities and Exposures CVE-2018-8356</a>.</span></span></li></ul><h2></h2><p><strong><span class=\"text-base\">Important</span></strong></p><ul><li><span><span><span><span><span><span>All updates for .NET Framework 4.6 for Windows Server 2008 require the d3dcompiler_47.dll update to be installed. We recommend that you install the included d3dcompiler_47.dll update before you apply this update. For more information about the d3dcompiler_47.dll update, see </span></span></span><a data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/en-us/help/4019478\" target=\"_blank\">KB 4019478</a><span><span><span>.</span></span></span></span></span></span><span><span><span><span></span></span></span></span></li><li>If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see <a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://technet.microsoft.com/en-us/library/hh825699\" managed-link=\"\" target=\"_blank\">Add language packs to Windows</a>.</li></ul><h2>Additional information about this security update</h2><div><span>The following articles contain additional information about this security\u00a0update as it relates to individual product versions.</span></div><div>\u00a0</div><ul><li><span><a data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/help/4338611\" managed-link=\"\" target=\"_blank\">4338611</a> Description of the Security Only update for .NET Framework 2.0 SP2 and 3.0 SP2 for Server 2008 (KB 4338611)</span></li><li><a data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/help/4338602\" managed-link=\"\" target=\"_blank\">4338602</a> Description of the Security Only update for .NET Framework 4.5.2 for Windows 7 SP1, Server 2008 R2 SP1, and Server 2008 (KB 4338602)</li><li><a data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/help/4338606\" managed-link=\"\" target=\"_blank\">4338606</a> Description of the Security Only update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, and 4.7.1, for Windows 7 SP1 and Server 2008 R2 SP1, and for .NET Framework 4.6 for Server 2008 (KB 4338606)</li></ul><h2>Known issues</h2><ul class=\"indent-9\"><li><p>After you install any of the <span><a data-content-id=\"\" data-content-type=\"\" href=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8202\" target=\"\">July 2018 .NET Framework Security Updates</a></span>, a COM component fails to load because of \u201caccess denied,\u201d\u00a0\u201cclass not registered,\u201d\u00a0or \u201cinternal failure occurred for unknown reasons\u201d errors. The most common failure signature\u00a0is the following:</p><p class=\"indent-1\">Exception type:\u00a0System.UnauthorizedAccessException</p><p class=\"indent-1\"><span lang=\"EN-US\">Message:\u00a0Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))</span></p><p>For more information about this issue, see the following article in the Microsoft Knowledge Base:\u00a0</p><p class=\"indent-1\"><a href=\"https://support.microsoft.com/help/4345913\">4345913</a>\u00a0\"Access Denied\" errors and applications with COM activation fail after installing July 2018 Security and Quality Rollup updates for .NET Framework</p>To resolve this issue, install the August Security Only update <a href=\"https://support.microsoft.com/help/4345682\" managed-link=\"\">KB 4345682</a>.</li><li><p><span>Assume that you run the Azure Active Directory (Azure AD) Connect Health for Sync monitoring agent on a system that has .NET Framework 4.7.2 or the July 2018 updates for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, or 4.7.2 <span>installed</span>. In this scenario, the system may experience slow performance and high CPU usage</span>.<br/><br/>For more information about this issue, see the following article in the Microsoft Knowledge Base:</p><p class=\"indent-1\"><a data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/help/4457331\" managed-link=\"\" target=\"_blank\">4457331</a> Slow performance and high CPU usage in Azure AD Connect Health for Sync monitoring agent on a system that has installed .NET Framework 4.7.2 or the July 2018 updates for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, or 4.7.2</p></li></ul><h2>How to obtain help and support for this security update</h2><ul><li><span>Help for installing updates: <a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/en-us/help/12373/windows-update-faq\" managed-link=\"\" target=\"_blank\">Windows Update FAQ</a></span></li><li><span>Security solutions for IT professionals: </span><a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://technet.microsoft.com/security/bb980617.aspx\" managed-link=\"\" target=\"_blank\">TechNet Security Support and Troubleshooting</a></li><li><span>Help for protecting your Windows-based products and services from viruses and malware: </span><a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/contactus/cu_sc_virsec_master\" managed-link=\"\" target=\"_blank\">Microsoft Secure</a></li><li><span>Local support according to your country: <a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"http://support.microsoft.com\" managed-link=\"\" target=\"_blank\">International Support</a></span></li></ul></body></html>", "edition": 3, "modified": "2018-08-15T02:33:21", "id": "KB4340007", "href": "https://support.microsoft.com/en-us/help/4340007/", "published": "2018-08-15T02:33:21", "title": "Security Only update for .NET Framework 2.0 SP2, 3.0 SP2, 4.5.2, and 4.6 for Windows Server 2008 (KB 4340007)", "type": "mskb", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T22:42:07", "bulletinFamily": "microsoft", "cvelist": ["CVE-2018-8202", "CVE-2018-8356", "CVE-2018-8284"], "description": "<html><body><p>Resolves vulnerabilities that could allow remote code execution, an elevation of privilege, and a security feature bypass.</p><h2></h2><p>This article also applies to the following:</p><ul><li>Microsoft .NET Framework 3.5</li></ul><h2>Summary</h2><p>This security update resolves the following vulnerabilities:</p><ul><li><span><span>A \"remote code execution\" vulnerability exists when .NET Framework does not validate input correctly. An attacker who successfully exploits\u00a0this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts that have full user rights. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who have administrative user rights. To exploit the vulnerability, an attacker would have to pass specific input to an application through susceptible .NET Framework methods. This security update addresses the vulnerability by correcting how .NET Framework validates input. To learn more about this vulnerability, see <a href=\"https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-8284\">Microsoft Common Vulnerabilities and Exposures CVE-2018-8284</a>.</span></span></li><li><span><span>An \"elevation of privilege\" vulnerability exists in .NET Framework that could allow an attacker to elevate their user rights level. To exploit the vulnerability, an attacker would first have to access the local computer, and then run a malicious program. This update addresses the vulnerability by correcting how .NET Framework enables COM objects. To learn more about this vulnerability, see <a href=\"https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-8202\">Microsoft Common Vulnerabilities and Exposures CVE-2018-8202</a>.</span></span></li><li><span><span>A \"security feature bypass\" vulnerability exists when .NET Framework components do not correctly validate certificates. An attacker could present expired certificates when challenged. This security update addresses the vulnerability by making sure that .NET Framework components correctly validate certificates. To learn more about this vulnerability, see <a href=\"https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-8356\">Microsoft Common Vulnerabilities and Exposures CVE-2018-8356</a>.</span></span></li></ul><h2></h2><p><strong><span class=\"text-base\">Important</span></strong></p><ul><li>All updates for .NET Framework 4.6, 4.6.1, 4.6.2,\u00a04.7, 4.7.1, and 4.7.2 require the\u00a0d3dcompiler_47.dll to be installed. We recommend that you install the included d3dcompiler_47.dll before you apply\u00a0this update. For more information about the d3dcompiler_47.dll, see\u00a0<a aria-live=\"rude\" data-bi-name=\"content-anchor-link\" data-content-id=\"4019990\" data-content-type=\"article\" href=\"\" managed-link=\"\" tabindex=\"0\" target=\"_blank\">KB 4019990</a>.</li><li>If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see <a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://technet.microsoft.com/en-us/library/hh825699\" managed-link=\"\" target=\"_blank\">Add language packs to Windows</a>.</li></ul><h2>Additional information about this security update</h2><div><span>The following articles contain additional information about this security update as it relates to individual product versions. The articles may contain known issue information.</span></div><div>\u00a0</div><ul><li><span><a data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/help/4338421\" managed-link=\"\" target=\"_blank\">4338421</a> Description of the Security and Quality Rollup updates for .NET Framework 3.5 for Windows Server 2012 (KB 4338421)</span></li><li><a data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/help/4338416\" managed-link=\"\" target=\"_blank\">4338416</a> Description of the Security and Quality Rollup <span>updates </span>for .NET Framework 4.5.2 for Windows Server 2012 (KB 4338416)</li><li><a data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/help/4338418\" managed-link=\"\" target=\"_blank\">4338418</a> Description of the Security and Quality Rollup <span>updates </span>for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows Server 2012 (KB 4338418)</li></ul><h2>Known issues</h2><ul class=\"indent-9\"><li><p>After you install any of the <span><a data-content-id=\"\" data-content-type=\"\" href=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8202\" target=\"\">July 2018 .NET Framework Security Updates</a></span>, a COM component fails to load because of \u201caccess denied,\u201d\u00a0\u201cclass not registered,\u201d\u00a0or \u201cinternal failure occurred for unknown reasons\u201d errors. The most common failure signature\u00a0is the following:</p><p class=\"indent-1\">Exception type:\u00a0System.UnauthorizedAccessException</p><p class=\"indent-1\"><span lang=\"EN-US\">Message:\u00a0Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))</span></p><p>For more information about this issue, see the following article in the Microsoft Knowledge Base:\u00a0</p><p class=\"indent-1\"><a href=\"https://support.microsoft.com/help/4345913\">4345913</a>\u00a0\"Access Denied\" errors and applications with COM activation fail after installing July 2018 Security and Quality Rollup updates for .NET Framework</p><p>To resolve this issue, i<span>nstall the August Security and Quality Rollup <a href=\"https://support.microsoft.com/help/4345591\" managed-link=\"\">KB <span>4345591</span></a>.</span></p></li><li><p><span>Assume that you run the Azure Active Directory (Azure AD) Connect Health for Sync monitoring agent on a system that has .NET Framework 4.7.2 or the July 2018 updates for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, or 4.7.2 <span>installed</span>. In this scenario, the system may experience slow performance and high CPU usage</span>.<br/><br/>For more information about this issue, see the following article in the Microsoft Knowledge Base:</p><p class=\"indent-1\"><a data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/help/4457331\" managed-link=\"\" target=\"_blank\">4457331</a> Slow performance and high CPU usage in Azure AD Connect Health for Sync monitoring agent on a system that has installed .NET Framework 4.7.2 or the July 2018 updates for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, or 4.7.2</p></li></ul><h2>How to obtain help and support for this security update</h2><ul><li><span>Help for installing updates: <a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/en-us/help/12373/windows-update-faq\" managed-link=\"\" target=\"_blank\">Windows Update FAQ</a></span></li><li><span>Security solutions for IT professionals: </span><a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://technet.microsoft.com/security/bb980617.aspx\" managed-link=\"\" target=\"_blank\">TechNet Security Support and Troubleshooting</a></li><li><span>Help for protecting your Windows-based products and services from viruses and malware: </span><a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/contactus/cu_sc_virsec_master\" managed-link=\"\" target=\"_blank\">Microsoft Secure</a></li><li><span>Local support according to your country: <a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"http://support.microsoft.com\" managed-link=\"\" target=\"_blank\">International Support</a></span></li></ul></body></html>", "edition": 7, "modified": "2018-08-15T01:45:47", "id": "KB4340557", "href": "https://support.microsoft.com/en-us/help/4340557/", "published": "2018-08-15T01:45:47", "title": "Security and Quality Rollup updates for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 and 4.7.2 for Windows Server 2012 (KB 4340557)", "type": "mskb", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T22:44:41", "bulletinFamily": "microsoft", "cvelist": ["CVE-2018-8202", "CVE-2018-8356", "CVE-2018-8284"], "description": "<html><body><p>Resolves vulnerabilities that could allow remote code execution, an elevation of privilege, and a security feature bypass.</p><h2></h2><p>This article also applies to the following:</p><ul><li>Microsoft .NET Framework 3.5</li></ul><h2>Summary</h2><p>This security update resolves the following vulnerabilities:</p><ul><li><span><span>A \"remote code execution\" vulnerability exists when .NET Framework does not validate input correctly. An attacker who successfully exploits\u00a0this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts that have full user rights. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who have administrative user rights. To exploit the vulnerability, an attacker would have to pass specific input to an application through susceptible .NET Framework methods. This security update addresses the vulnerability by correcting how .NET Framework validates input. To learn more about this vulnerability, see <a href=\"https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-8284\">Microsoft Common Vulnerabilities and Exposures CVE-2018-8284</a>.</span></span></li><li><span><span>An \"elevation of privilege\" vulnerability exists in .NET Framework that could allow an attacker to elevate their user rights level. To exploit the vulnerability, an attacker would first have to access the local computer, and then run a malicious program. This update addresses the vulnerability by correcting how .NET Framework enables COM objects. To learn more about this vulnerability, see <a href=\"https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-8202\">Microsoft Common Vulnerabilities and Exposures CVE-2018-8202</a>.</span></span></li><li><span><span>A \"security feature bypass\" vulnerability exists when .NET Framework components do not correctly validate certificates. An attacker could present expired certificates when challenged. This security update addresses the vulnerability by making sure that .NET Framework components correctly validate certificates. To learn more about this vulnerability, see <a href=\"https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-8356\">Microsoft Common Vulnerabilities and Exposures CVE-2018-8356</a>.</span></span></li></ul><h2></h2><p><strong><span class=\"text-base\">Important</span></strong></p><ul><li><span><span><span>All updates for Windows 8.1 and Windows Server 2012 R2 require update <a data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/en-us/help/2919355\" target=\"_blank\">2919355</a> to be installed. We recommend that you install update <a data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/en-us/help/2919355\" target=\"_blank\">2919355</a> on your Windows RT 8.1-based, Windows 8.1-based, or Windows Server 2012 R2-based computer so that you receive updates in the future</span></span></span>.</li><li>If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see <a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://technet.microsoft.com/en-us/library/hh825699\" managed-link=\"\" target=\"_blank\">Add language packs to Windows</a>.</li></ul><h2>Additional information about this security update</h2><div><span>The following articles contain additional information about this security\u00a0update as it relates to individual product versions.</span></div><div>\u00a0</div><ul><li><span><a data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/help/4338613\" managed-link=\"\" target=\"_blank\">4338613</a> Description of the Security Only update for .NET Framework 3.5 for Windows 8.1 and Server 2012 R2 (KB 4338613)</span></li><li><a data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/help/4338600\" managed-link=\"\" target=\"_blank\">4338600</a> Description of the Security Only update for .NET Framework 4.5.2 for Windows 8.1 and Server 2012 R2 (KB 4338600)</li><li><a data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/help/4338605\" managed-link=\"\" target=\"_blank\">4338605</a> Description of the Security Only update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows 8.1 and Server 2012 R2 (KB 4338605)</li></ul><h2>Known issues</h2><ul class=\"indent-9\"><li><p>After you install any of the <span><a data-content-id=\"\" data-content-type=\"\" href=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8202\" target=\"\">July 2018 .NET Framework Security Updates</a></span>, a COM component fails to load because of \u201caccess denied,\u201d\u00a0\u201cclass not registered,\u201d\u00a0or \u201cinternal failure occurred for unknown reasons\u201d errors. The most common failure signature\u00a0is the following:</p><p class=\"indent-1\">Exception type:\u00a0System.UnauthorizedAccessException</p><p class=\"indent-1\"><span lang=\"EN-US\">Message:\u00a0Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))</span></p><p>For more information about this issue, see the following article in the Microsoft Knowledge Base:\u00a0</p><p class=\"indent-1\"><a href=\"https://support.microsoft.com/help/4345913\">4345913</a>\u00a0\"Access Denied\" errors and applications with COM activation fail after installing July 2018 Security and Quality Rollup updates for .NET Framework</p>To resolve this issue, install the August Security Only update <a href=\"https://support.microsoft.com/help/4345681\" managed-link=\"\">KB 4345681</a>.</li><li><p><span>Assume that you run the Azure Active Directory (Azure AD) Connect Health for Sync monitoring agent on a system that has .NET Framework 4.7.2 or the July 2018 updates for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, or 4.7.2 <span>installed</span>. In this scenario, the system may experience slow performance and high CPU usage</span>.<br/><br/>For more information about this issue, see the following article in the Microsoft Knowledge Base:</p><p class=\"indent-1\"><a data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/help/4457331\" managed-link=\"\" target=\"_blank\">4457331</a> Slow performance and high CPU usage in Azure AD Connect Health for Sync monitoring agent on a system that has installed .NET Framework 4.7.2 or the July 2018 updates for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, or 4.7.2</p></li></ul><h2>How to obtain help and support for this security update</h2><ul><li><span>Help for installing updates: <a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/en-us/help/12373/windows-update-faq\" managed-link=\"\" target=\"_blank\">Windows Update FAQ</a></span></li><li><span>Security solutions for IT professionals: </span><a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://technet.microsoft.com/security/bb980617.aspx\" managed-link=\"\" target=\"_blank\">TechNet Security Support and Troubleshooting</a></li><li><span>Help for protecting your Windows-based products and services from viruses and malware: </span><a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/contactus/cu_sc_virsec_master\" managed-link=\"\" target=\"_blank\">Microsoft Secure</a></li><li><span>Local support according to your country: <a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"http://support.microsoft.com\" managed-link=\"\" target=\"_blank\">International Support</a></span></li></ul></body></html>", "edition": 3, "modified": "2018-08-15T02:33:36", "id": "KB4340006", "href": "https://support.microsoft.com/en-us/help/4340006/", "published": "2018-08-15T02:33:36", "title": "Security Only update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 and 4.7.2 for Windows 8.1 and Server 2012 R2 (KB 4340006)", "type": "mskb", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T22:45:53", "bulletinFamily": "microsoft", "cvelist": ["CVE-2018-8202", "CVE-2018-8356", "CVE-2018-8284"], "description": "<html><body><p>Resolves vulnerabilities that could allow remote code execution, an elevation of privilege, and a security feature bypass.</p><h2>Summary</h2><p>This security update resolves the following vulnerabilities:</p><ul><li><span><span>A \"remote code execution\" vulnerability exists when .NET Framework does not validate input correctly. An attacker who successfully exploits\u00a0this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts that have full user rights. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who have administrative user rights. To exploit the vulnerability, an attacker would have to pass specific input to an application through susceptible .NET Framework methods. This security update addresses the vulnerability by correcting how .NET Framework validates input. To learn more about this vulnerability, see <a href=\"https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-8284\">Microsoft Common Vulnerabilities and Exposures CVE-2018-8284</a>.</span></span></li><li><span><span>An \"elevation of privilege\" vulnerability exists in .NET Framework that could allow an attacker to elevate their user rights level. To exploit the vulnerability, an attacker would first have to access the local computer, and then run a malicious program. This update addresses the vulnerability by correcting how .NET Framework enables COM objects. To learn more about this vulnerability, see <a href=\"https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-8202\">Microsoft Common Vulnerabilities and Exposures CVE-2018-8202</a>.</span></span></li><li><span><span>A \"security feature bypass\" vulnerability exists when .NET Framework components do not correctly validate certificates. An attacker could present expired certificates when challenged. This security update addresses the vulnerability by making sure that .NET Framework components correctly validate certificates. To learn more about this vulnerability, see <a href=\"https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-8356\">Microsoft Common Vulnerabilities and Exposures CVE-2018-8356</a>.</span></span></li></ul><h2></h2><p><strong><span class=\"text-base\">Important</span></strong></p><ul><li><span><span><span><span><span><span>All updates for .NET Framework 4.6 for Windows Server 2008 require the d3dcompiler_47.dll update to be installed. We recommend that you install the included d3dcompiler_47.dll update before you apply this update. For more information about the d3dcompiler_47.dll update, see </span></span></span><a href=\"https://support.microsoft.com/en-us/help/4019478\"><span><span><span>KB 4019478</span></span></span></a><span><span><span>.</span></span></span></span></span></span><span><span><span><span></span></span></span></span></li><li>If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see <a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://technet.microsoft.com/en-us/library/hh825699\" managed-link=\"\" target=\"_blank\">Add language packs to Windows</a>.</li></ul><h2>Additional information about this security update</h2><div><span>The following articles contain additional information about this security update as it relates to individual product versions. The articles may contain known issue information.</span></div><div>\u00a0</div><ul><li><span><a href=\"https://support.microsoft.com/help/4338422\" managed-link=\"\">4338422</a> Description of the Security and Quality Rollup updates for .NET Framework 2.0 SP2 and 3.0 SP2 for Windows Server 2008 (KB 4338422)</span></li><li><a href=\"https://support.microsoft.com/help/4338417\" managed-link=\"\">4338417</a> Description of the Security and Quality Rollup updates for .NET Framework 4.5.2 for Windows 7 SP1, Server 2008 R2 SP1, and Server 2008 (KB 4338417)</li><li><a href=\"https://support.microsoft.com/help/4338420\" managed-link=\"\">4338420</a> Description of the Security and Quality Rollup updates for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, and 4.7.1 for Windows 7 SP1 and Server 2008 R2 SP1, and for .NET Framework 4.6 for Server 2008 (KB 4338420)</li></ul><h2>Known issues</h2><ul><li><p>After you install any of the <span><a data-content-id=\"\" data-content-type=\"\" href=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8202\" target=\"\">July 2018 .NET Framework Security Updates</a></span>, a COM component fails to load because of \u201caccess denied,\u201d\u00a0\u201cclass not registered,\u201d\u00a0or \u201cinternal failure occurred for unknown reasons\u201d errors. The most common failure signature\u00a0is the following:</p><p class=\"indent-1\">Exception type:\u00a0System.UnauthorizedAccessException</p><p class=\"indent-1\"><span lang=\"EN-US\">Message:\u00a0Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))</span></p><p>For more information about this issue, see the following article in the Microsoft Knowledge Base:\u00a0</p><p class=\"indent-1\"><a href=\"https://support.microsoft.com/help/4345913\">4345913</a>\u00a0\"Access Denied\" errors and applications with COM activation fail after installing July 2018 Security and Quality Rollup updates for .NET Framework</p><p>To resolve this issue, install the August Security and Quality Rollup <a href=\"https://support.microsoft.com/help/4345593\" managed-link=\"\">KB 4345593</a>.</p></li><li><p><span><span>After you install the July 2018 .NET Framework Security and Quality Rollups that apply to .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 on Windows 7 Service Pack 1 (SP1), Windows Server 2008 R2 SP1, or Windows Server 2008 SP2, you notice errors in .NET Framework applications.<br/><br/>For more information about this issue, see the following article in the Microsoft Knowledge Base:</span></span></p><p class=\"indent-1\"><a href=\"https://support.microsoft.com/help/4463405\" managed-link=\"\">4463405</a> Errors occur in applications that combine transaction flow and remote calls after the July 2018 .NET Framework Security and Quality Rollups are installed</p></li></ul><h2>How to obtain help and support for this security update</h2><ul><li><span>Help for installing updates: <a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/en-us/help/12373/windows-update-faq\" managed-link=\"\" target=\"_blank\">Windows Update FAQ</a></span></li><li><span>Help for protecting your Windows-based products and services from viruses and malware: </span><a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/contactus/cu_sc_virsec_master\" managed-link=\"\" target=\"_blank\">Microsoft Secure</a></li><li><span>Local support according to your country: <a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"http://support.microsoft.com\" managed-link=\"\" target=\"_blank\">International Support</a></span></li></ul></body></html>", "edition": 8, "modified": "2018-09-12T20:47:32", "id": "KB4340559", "href": "https://support.microsoft.com/en-us/help/4340559/", "published": "2018-09-12T20:47:32", "title": "Security and Quality Rollup updates for .NET Framework 2.0 SP2, 3.0 SP2, 4.5.2, and 4.6 for Windows Server 2008 (KB 4340559)", "type": "mskb", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T22:43:33", "bulletinFamily": "microsoft", "cvelist": ["CVE-2018-8202", "CVE-2018-8356", "CVE-2018-8284"], "description": "<html><body><p>Resolves vulnerabilities that could allow remote code execution, an elevation of privilege, and a security feature bypass.</p><h2>Summary</h2><p>This security update resolves the following vulnerabilities:</p><ul><li><span><span>A \"remote code execution\" vulnerability exists when .NET Framework does not validate input correctly. An attacker who successfully exploits\u00a0this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts that have full user rights. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who have administrative user rights. To exploit the vulnerability, an attacker would have to pass specific input to an application through susceptible .NET Framework methods. This security update addresses the vulnerability by correcting how .NET Framework validates input. To learn more about this vulnerability, see <a href=\"https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-8284\">Microsoft Common Vulnerabilities and Exposures CVE-2018-8284</a>.</span></span></li><li><span><span>An \"elevation of privilege\" vulnerability exists in .NET Framework that could allow an attacker to elevate their user rights level. To exploit the vulnerability, an attacker would first have to access the local computer, and then run a malicious program. This update addresses the vulnerability by correcting how .NET Framework enables COM objects. To learn more about this vulnerability, see <a href=\"https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-8202\">Microsoft Common Vulnerabilities and Exposures CVE-2018-8202</a>.</span></span></li><li><span><span>A \"security feature bypass\" vulnerability exists when .NET Framework components do not correctly validate certificates. An attacker could present expired certificates when challenged. This security update addresses the vulnerability by making sure that .NET Framework components correctly validate certificates. To learn more about this vulnerability, see <a href=\"https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-8356\">Microsoft Common Vulnerabilities and Exposures CVE-2018-8356</a>.</span></span></li></ul><h2></h2><p><strong><span class=\"text-base\">Important</span></strong></p><ul><li><span><span><span><span><span><span>All updates for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 require the d3dcompiler_47.dll to be installed. We recommend that you install the included d3dcompiler_47.dll before you apply this update. For more information about the d3dcompiler_47.dll, see </span></span></span><a data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/en-us/help/4019990\" target=\"_blank\">KB 4019990</a><span><span><span>.</span></span></span></span></span></span></li><li>If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see <a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://technet.microsoft.com/en-us/library/hh825699\" managed-link=\"\" target=\"_blank\">Add language packs to Windows</a>.</li></ul><h2>Additional information about this security update</h2><div><span>The following articles contain additional information about this security\u00a0update as it relates to individual product versions.</span></div><div>\u00a0</div><ul><li><span><a data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/help/4338612\" managed-link=\"\" target=\"_blank\">4338612</a> Description of the Security Only update for .NET Framework 3.5.1 for Windows 7 SP1 and Server 2008 R2 SP1 (KB 4338612)</span></li><li><a data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/help/4338602\" managed-link=\"\" target=\"_blank\">4338602</a> Description of the Security Only update for .NET Framework 4.5.2 for Windows 7 SP1, Server 2008 R2 SP1, and Server 2008 (KB 4338602)</li><li><a data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/help/4338606\" managed-link=\"\" target=\"_blank\">4338606</a> Description of the Security Only update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows 7 SP1 and Server 2008 R2 SP1, and for .NET Framework 4.6 for Server 2008 (KB 4338606)</li></ul><h2>Known issues</h2><ul class=\"indent-9\"><li><p>After you install any of the <span><a data-content-id=\"\" data-content-type=\"\" href=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8202\" target=\"\">July 2018 .NET Framework Security Updates</a></span>, a COM component fails to load because of \u201caccess denied,\u201d\u00a0\u201cclass not registered,\u201d\u00a0or \u201cinternal failure occurred for unknown reasons\u201d errors. The most common failure signature\u00a0is the following:</p><p class=\"indent-1\">Exception type:\u00a0System.UnauthorizedAccessException</p><p class=\"indent-1\"><span lang=\"EN-US\">Message:\u00a0Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))</span></p><p>For more information about this issue, see the following article in the Microsoft Knowledge Base:\u00a0</p><p class=\"indent-1\"><a href=\"https://support.microsoft.com/help/4345913\">4345913</a>\u00a0\"Access Denied\" errors and applications with COM activation fail after installing July 2018 Security and Quality Rollup updates for .NET Framework</p>To resolve this issue, install the August Security Only update <a href=\"https://support.microsoft.com/help/4345679\" managed-link=\"\">KB 4345679</a>.</li><li><p><span>Assume that you run the Azure Active Directory (Azure AD) Connect Health for Sync monitoring agent on a system that has .NET Framework 4.7.2 or the July 2018 updates for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, or 4.7.2 <span>installed</span>. In this scenario, the system may experience slow performance and high CPU usage</span>.<br/><br/>For more information about this issue, see the following article in the Microsoft Knowledge Base:</p><p class=\"indent-1\"><a data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/help/4457331\" managed-link=\"\" target=\"_blank\">4457331</a> Slow performance and high CPU usage in Azure AD Connect Health for Sync monitoring agent on a system that has installed .NET Framework 4.7.2 or the July 2018 updates for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, or 4.7.2</p></li></ul><h2>How to obtain help and support for this security update</h2><ul><li><span>Help for installing updates: <a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/en-us/help/12373/windows-update-faq\" managed-link=\"\" target=\"_blank\">Windows Update FAQ</a></span></li><li><span>Security solutions for IT professionals: </span><a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://technet.microsoft.com/security/bb980617.aspx\" managed-link=\"\" target=\"_blank\">TechNet Security Support and Troubleshooting</a></li><li><span>Help for protecting your Windows-based products and services from viruses and malware: </span><a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/contactus/cu_sc_virsec_master\" managed-link=\"\" target=\"_blank\">Microsoft Secure</a></li><li><span>Local support according to your country: <a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"http://support.microsoft.com\" managed-link=\"\" target=\"_blank\">International Support</a></span></li></ul></body></html>", "edition": 3, "modified": "2018-08-15T02:36:02", "id": "KB4340004", "href": "https://support.microsoft.com/en-us/help/4340004/", "published": "2018-08-15T02:36:02", "title": "Security Only update for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 and 4.7.2 for Windows 7 SP1 and Server 2008 R2 (KB 4340004)", "type": "mskb", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T22:50:31", "bulletinFamily": "microsoft", "cvelist": ["CVE-2018-8202", "CVE-2018-8356", "CVE-2018-8284"], "description": "<html><body><p>Resolves vulnerabilities that could allow remote code execution, an elevation of privilege, and a security feature bypass.</p><h2>Summary</h2><p>This security update resolves the following vulnerabilities:</p><ul><li><span><span>A \"remote code execution\" vulnerability exists when .NET Framework does not validate input correctly. An attacker who successfully exploits\u00a0this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts that have full user rights. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who have administrative user rights. To exploit the vulnerability, an attacker would have to pass specific input to an application through susceptible .NET Framework methods. This security update addresses the vulnerability by correcting how .NET Framework validates input. To learn more about this vulnerability, see <a href=\"https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-8284\">Microsoft Common Vulnerabilities and Exposures CVE-2018-8284</a>.</span></span></li><li><span><span>An \"elevation of privilege\" vulnerability exists in .NET Framework that could allow an attacker to elevate their user rights level. To exploit the vulnerability, an attacker would first have to access the local computer, and then run a malicious program. This update addresses the vulnerability by correcting how .NET Framework enables COM objects. To learn more about this vulnerability, see <a href=\"https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-8202\">Microsoft Common Vulnerabilities and Exposures CVE-2018-8202</a>.</span></span></li><li><span><span>A \"security feature bypass\" vulnerability exists when .NET Framework components do not correctly validate certificates. An attacker could present expired certificates when challenged. This security update addresses the vulnerability by making sure that .NET Framework components correctly validate certificates. To learn more about this vulnerability, see <a href=\"https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2018-8356\">Microsoft Common Vulnerabilities and Exposures CVE-2018-8356</a>.</span></span></li></ul><h2></h2><p><strong><span class=\"text-base\">Important</span></strong></p><ul><li><span><span><span><span><span><span>All updates for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 require the d3dcompiler_47.dll to be installed. We recommend that you install the included d3dcompiler_47.dll before you apply this update. For more information about the d3dcompiler_47.dll, see </span></span></span><span><span><a href=\"https://support.microsoft.com/en-us/help/4019990\">KB 4019990</a></span></span><span><span><span>.</span></span></span></span></span></span></li><li>If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see <a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://technet.microsoft.com/en-us/library/hh825699\" managed-link=\"\" target=\"_blank\">Add language packs to Windows</a>.</li></ul><h2>Additional information about this security update</h2><div><span>The following articles contain additional information about this security update as it relates to individual product versions. The articles may contain known issue information.</span></div><div>\u00a0</div><ul><li><span><a data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/help/4338423\" managed-link=\"\" target=\"_blank\">4338423</a> Description of the Security and Quality Rollup updates for .NET Framework 3.5.1 for Windows 7 SP1 and Server 2008 R2 SP1 (KB 4338423)</span></li><li><a data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/help/4338417\" managed-link=\"\" target=\"_blank\">4338417</a> Description of the Security and Quality Rollup <span>updates </span>for .NET Framework 4.5.2 for Windows 7 SP1, Server 2008 R2 SP1, and Server 2008 (KB 4338417)</li><li><a data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/help/4338420\" managed-link=\"\" target=\"_blank\">4338420</a> Description of the Security and Quality Rollup <span>updates </span>for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1,\u00a0and 4.7.2 for Windows 7 SP1 and Server 2008 R2 SP1, and for .NET Framework 4.6 for Server 2008 (KB 4338420)</li></ul><h2>Known issues</h2><ul class=\"indent-9\"><li><p>After you install any of the <span><a data-content-id=\"\" data-content-type=\"\" href=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8202\" target=\"\">July 2018 .NET Framework Security Updates</a></span>, a COM component fails to load because of \u201caccess denied,\u201d\u00a0\u201cclass not registered,\u201d\u00a0or \u201cinternal failure occurred for unknown reasons\u201d errors. The most common failure signature\u00a0is the following:</p><p class=\"indent-1\">Exception type:\u00a0System.UnauthorizedAccessException</p><p class=\"indent-1\"><span lang=\"EN-US\">Message:\u00a0Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))</span></p><p>For more information about this issue, see the following article in the Microsoft Knowledge Base:\u00a0</p><p class=\"indent-1\"><a href=\"https://support.microsoft.com/help/4345913\">4345913</a>\u00a0\"Access Denied\" errors and applications with COM activation fail after installing July 2018 Security and Quality Rollup updates for .NET Framework</p><p>To resolve this issue, i<span>nstall the August Security and Quality Rollup <a href=\"https://support.microsoft.com/help/4345590\" managed-link=\"\">KB <span>4345590</span></a>.</span></p></li><li><p><span>Assume that you run the Azure Active Directory (Azure AD) Connect Health for Sync monitoring agent on a system that has .NET Framework 4.7.2 or the July 2018 updates for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, or 4.7.2 <span>installed</span>. In this scenario, the system may experience slow performance and high CPU usage</span>.<br/><br/>For more information about this issue, see the following article in the Microsoft Knowledge Base:</p><p class=\"indent-1\"><a data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/help/4457331\" managed-link=\"\" target=\"_blank\">4457331</a> Slow performance and high CPU usage in Azure AD Connect Health for Sync monitoring agent on a system that has installed .NET Framework 4.7.2 or the July 2018 updates for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, or 4.7.2</p></li><li><p><span><span>After you install the July 2018 .NET Framework Security and Quality Rollups that apply to .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 on Windows 7 Service Pack 1 (SP1), Windows Server 2008 R2 SP1, or Windows Server 2008 SP2, you notice errors in .NET Framework applications.<br/><br/>For more information about this issue, see the following article in the Microsoft Knowledge Base:</span></span></p><p class=\"indent-1\"><a href=\"https://support.microsoft.com/help/4463405\" managed-link=\"\">4463405</a> Errors occur in applications that combine transaction flow and remote calls after the July 2018 .NET Framework Security and Quality Rollups are installed</p></li></ul><h2>How to obtain help and support for this security update</h2><ul><li><span>Help for installing updates: <a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/en-us/help/12373/windows-update-faq\" managed-link=\"\" target=\"_blank\">Windows Update FAQ</a></span></li><li><span>Security solutions for IT professionals: </span><a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://technet.microsoft.com/security/bb980617.aspx\" managed-link=\"\" target=\"_blank\">TechNet Security Support and Troubleshooting</a></li><li><span>Help for protecting your Windows-based products and services from viruses and malware: </span><a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"https://support.microsoft.com/contactus/cu_sc_virsec_master\" managed-link=\"\" target=\"_blank\">Microsoft Secure</a></li><li><span>Local support according to your country: <a bookmark-id=\"\" data-content-id=\"\" data-content-type=\"\" href=\"http://support.microsoft.com\" managed-link=\"\" target=\"_blank\">International Support</a></span></li></ul></body></html>", "edition": 8, "modified": "2018-09-12T20:47:32", "id": "KB4340556", "href": "https://support.microsoft.com/en-us/help/4340556/", "published": "2018-09-12T20:47:32", "title": "Security and Quality Rollup updates for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows 7 SP1 and Server 2008 R2 SP1 (KB 4340556)", "type": "mskb", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2020-06-08T23:06:06", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-8202", "CVE-2018-8356", "CVE-2018-8284"], "description": "This host is missing an important security\n update according to Microsoft KB4338423", "modified": "2020-06-04T00:00:00", "published": "2018-07-11T00:00:00", "id": "OPENVAS:1361412562310813483", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310813483", "type": "openvas", "title": "Microsoft .NET Framework Multiple Vulnerabilities (KB4338423)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft .NET Framework Multiple Vulnerabilities (KB4338423)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.813483\");\n script_version(\"2020-06-04T11:13:22+0000\");\n script_cve_id(\"CVE-2018-8356\", \"CVE-2018-8284\", \"CVE-2018-8202\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-04 11:13:22 +0000 (Thu, 04 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-07-11 08:06:24 +0530 (Wed, 11 Jul 2018)\");\n script_name(\"Microsoft .NET Framework Multiple Vulnerabilities (KB4338423)\");\n\n script_tag(name:\"summary\", value:\"This host is missing an important security\n update according to Microsoft KB4338423\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - An error when Microsoft .NET Framework components do not correctly validate\n certificates.\n\n - An error in the way how .NET Framework activates COM objects.\n\n - An error when the Microsoft .NET Framework fails to validate input properly.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to gain elevated privileges, bypass security restrictions and take control of an\n affected system allowing to install programs or view data, change data, delete\n data or create new accounts with full user rights.\");\n\n script_tag(name:\"affected\", value:\"Microsoft .NET Framework 3.5.1 for Microsoft Windows 7 SP1 and Microsoft Windows Server 2008 R2 SP1.\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4338423\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_mandatory_keys(\"SMB/WindowsVersion\");\n script_require_ports(139, 445);\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win7:2, win7x64:2, win2008r2:2) <= 0){\n exit(0);\n}\n\nkey = \"SOFTWARE\\Microsoft\\ASP.NET\\\";\nif(!registry_key_exists(key:key)){\n exit(0);\n}\n\nkey2 = \"SOFTWARE\\Microsoft\\.NETFramework\\AssemblyFolders\\\";\nforeach item (registry_enum_keys(key:key2))\n{\n path = registry_get_sz(key:key2 + item, item:\"All Assemblies In\");\n if(path)\n {\n dllVer = fetch_file_version(sysPath:path, file_name:\"system.identitymodel.dll\");\n if(dllVer)\n {\n if(version_in_range(version:dllVer, test_version:\"3.0.4506.7082\", test_version2:\"3.0.4506.8799\"))\n {\n report = report_fixed_ver(file_checked:path + \"system.identitymodel.dll\",\n file_version:dllVer, vulnerable_range:\"3.0.4506.7082 - 3.0.4506.8799\");\n security_message(data:report);\n exit(0);\n }\n }\n }\n}\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-06-08T23:06:10", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-8202", "CVE-2018-8356", "CVE-2018-8284"], "description": "This host is missing an important security\n update according to Microsoft KB4338417", "modified": "2020-06-04T00:00:00", "published": "2018-07-11T00:00:00", "id": "OPENVAS:1361412562310813485", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310813485", "type": "openvas", "title": "Microsoft .NET Framework Multiple Vulnerabilities (KB4338417)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft .NET Framework Multiple Vulnerabilities (KB4338417)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.813485\");\n script_version(\"2020-06-04T11:13:22+0000\");\n script_cve_id(\"CVE-2018-8356\", \"CVE-2018-8284\", \"CVE-2018-8202\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-04 11:13:22 +0000 (Thu, 04 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-07-11 08:06:24 +0530 (Wed, 11 Jul 2018)\");\n script_name(\"Microsoft .NET Framework Multiple Vulnerabilities (KB4338417)\");\n\n script_tag(name:\"summary\", value:\"This host is missing an important security\n update according to Microsoft KB4338417\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - An error when Microsoft .NET Framework components do not correctly validate\n certificates.\n\n - An error in the way how .NET Framework activates COM objects.\n\n - An error when the Microsoft .NET Framework fails to validate input properly.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to gain elevated privileges, bypass security restrictions and take control of an\n affected system allowing to install programs or view data, change data, delete\n data or create new accounts with full user rights.\");\n\n script_tag(name:\"affected\", value:\"Microsoft .NET Framework 4.5.2 for Microsoft Windows 7 SP1, Server 2008 R2 SP1, and Microsoft Windows Server 2008.\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4338417\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_mandatory_keys(\"SMB/WindowsVersion\");\n script_require_ports(139, 445);\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win2008:3, win2008x64:3, win2008r2:2, win7:2, win7x64:2) <= 0){\n exit(0);\n}\n\nkey = \"SOFTWARE\\Microsoft\\ASP.NET\\\";\nif(!registry_key_exists(key:key)){\n exit(0);\n}\n\nforeach item (registry_enum_keys(key:key))\n{\n dotPath = registry_get_sz(key:key + item, item:\"Path\");\n if(dotPath && \"\\Microsoft.NET\\Framework\" >< dotPath)\n {\n sysdllVer = fetch_file_version(sysPath:dotPath, file_name:\"System.IdentityModel.dll\");\n if(!sysdllVer || sysdllVer !~ \"^4\\.\"){\n continue;\n }\n\n if(version_in_range(version:sysdllVer, test_version:\"4.0.30319.30000\", test_version2:\"4.0.30319.36449\"))\n {\n report = report_fixed_ver(file_checked:dotPath + \"System.IdentityModel.dll\",\n file_version:sysdllVer, vulnerable_range:\"4.0.30319.30000 - 4.0.30319.36449\");\n security_message(data:report);\n exit(0);\n }\n }\n}\nexit(0);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-06-08T23:06:18", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-8202", "CVE-2018-8356", "CVE-2018-8284"], "description": "This host is missing an important security\n update according to Microsoft KB4338415", "modified": "2020-06-04T00:00:00", "published": "2018-07-11T00:00:00", "id": "OPENVAS:1361412562310813488", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310813488", "type": "openvas", "title": "Microsoft .NET Framework Multiple Vulnerabilities (KB4338415)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft .NET Framework Multiple Vulnerabilities (KB4338415)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.813488\");\n script_version(\"2020-06-04T11:13:22+0000\");\n script_cve_id(\"CVE-2018-8356\", \"CVE-2018-8284\", \"CVE-2018-8202\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-04 11:13:22 +0000 (Thu, 04 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-07-11 08:06:24 +0530 (Wed, 11 Jul 2018)\");\n script_name(\"Microsoft .NET Framework Multiple Vulnerabilities (KB4338415)\");\n\n script_tag(name:\"summary\", value:\"This host is missing an important security\n update according to Microsoft KB4338415\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - An error when Microsoft .NET Framework components do not correctly validate\n certificates.\n\n - An error in the way how .NET Framework activates COM objects.\n\n - An error when the Microsoft .NET Framework fails to validate input properly.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to gain elevated privileges, bypass security restrictions and take control of an\n affected system allowing to install programs or view data, change data, delete\n data or create new accounts with full user rights.\");\n\n script_tag(name:\"affected\", value:\"Microsoft .NET Framework 4.5.2 for Microsoft Windows 8.1 and Microsoft Windows Server 2012 R2.\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4338415/\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_mandatory_keys(\"SMB/WindowsVersion\");\n script_require_ports(139, 445);\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win8_1:1, win8_1x64:1, win2012R2:1) <= 0){\n exit(0);\n}\n\nkey = \"SOFTWARE\\Microsoft\\ASP.NET\\\";\nif(!registry_key_exists(key:key)){\n exit(0);\n}\n\nforeach item (registry_enum_keys(key:key))\n{\n dotPath = registry_get_sz(key:key + item, item:\"Path\");\n if(dotPath && \"\\Microsoft.NET\\Framework\" >< dotPath)\n {\n sysdllVer = fetch_file_version(sysPath:dotPath, file_name:\"mscorlib.dll\");\n if(!sysdllVer || sysdllVer !~ \"^4\\.\"){\n continue;\n }\n\n if(version_in_range(version:sysdllVer, test_version:\"4.0.30319.30000\", test_version2:\"4.0.30319.36449\"))\n {\n report = report_fixed_ver(file_checked:dotPath + \"mscorlib.dll\",\n file_version:sysdllVer, vulnerable_range:\"4.0.30319.30000 - 4.0.30319.36449\");\n security_message(data:report);\n exit(0);\n }\n }\n}\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-06-08T23:05:56", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-8202", "CVE-2018-8356", "CVE-2018-8284"], "description": "This host is missing an important security\n update according to Microsoft KB4338424", "modified": "2020-06-04T00:00:00", "published": "2018-07-11T00:00:00", "id": "OPENVAS:1361412562310813487", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310813487", "type": "openvas", "title": "Microsoft .NET Framework Multiple Vulnerabilities (KB4338424)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft .NET Framework Multiple Vulnerabilities (KB4338424)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.813487\");\n script_version(\"2020-06-04T11:13:22+0000\");\n script_cve_id(\"CVE-2018-8356\", \"CVE-2018-8284\", \"CVE-2018-8202\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-04 11:13:22 +0000 (Thu, 04 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-07-11 08:06:24 +0530 (Wed, 11 Jul 2018)\");\n script_name(\"Microsoft .NET Framework Multiple Vulnerabilities (KB4338424)\");\n\n script_tag(name:\"summary\", value:\"This host is missing an important security\n update according to Microsoft KB4338424\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - An error when Microsoft .NET Framework components do not correctly validate\n certificates.\n\n - An error in the way how .NET Framework activates COM objects.\n\n - An error when the Microsoft .NET Framework fails to validate input properly.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to gain elevated privileges, bypass security restrictions and take control of an\n affected system allowing to install programs or view data, change data, delete\n data or create new accounts with full user rights.\");\n\n script_tag(name:\"affected\", value:\"Microsoft .NET Framework 3.5 SP1 for Microsoft Windows 8.1 and Microsoft Windows Server 2012 R2.\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4338424\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_mandatory_keys(\"SMB/WindowsVersion\");\n script_require_ports(139, 445);\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win8_1:1, win8_1x64:1, win2012R2:1) <= 0){\n exit(0);\n}\n\nkey = \"SOFTWARE\\Microsoft\\ASP.NET\\\";\nif(!registry_key_exists(key:key)){\n exit(0);\n}\n\nforeach item (registry_enum_keys(key:key))\n{\n dotPath = registry_get_sz(key:key + item, item:\"Path\");\n if(dotPath && \"\\Microsoft.NET\\Framework\" >< dotPath)\n {\n sysdllVer = fetch_file_version(sysPath:dotPath, file_name:\"mscorlib.dll\");\n if(!sysdllVer || sysdllVer !~ \"^2\\.\"){\n continue;\n }\n\n if(version_in_range(version:sysdllVer, test_version:\"2.0.50727.5700\", test_version2:\"2.0.50727.8788\"))\n {\n report = report_fixed_ver(file_checked:dotPath + \"\\mscorlib.dll\",\n file_version:sysdllVer, vulnerable_range:\"2.0.50727.5700 - 2.0.50727.8788\");\n security_message(data:report);\n exit(0);\n }\n }\n}\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-06-08T23:06:01", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-8260", "CVE-2018-8202", "CVE-2018-8356", "CVE-2018-8284"], "description": "This host is missing an important security\n update according to Microsoft KB4338420.", "modified": "2020-06-04T00:00:00", "published": "2018-07-11T00:00:00", "id": "OPENVAS:1361412562310813491", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310813491", "type": "openvas", "title": "Microsoft .NET Framework Multiple Vulnerabilities (KB4338420)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft .NET Framework Multiple Vulnerabilities (KB4338420)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.813491\");\n script_version(\"2020-06-04T11:13:22+0000\");\n script_cve_id(\"CVE-2018-8356\", \"CVE-2018-8284\", \"CVE-2018-8202\", \"CVE-2018-8260\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-04 11:13:22 +0000 (Thu, 04 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-07-11 12:46:24 +0530 (Wed, 11 Jul 2018)\");\n script_name(\"Microsoft .NET Framework Multiple Vulnerabilities (KB4338420)\");\n\n script_tag(name:\"summary\", value:\"This host is missing an important security\n update according to Microsoft KB4338420.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to,\n\n - An error when Microsoft .NET Framework components do not correctly validate\n certificates.\n\n - An error in the way how .NET Framework activates COM objects.\n\n - An error when the Microsoft .NET Framework fails to validate input properly.\n\n - An error when the .NET software when the software fails to check the source\n markup of a file.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to gain elevated privileges, bypass security restrictions and take control of an\n affected system allowing to install programs or view data, change data, delete\n data or create new accounts with full user rights.\");\n\n script_tag(name:\"affected\", value:\"Microsoft .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 for Microsoft Windows 7 SP1, Server 2008 R2 SP1 and Microsoft Windows Server 2008.\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4338420\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_mandatory_keys(\"SMB/WindowsVersion\");\n script_require_ports(139, 445);\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win2008:3, win2008x64:3, win7:2, win7x64:2, win2008r2:2) <= 0){\n exit(0);\n}\n\nkey = \"SOFTWARE\\Microsoft\\ASP.NET\\\";\nif(!registry_key_exists(key:key)){\n exit(0);\n}\n\nforeach item (registry_enum_keys(key:key))\n{\n dotPath = registry_get_sz(key:key + item, item:\"Path\");\n if(dotPath && \"\\Microsoft.NET\\Framework\" >< dotPath)\n {\n dllVer = fetch_file_version(sysPath:dotPath, file_name:\"system.runtime.remoting.dll\");\n if(!dllVer || dllVer !~ \"^4\\.\"){\n continue;\n }\n\n if(dllVer =~ \"^4\\.[67]\" && version_is_less(version:dllVer, test_version:\"4.7.3130.0\"))\n {\n report = report_fixed_ver(file_checked:dotPath + \"system.runtime.remoting.dll\",\n file_version:dllVer, vulnerable_range:\"4.6 - 4.7.3129\");\n security_message(data:report);\n exit(0);\n }\n }\n}\nexit(0);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-06-08T23:06:17", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-8260", "CVE-2018-8202", "CVE-2018-8356", "CVE-2018-8284"], "description": "This host is missing an important security\n update according to Microsoft KB4338419.", "modified": "2020-06-04T00:00:00", "published": "2018-07-11T00:00:00", "id": "OPENVAS:1361412562310813490", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310813490", "type": "openvas", "title": "Microsoft .NET Framework Multiple Vulnerabilities (KB4338419)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft .NET Framework Multiple Vulnerabilities (KB4338419)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.813490\");\n script_version(\"2020-06-04T11:13:22+0000\");\n script_cve_id(\"CVE-2018-8356\", \"CVE-2018-8284\", \"CVE-2018-8202\", \"CVE-2018-8260\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-04 11:13:22 +0000 (Thu, 04 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-07-11 12:06:24 +0530 (Wed, 11 Jul 2018)\");\n script_name(\"Microsoft .NET Framework Multiple Vulnerabilities (KB4338419)\");\n\n script_tag(name:\"summary\", value:\"This host is missing an important security\n update according to Microsoft KB4338419.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to,\n\n - An error when Microsoft .NET Framework components do not correctly validate\n certificates.\n\n - An error in the way how .NET Framework activates COM objects.\n\n - An error when the Microsoft .NET Framework fails to validate input properly.\n\n - An error when the .NET software when the software fails to check the source\n markup of a file.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to gain elevated privileges, bypass security restrictions and take control of an\n affected system allowing to install programs or view data, change data, delete\n data or create new accounts with full user rights.\");\n\n script_tag(name:\"affected\", value:\"Microsoft .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 for Microsoft Windows 8.1 and Microsoft Windows Server 2012 R2.\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4338419/\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_mandatory_keys(\"SMB/WindowsVersion\");\n script_require_ports(139, 445);\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win8_1:1, win8_1x64:1, win2012R2:1) <= 0){\n exit(0);\n}\n\nkey = \"SOFTWARE\\Microsoft\\ASP.NET\\\";\nif(!registry_key_exists(key:key)){\n exit(0);\n}\n\nkey2 = \"SOFTWARE\\Microsoft\\.NETFramework\\AssemblyFolders\\\";\nif(!registry_key_exists(key:key2)){\n exit(0);\n}\n\nforeach item (registry_enum_keys(key:key2))\n{\n path = registry_get_sz(key:key2 + item, item:\"All Assemblies In\");\n if(path)\n {\n dllVer = fetch_file_version(sysPath:path, file_name:\"system.identitymodel.dll\");\n if(dllVer)\n {\n if(dllVer =~ \"^(4\\.(6|7))\" && version_is_less(version:dllVer, test_version:\"4.7.3130.0\"))\n {\n report = report_fixed_ver(file_checked:path + \"system.identitymodel.dll\",\n file_version:dllVer, vulnerable_range:\"4.6 - 4.7.3129\");\n security_message(data:report);\n exit(0);\n }\n }\n }\n}\nexit(0);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-08T13:28:48", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-8304", "CVE-2018-8260", "CVE-2018-8275", "CVE-2018-8291", "CVE-2018-0949", "CVE-2018-8313", "CVE-2018-8222", "CVE-2018-8280", "CVE-2018-8308", "CVE-2018-8288", "CVE-2018-8287", "CVE-2018-8307", "CVE-2018-8202", "CVE-2018-8290", "CVE-2018-8296", "CVE-2018-8356", "CVE-2018-8206", "CVE-2018-8309", "CVE-2018-8284", "CVE-2018-8282", "CVE-2018-8125", "CVE-2018-8242"], "description": "This host is missing a critical security\n update according to Microsoft KB4338814", "modified": "2019-12-20T00:00:00", "published": "2018-07-11T00:00:00", "id": "OPENVAS:1361412562310813648", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310813648", "type": "openvas", "title": "Microsoft Windows Multiple Vulnerabilities (KB4338814)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft Windows Multiple Vulnerabilities (KB4338814)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.813648\");\n script_version(\"2019-12-20T10:24:46+0000\");\n script_cve_id(\"CVE-2018-8282\", \"CVE-2018-8284\", \"CVE-2018-0949\", \"CVE-2018-8125\",\n \"CVE-2018-8202\", \"CVE-2018-8206\", \"CVE-2018-8222\", \"CVE-2018-8242\",\n \"CVE-2018-8260\", \"CVE-2018-8275\", \"CVE-2018-8280\", \"CVE-2018-8287\",\n \"CVE-2018-8288\", \"CVE-2018-8290\", \"CVE-2018-8291\", \"CVE-2018-8296\",\n \"CVE-2018-8304\", \"CVE-2018-8307\", \"CVE-2018-8308\", \"CVE-2018-8309\",\n \"CVE-2018-8313\", \"CVE-2018-8356\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-12-20 10:24:46 +0000 (Fri, 20 Dec 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-07-11 11:03:55 +0530 (Wed, 11 Jul 2018)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4338814)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4338814\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to errors,\n\n - When Windows improperly handles File Transfer Protocol (FTP) connections.\n\n - When Windows improperly handles objects in memory.\n\n - When the Windows kernel fails to properly handle objects in memory.\n\n - When Microsoft WordPad improperly handles embedded OLE objects.\n\n - When scripting engine improperly handles objects in memory in Microsoft\n browsers.\n\n - When the Windows kernel-mode driver fails to properly handle objects in memory.\n\n - When the Chakra scripting engine improperly handles objects in memory in\n Microsoft Edge.\n\n - When Microsoft Edge improperly accesses objects in memory.\n\n - When Microsoft Internet Explorer improperly handles requests involving UNC\n resources.\n\n - When the Windows Kernel API improperly enforces permissions.\n\n - A security feature bypass vulnerability exists in Device Guard.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to cause a target system to stop responding, elevate their privilege level,\n run arbitrary code, bypass security, disclose sensitive information and also\n take control of an affected system.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Windows 10 Version 1607 x32/x64\n\n - Microsoft Windows Server 2016\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4338814\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win10:1, win10x64:1, win2016:1) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_system32root();\nif(!sysPath ){\n exit(0);\n}\n\nedgeVer = fetch_file_version(sysPath:sysPath, file_name:\"edgehtml.dll\");\nif(!edgeVer){\n exit(0);\n}\n\nif(version_in_range(version:edgeVer, test_version:\"11.0.14393.0\", test_version2:\"11.0.14393.2362\"))\n{\n report = report_fixed_ver(file_checked:sysPath + \"\\Edgehtml.dll\",\n file_version:edgeVer, vulnerable_range:\"11.0.14393.0 - 11.0.14393.2362\");\n security_message(data:report);\n exit(0);\n}\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-06-08T23:06:17", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-8304", "CVE-2018-8291", "CVE-2018-0949", "CVE-2018-8313", "CVE-2018-8222", "CVE-2018-8280", "CVE-2018-8308", "CVE-2018-8288", "CVE-2018-8287", "CVE-2018-8307", "CVE-2018-8202", "CVE-2018-8290", "CVE-2018-8314", "CVE-2018-8296", "CVE-2018-3665", "CVE-2018-8356", "CVE-2018-8206", "CVE-2018-8309", "CVE-2018-8284", "CVE-2018-8282", "CVE-2018-8125", "CVE-2018-8242"], "description": "This host is missing a critical security\n update according to Microsoft KB4338829", "modified": "2020-06-04T00:00:00", "published": "2018-07-11T00:00:00", "id": "OPENVAS:1361412562310813649", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310813649", "type": "openvas", "title": "Microsoft Windows Multiple Vulnerabilities (KB4338829)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft Windows Multiple Vulnerabilities (KB4338829)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.813649\");\n script_version(\"2020-06-04T11:13:22+0000\");\n script_cve_id(\"CVE-2018-8282\", \"CVE-2018-8284\", \"CVE-2018-0949\", \"CVE-2018-8125\",\n \"CVE-2018-8202\", \"CVE-2018-8206\", \"CVE-2018-8222\", \"CVE-2018-8242\",\n \"CVE-2018-8280\", \"CVE-2018-8287\", \"CVE-2018-8288\", \"CVE-2018-8290\",\n \"CVE-2018-8291\", \"CVE-2018-8296\", \"CVE-2018-8304\", \"CVE-2018-8307\",\n \"CVE-2018-8308\", \"CVE-2018-8309\", \"CVE-2018-8313\", \"CVE-2018-8314\",\n \"CVE-2018-8356\", \"CVE-2018-3665\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-04 11:13:22 +0000 (Thu, 04 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-07-11 11:15:15 +0530 (Wed, 11 Jul 2018)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4338829)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4338829\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to errors,\n\n - When Windows improperly handles File Transfer Protocol (FTP) connections.\n\n - When Chakra scripting engine improperly handles objects in memory in\n browsers.\n\n - When Windows Kernel API improperly enforces permissions.\n\n - when Windows improperly handles objects in memory.\n\n - When the Windows kernel fails to properly handle objects in memory.\n\n - When Microsoft WordPad improperly handles embedded OLE objects.\n\n - When the scripting engine improperly handles objects in memory in\n Microsoft browsers.\n\n - When Windows fails a check, allowing a sandbox escape.\n\n - A security feature bypass vulnerability exists in Device Guard.\n\n - When Microsoft Internet Explorer improperly handles requests involving\n UNC resources.\n\n - When the Windows kernel-mode driver fails to properly handle objects in memory.\n\n - When Microsoft Edge improperly accesses objects in memory.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to cause a target system to stop responding, elevate their privilege level,\n run arbitrary code, bypass security, disclose sensitive information and also\n take control of an affected system.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Windows 10 for 32-bit Systems\n\n - Microsoft Windows 10 for x64-based Systems\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4338829\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win10:1, win10x64:1) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_system32root();\nif(!sysPath ){\n exit(0);\n}\n\nedgeVer = fetch_file_version(sysPath:sysPath, file_name:\"edgehtml.dll\");\nif(!edgeVer){\n exit(0);\n}\n\nif(version_in_range(version:edgeVer, test_version:\"11.0.10240.0\", test_version2:\"11.0.10240.17913\"))\n{\n report = report_fixed_ver(file_checked:sysPath + \"\\Edgehtml.dll\",\n file_version:edgeVer, vulnerable_range:\"11.0.10240.0 - 11.0.10240.17913\");\n security_message(data:report);\n exit(0);\n}\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-06-08T23:06:10", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-8304", "CVE-2018-8260", "CVE-2018-8276", "CVE-2018-8275", "CVE-2018-8291", "CVE-2018-0949", "CVE-2018-8313", "CVE-2018-8222", "CVE-2018-8280", "CVE-2018-8279", "CVE-2018-8308", "CVE-2016-7279", "CVE-2018-8288", "CVE-2018-8287", "CVE-2018-8307", "CVE-2018-8202", "CVE-2018-8290", "CVE-2018-8296", "CVE-2018-8324", "CVE-2018-8356", "CVE-2018-8206", "CVE-2018-8309", "CVE-2018-8284", "CVE-2018-8282", "CVE-2018-8125", "CVE-2018-8286", "CVE-2018-8274", "CVE-2018-8242"], "description": "This host is missing a critical security\n update according to Microsoft KB4338826", "modified": "2020-06-04T00:00:00", "published": "2018-07-11T00:00:00", "id": "OPENVAS:1361412562310813650", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310813650", "type": "openvas", "title": "Microsoft Windows Multiple Vulnerabilities (KB4338826)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft Windows Multiple Vulnerabilities (KB4338826)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.813650\");\n script_version(\"2020-06-04T11:13:22+0000\");\n script_cve_id(\"CVE-2018-8282\", \"CVE-2018-8284\", \"CVE-2018-0949\", \"CVE-2018-8125\",\n \"CVE-2018-8202\", \"CVE-2018-8206\", \"CVE-2018-8222\", \"CVE-2018-8242\",\n \"CVE-2018-8260\", \"CVE-2018-8274\", \"CVE-2018-8275\", \"CVE-2018-8276\",\n \"CVE-2018-8279\", \"CVE-2018-8280\", \"CVE-2018-8286\", \"CVE-2018-8287\",\n \"CVE-2018-8288\", \"CVE-2018-8290\", \"CVE-2018-8291\", \"CVE-2018-8296\",\n \"CVE-2018-8304\", \"CVE-2018-8307\", \"CVE-2018-8308\", \"CVE-2018-8309\",\n \"CVE-2018-8313\", \"CVE-2018-8324\", \"CVE-2018-8356\", \"CVE-2016-7279\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-04 11:13:22 +0000 (Thu, 04 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-07-11 11:24:45 +0530 (Wed, 11 Jul 2018)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4338826)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4338826\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to errors,\n\n - When Windows improperly handles File Transfer Protocol (FTP) connections.\n\n - When Windows improperly handles objects in memory.\n\n - When the Windows kernel fails to properly handle objects in memory.\n\n - When Microsoft WordPad improperly handles embedded OLE objects.\n\n - When Microsoft Edge improperly handles objects in memory.\n\n - When the scripting engine improperly handles objects in memory in\n Microsoft browsers.\n\n - When the Chakra scripting engine improperly handles objects in memory in\n Microsoft Edge.\n\n - When the Windows kernel-mode driver fails to properly handle objects in memory.\n\n - Microsoft Chakra scripting engine that allows Control Flow Guard (CFG) to be\n bypassed.\n\n - When Microsoft Internet Explorer improperly handles requests involving UNC\n resources.\n\n - When the Windows Kernel API improperly enforces permissions.\n\n - A security feature bypass vulnerability exists in Device Guard.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to cause a target system to stop responding, elevate their privilege level,\n run arbitrary code, bypass security, disclose sensitive information and also\n take control of an affected system.\");\n\n script_tag(name:\"affected\", value:\"Microsoft Windows 10 Version 1703 x32/x64.\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4338826\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win10:1, win10x64:1) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_system32root();\nif(!sysPath ){\n exit(0);\n}\n\nedgeVer = fetch_file_version(sysPath:sysPath, file_name:\"edgehtml.dll\");\nif(!edgeVer){\n exit(0);\n}\n\nif(version_in_range(version:edgeVer, test_version:\"11.0.15063.0\", test_version2:\"11.0.15063.1205\"))\n{\n report = report_fixed_ver(file_checked:sysPath + \"\\Edgehtml.dll\",\n file_version:edgeVer, vulnerable_range:\"11.0.15063.0 - 11.0.15063.1205\");\n security_message(data:report);\n exit(0);\n}\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-06-08T23:06:09", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-8304", "CVE-2018-8297", "CVE-2018-8260", "CVE-2018-8276", "CVE-2018-8275", "CVE-2018-8291", "CVE-2018-0949", "CVE-2018-8313", "CVE-2018-8222", "CVE-2018-8280", "CVE-2018-8279", "CVE-2018-8308", "CVE-2016-7279", "CVE-2018-8288", "CVE-2018-8287", "CVE-2018-8307", "CVE-2018-8202", "CVE-2018-8290", "CVE-2018-8296", "CVE-2018-8324", "CVE-2018-8356", "CVE-2018-8206", "CVE-2018-8309", "CVE-2018-8284", "CVE-2018-8282", "CVE-2018-8125", "CVE-2018-8301", "CVE-2018-8286", "CVE-2018-8274", "CVE-2018-8242"], "description": "This host is missing a critical security\n update according to Microsoft KB4338825", "modified": "2020-06-04T00:00:00", "published": "2018-07-11T00:00:00", "id": "OPENVAS:1361412562310813651", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310813651", "type": "openvas", "title": "Microsoft Windows Multiple Vulnerabilities (KB4338825)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft Windows Multiple Vulnerabilities (KB4338825)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.813651\");\n script_version(\"2020-06-04T11:13:22+0000\");\n script_cve_id(\"CVE-2018-8282\", \"CVE-2018-8284\", \"CVE-2018-0949\", \"CVE-2018-8125\",\n \"CVE-2018-8202\", \"CVE-2018-8206\", \"CVE-2018-8222\", \"CVE-2018-8242\",\n \"CVE-2018-8260\", \"CVE-2018-8274\", \"CVE-2018-8275\", \"CVE-2018-8276\",\n \"CVE-2018-8279\", \"CVE-2018-8280\", \"CVE-2018-8286\", \"CVE-2018-8287\",\n \"CVE-2018-8288\", \"CVE-2018-8290\", \"CVE-2018-8291\", \"CVE-2018-8296\",\n \"CVE-2018-8297\", \"CVE-2018-8301\", \"CVE-2018-8304\", \"CVE-2018-8307\",\n \"CVE-2018-8308\", \"CVE-2018-8309\", \"CVE-2018-8313\", \"CVE-2018-8324\",\n \"CVE-2018-8356\", \"CVE-2016-7279\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-04 11:13:22 +0000 (Thu, 04 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-07-11 11:37:54 +0530 (Wed, 11 Jul 2018)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4338825)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4338825\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to errors,\n\n - When Windows improperly handles File Transfer Protocol (FTP) connections.\n\n - When Windows improperly handles objects in memory.\n\n - When the Windows kernel fails to properly handle objects in memory.\n\n - When Microsoft WordPad improperly handles embedded OLE objects.\n\n - When Microsoft Edge improperly handles objects in memory.\n\n - When scripting engine handles objects in memory in Microsoft browsers.\n\n - When Chakra scripting engine handles objects in memory in Microsoft Edge.\n\n - When the Windows kernel-mode driver fails to properly handle objects in memory.\n\n - Microsoft Chakra scripting engine that allows Control Flow Guard (CFG)\n to be bypassed.\n\n - When Microsoft Internet Explorer improperly handles requests involving UNC\n resources.\n\n - When Windows Kernel API improperly enforces permissions.\n\n - A security feature bypass vulnerability exists in Device Guard.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to cause a target system to stop responding, elevate their privilege level,\n run arbitrary code, bypass security, disclose sensitive information and also\n take control of an affected system.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Windows 10 Version 1709 for 32-bit Systems\n\n - Microsoft Windows 10 Version 1709 for 64-based Systems\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4338825\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win10:1, win10x64:1) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_system32root();\nif(!sysPath ){\n exit(0);\n}\n\nedgeVer = fetch_file_version(sysPath:sysPath, file_name:\"edgehtml.dll\");\nif(!edgeVer){\n exit(0);\n}\n\nif(version_in_range(version:edgeVer, test_version:\"11.0.16299.0\", test_version2:\"11.0.16299.546\"))\n{\n report = report_fixed_ver(file_checked:sysPath + \"\\Edgehtml.dll\",\n file_version:edgeVer, vulnerable_range:\"11.0.16299.0 - 11.0.16299.546\");\n security_message(data:report);\n exit(0);\n}\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2021-02-01T06:16:45", "description": "This plugin has been deprecated due to Microsoft removing downloads\nto related KBs. These were removed due to Access Denied errors which\nhave been resolved in later cumulative patches.", "edition": 27, "cvss3": {"score": 8.1, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-07-10T00:00:00", "title": "Security Updates for Microsoft .NET Framework (July 2018) (deprecated)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-8260", "CVE-2018-8202", "CVE-2018-8356", "CVE-2018-8284"], "modified": "2021-02-02T00:00:00", "cpe": ["cpe:/a:microsoft:.net_framework"], "id": "SMB_NT_MS18_JUL_DOTNET.NASL", "href": "https://www.tenable.com/plugins/nessus/110990", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(110990);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2019/11/04\");\n\n script_cve_id(\n \"CVE-2018-8202\",\n \"CVE-2018-8260\",\n \"CVE-2018-8284\",\n \"CVE-2018-8356\"\n );\n script_bugtraq_id(\n 104664,\n 104665,\n 104666,\n 104667\n );\n script_xref(name:\"MSKB\", value:\"4338606\");\n script_xref(name:\"MSKB\", value:\"4338605\");\n script_xref(name:\"MSKB\", value:\"4338604\");\n script_xref(name:\"MSKB\", value:\"4338602\");\n script_xref(name:\"MSKB\", value:\"4338601\");\n script_xref(name:\"MSKB\", value:\"4338600\");\n script_xref(name:\"MSKB\", value:\"4338423\");\n script_xref(name:\"MSKB\", value:\"4338422\");\n script_xref(name:\"MSKB\", value:\"4338421\");\n script_xref(name:\"MSKB\", value:\"4338420\");\n script_xref(name:\"MSKB\", value:\"4338424\");\n script_xref(name:\"MSKB\", value:\"4338819\");\n script_xref(name:\"MSKB\", value:\"4338416\");\n script_xref(name:\"MSKB\", value:\"4338417\");\n script_xref(name:\"MSKB\", value:\"4338415\");\n script_xref(name:\"MSKB\", value:\"4338418\");\n script_xref(name:\"MSKB\", value:\"4338419\");\n script_xref(name:\"MSKB\", value:\"4338610\");\n script_xref(name:\"MSKB\", value:\"4338611\");\n script_xref(name:\"MSKB\", value:\"4338612\");\n script_xref(name:\"MSKB\", value:\"4338613\");\n script_xref(name:\"MSKB\", value:\"4338829\");\n script_xref(name:\"MSKB\", value:\"4338826\");\n script_xref(name:\"MSKB\", value:\"4338825\");\n script_xref(name:\"MSKB\", value:\"4338814\");\n script_xref(name:\"MSFT\", value:\"MS18-4338606\");\n script_xref(name:\"MSFT\", value:\"MS18-4338605\");\n script_xref(name:\"MSFT\", value:\"MS18-4338604\");\n script_xref(name:\"MSFT\", value:\"MS18-4338602\");\n script_xref(name:\"MSFT\", value:\"MS18-4338601\");\n script_xref(name:\"MSFT\", value:\"MS18-4338600\");\n script_xref(name:\"MSFT\", value:\"MS18-4338423\");\n script_xref(name:\"MSFT\", value:\"MS18-4338422\");\n script_xref(name:\"MSFT\", value:\"MS18-4338421\");\n script_xref(name:\"MSFT\", value:\"MS18-4338420\");\n script_xref(name:\"MSFT\", value:\"MS18-4338424\");\n script_xref(name:\"MSFT\", value:\"MS18-4338819\");\n script_xref(name:\"MSFT\", value:\"MS18-4338416\");\n script_xref(name:\"MSFT\", value:\"MS18-4338417\");\n script_xref(name:\"MSFT\", value:\"MS18-4338415\");\n script_xref(name:\"MSFT\", value:\"MS18-4338418\");\n script_xref(name:\"MSFT\", value:\"MS18-4338419\");\n script_xref(name:\"MSFT\", value:\"MS18-4338610\");\n script_xref(name:\"MSFT\", value:\"MS18-4338611\");\n script_xref(name:\"MSFT\", value:\"MS18-4338612\");\n script_xref(name:\"MSFT\", value:\"MS18-4338613\");\n script_xref(name:\"MSFT\", value:\"MS18-4338829\");\n script_xref(name:\"MSFT\", value:\"MS18-4338826\");\n script_xref(name:\"MSFT\", value:\"MS18-4338825\");\n script_xref(name:\"MSFT\", value:\"MS18-4338814\");\n\n script_name(english:\"Security Updates for Microsoft .NET Framework (July 2018) (deprecated)\");\n script_summary(english:\"Checks for Microsoft security updates.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"This plugin has been deprecated.\");\n script_set_attribute(attribute:\"description\", value:\n\"This plugin has been deprecated due to Microsoft removing downloads\nto related KBs. These were removed due to Access Denied errors which\nhave been resolved in later cumulative patches.\");\n # https://support.microsoft.com/en-us/help/4338606/description-of-the-security-only-update-for-net-framework-4-6-4-6-1-4\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?6871a6a2\");\n # https://support.microsoft.com/en-us/help/4338605/description-of-the-security-only-update-for-net-framework-4-6-4-6-1-4\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d62bcc3d\");\n # https://support.microsoft.com/en-us/help/4338604/description-of-the-security-only-update-for-net-framework-4-6-4-6-1-4\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?5af81d47\");\n # https://support.microsoft.com/en-us/help/4338602/description-of-the-security-only-update-for-net-framework-4-5-2-for-wi\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d75a65af\");\n # https://support.microsoft.com/en-us/help/4338601/description-of-the-security-only-update-for-net-framework-4-5-2-for-wi\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?44f66a8b\");\n # https://support.microsoft.com/en-us/help/4338600/description-of-the-security-only-update-for-net-framework-4-5-2-for-wi\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d144042d\");\n # https://support.microsoft.com/en-us/help/4338423/description-of-the-security-and-quality-rollup-updates-for-net-framewo\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?df31c224\");\n # https://support.microsoft.com/en-us/help/4338422/description-of-the-security-and-quality-rollup-updates-for-net-framewo\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e6a3fb46\");\n # https://support.microsoft.com/en-us/help/4338421/description-of-the-security-and-quality-rollup-updates-for-net-framewo\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8908e951\");\n # https://support.microsoft.com/en-us/help/4338420/description-of-the-security-and-quality-rollup-updates-for-net-framewo\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1ad1148d\");\n # https://support.microsoft.com/en-us/help/4338424/description-of-the-security-and-quality-rollup-for-net-framework-3-5-s\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?5f015bf2\");\n # https://support.microsoft.com/en-us/help/4338819/windows-10-update-kb4338819\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b9bfc0c9\");\n # https://support.microsoft.com/en-us/help/4338416/description-of-the-security-and-quality-rollup-updates-for-net-framewo\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?ce3ef6dc\");\n # https://support.microsoft.com/en-us/help/4338417/description-of-the-security-and-quality-rollup-update-for-net-framewor\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?50b55edf\");\n # https://support.microsoft.com/en-us/help/4338415/description-of-the-security-and-quality-rollup-updates-for-net-framewo\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8bd31c0d\");\n # https://support.microsoft.com/en-us/help/4338418/description-of-the-security-and-quality-rollup-updates-for-net-framewo\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?72e0da05\");\n # https://support.microsoft.com/en-us/help/4338419/description-of-the-security-and-quality-rollup-updates-for-net-framewo\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c0096c91\");\n # https://support.microsoft.com/en-us/help/4338610/description-of-the-security-only-update-for-net-framework-3-5-for-wind\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1340c27a\");\n # https://support.microsoft.com/en-us/help/4338611/description-of-the-security-only-update-for-net-framework-2-0-sp2-and\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?17109616\");\n # https://support.microsoft.com/en-us/help/4338612/description-of-the-security-only-update-for-net-framework-3-5-1-for-wi\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?5e822fc3\");\n # https://support.microsoft.com/en-us/help/4338613/description-of-the-security-only-update-for-net-framework-3-5-for-wind\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?05dcc1e0\");\n # https://support.microsoft.com/en-us/help/4338829/windows-10-update-kb4338829\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a0a3fc8a\");\n # https://support.microsoft.com/en-us/help/4338826/windows-10-update-kb4338826\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?454614d0\");\n # https://support.microsoft.com/en-us/help/4338825/windows-10-update-kb4338825\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?3c803961\");\n # https://support.microsoft.com/en-us/help/4338814/windows-10-update-kb4338814\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?6a189799\");\n script_set_attribute(attribute:\"solution\", value:\n\"Microsoft has released security updates for Microsoft .NET Framework.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-8284\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/07/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/07/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:.net_framework\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_dotnet_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\", \"microsoft_net_framework_installed.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\nexit(0,\"This plugin has been deprecated, use smb_nt_ms18_aug_dotnet.nasl (plugin 111693) instead\");\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"install_func.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = \"MS18-07\";\nkbs = make_list(\n \"4338606\",\n \"4338605\",\n \"4338604\",\n \"4338602\",\n \"4338601\",\n \"4338600\",\n \"4338423\",\n \"4338422\",\n \"4338421\",\n \"4338420\",\n \"4338424\",\n \"4338819\",\n \"4338416\",\n \"4338417\",\n \"4338415\",\n \"4338418\",\n \"4338419\",\n \"4338610\",\n \"4338611\",\n \"4338612\",\n \"4338613\",\n \"4338829\",\n \"4338826\",\n \"4338825\",\n \"4338814\"\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(vista:'2', win7:'1', win8:'0', win81:'0', win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nproductname = get_kb_item_or_exit(\"SMB/ProductName\", exit_code:1);\nif (\"Windows 8\" >< productname && \"Windows 8.1\" >!< productname) audit(AUDIT_OS_SP_NOT_VULN);\nelse if (\"Vista\" >< productname) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(exit_on_fail:TRUE, as_share:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\napp = 'Microsoft .NET Framework';\nget_install_count(app_name:app, exit_if_zero:TRUE);\ninstalls = get_combined_installs(app_name:app);\n\nvuln = 0;\n\nif (installs[0] == 0)\n{\n foreach install (installs[1])\n {\n version = install['version'];\n if( version != UNKNOWN_VER &&\n smb_check_dotnet_rollup(rollup_date:\"07_2018\", dotnet_ver:version))\n vuln++;\n }\n}\nif(vuln)\n{\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, \"affected\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-02-01T06:16:45", "description": "The remote Windows host is missing security update 4338820\nor cumulative update 4338830. It is, therefore, affected by\nmultiple vulnerabilities :\n\n - A denial of service vulnerability exists in Windows\n Domain Name System (DNS) DNSAPI.dll when it fails to\n properly handle DNS responses. An attacker who\n successfully exploited the vulnerability could cause a\n system to stop responding. Note that the denial of\n service condition would not allow an attacker to execute\n code or to elevate user privileges. However, the denial\n of service condition could prevent authorized users from\n using system resources. (CVE-2018-8304)\n\n - A remote code execution vulnerability exists in the way\n the scripting engine handles objects in memory in\n Microsoft browsers. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-8287)\n\n - A denial of service vulnerability exists when Windows\n improperly handles objects in memory. An attacker who\n successfully exploited the vulnerability could cause a\n target system to stop responding. (CVE-2018-8309)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Windows kernel-mode driver fails to\n properly handle objects in memory. An attacker who\n successfully exploited this vulnerability could run\n arbitrary code in kernel mode. An attacker could then\n install programs; view, change, or delete data; or\n create new accounts with full user rights.\n (CVE-2018-8282)\n\n - A denial of service vulnerability exists when Windows\n improperly handles File Transfer Protocol (FTP)\n connections. An attacker who successfully exploited the\n vulnerability could cause a target system to stop\n responding. (CVE-2018-8206)\n\n - A security feature bypass vulnerability exists when\n Microsoft Internet Explorer improperly handles requests\n involving UNC resources. An attacker who successfully\n exploited the vulnerability could force the browser to\n load data that would otherwise be restricted.\n (CVE-2018-0949)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-8242)\n\n - An elevation of privilege vulnerability exists when the\n Windows kernel fails to properly handle objects in\n memory. An attacker who successfully exploited this\n vulnerability could run arbitrary code in kernel mode.\n An attacker could then install programs; view, change,\n or delete data; or create new accounts with full user\n rights. (CVE-2018-8308)\n\n - A security feature bypass vulnerability exists when\n Microsoft WordPad improperly handles embedded OLE\n objects. An attacker who successfully exploited the\n vulnerability could bypass content blocking. In a file-\n sharing attack scenario, an attacker could provide a\n specially crafted document file designed to exploit the\n vulnerability, and then convince a user to open the\n document file. The security update addresses the\n vulnerability by correcting how Microsoft WordPad\n handles input. (CVE-2018-8307)\n\n - An elevation of privilege vulnerability exists in .NET\n Framework which could allow an attacker to elevate their\n privilege level. (CVE-2018-8202)\n\n - An elevation of privilege vulnerability exists in the\n way that the Windows Kernel API enforces permissions. An\n attacker who successfully exploited the vulnerability\n could impersonate processes, interject cross-process\n communication, or interrupt system functionality.\n (CVE-2018-8313)\n\n - A Remote Code Execution vulnerability exists in .NET\n software when the software fails to check the source\n markup of a file. An attacker who successfully exploited\n the vulnerability could run arbitrary code in the\n context of the current user. If the current user is\n logged on with administrative user rights, an attacker\n could take control of the affected system. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with full user rights.\n (CVE-2018-8260)\n\n - A remote code execution vulnerability exists when the\n Microsoft .NET Framework fails to validate input\n properly. An attacker who successfully exploited this\n vulnerability could take control of an affected system.\n An attacker could then install programs; view, change,\n or delete data; or create new accounts with full user\n rights. Users whose accounts are configured to have\n fewer user rights on the system could be less impacted\n than users who operate with administrative user rights.\n (CVE-2018-8284)\n\n - An elevation of privilege vulnerability exists when\n Windows fails a check, allowing a sandbox escape. An\n attacker who successfully exploited the vulnerability\n could use the sandbox escape to elevate privileges on an\n affected system. This vulnerability by itself does not\n allow arbitrary code execution. However, the\n vulnerability could allow arbitrary code to run if an\n attacker uses it in combination with another\n vulnerability, such as a remote code execution\n vulnerability or another elevation of privilege\n vulnerability, that can leverage the elevated privileges\n when code execution is attempted. The security update\n addresses the vulnerability by correcting how Windows\n file picker handles paths. (CVE-2018-8314)\n\n - A security feature bypass vulnerability exists when\n Microsoft .NET Framework components do not correctly\n validate certificates. An attacker could present expired\n certificates when challenged. The security update\n addresses the vulnerability by ensuring that .NET\n Framework components correctly validate certificates.\n (CVE-2018-8356)", "edition": 25, "cvss3": {"score": 8.1, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-07-10T00:00:00", "title": "KB4338820: Windows Server 2012 July 2018 Security Update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-8304", "CVE-2018-8260", "CVE-2018-0949", "CVE-2018-8313", "CVE-2018-8308", "CVE-2018-8287", "CVE-2018-8307", "CVE-2018-8202", "CVE-2018-8314", "CVE-2018-8356", "CVE-2018-8206", "CVE-2018-8309", "CVE-2018-8284", "CVE-2018-8282", "CVE-2018-8242"], "modified": "2021-02-02T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS18_JUL_4338830.NASL", "href": "https://www.tenable.com/plugins/nessus/110987", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(110987);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/11/04\");\n\n script_cve_id(\n \"CVE-2018-0949\",\n \"CVE-2018-8202\",\n \"CVE-2018-8206\",\n \"CVE-2018-8242\",\n \"CVE-2018-8260\",\n \"CVE-2018-8282\",\n \"CVE-2018-8284\",\n \"CVE-2018-8287\",\n \"CVE-2018-8304\",\n \"CVE-2018-8307\",\n \"CVE-2018-8308\",\n \"CVE-2018-8309\",\n \"CVE-2018-8313\",\n \"CVE-2018-8314\",\n \"CVE-2018-8356\"\n );\n script_bugtraq_id(\n 104617,\n 104620,\n 104622,\n 104629,\n 104631,\n 104634,\n 104648,\n 104652,\n 104664,\n 104665,\n 104666,\n 104667,\n 104668,\n 104669,\n 104670\n );\n script_xref(name:\"MSKB\", value:\"4338830\");\n script_xref(name:\"MSKB\", value:\"4338820\");\n script_xref(name:\"MSFT\", value:\"MS18-4338830\");\n script_xref(name:\"MSFT\", value:\"MS18-4338820\");\n\n script_name(english:\"KB4338820: Windows Server 2012 July 2018 Security Update\");\n script_summary(english:\"Checks for rollup.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4338820\nor cumulative update 4338830. It is, therefore, affected by\nmultiple vulnerabilities :\n\n - A denial of service vulnerability exists in Windows\n Domain Name System (DNS) DNSAPI.dll when it fails to\n properly handle DNS responses. An attacker who\n successfully exploited the vulnerability could cause a\n system to stop responding. Note that the denial of\n service condition would not allow an attacker to execute\n code or to elevate user privileges. However, the denial\n of service condition could prevent authorized users from\n using system resources. (CVE-2018-8304)\n\n - A remote code execution vulnerability exists in the way\n the scripting engine handles objects in memory in\n Microsoft browsers. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-8287)\n\n - A denial of service vulnerability exists when Windows\n improperly handles objects in memory. An attacker who\n successfully exploited the vulnerability could cause a\n target system to stop responding. (CVE-2018-8309)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Windows kernel-mode driver fails to\n properly handle objects in memory. An attacker who\n successfully exploited this vulnerability could run\n arbitrary code in kernel mode. An attacker could then\n install programs; view, change, or delete data; or\n create new accounts with full user rights.\n (CVE-2018-8282)\n\n - A denial of service vulnerability exists when Windows\n improperly handles File Transfer Protocol (FTP)\n connections. An attacker who successfully exploited the\n vulnerability could cause a target system to stop\n responding. (CVE-2018-8206)\n\n - A security feature bypass vulnerability exists when\n Microsoft Internet Explorer improperly handles requests\n involving UNC resources. An attacker who successfully\n exploited the vulnerability could force the browser to\n load data that would otherwise be restricted.\n (CVE-2018-0949)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-8242)\n\n - An elevation of privilege vulnerability exists when the\n Windows kernel fails to properly handle objects in\n memory. An attacker who successfully exploited this\n vulnerability could run arbitrary code in kernel mode.\n An attacker could then install programs; view, change,\n or delete data; or create new accounts with full user\n rights. (CVE-2018-8308)\n\n - A security feature bypass vulnerability exists when\n Microsoft WordPad improperly handles embedded OLE\n objects. An attacker who successfully exploited the\n vulnerability could bypass content blocking. In a file-\n sharing attack scenario, an attacker could provide a\n specially crafted document file designed to exploit the\n vulnerability, and then convince a user to open the\n document file. The security update addresses the\n vulnerability by correcting how Microsoft WordPad\n handles input. (CVE-2018-8307)\n\n - An elevation of privilege vulnerability exists in .NET\n Framework which could allow an attacker to elevate their\n privilege level. (CVE-2018-8202)\n\n - An elevation of privilege vulnerability exists in the\n way that the Windows Kernel API enforces permissions. An\n attacker who successfully exploited the vulnerability\n could impersonate processes, interject cross-process\n communication, or interrupt system functionality.\n (CVE-2018-8313)\n\n - A Remote Code Execution vulnerability exists in .NET\n software when the software fails to check the source\n markup of a file. An attacker who successfully exploited\n the vulnerability could run arbitrary code in the\n context of the current user. If the current user is\n logged on with administrative user rights, an attacker\n could take control of the affected system. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with full user rights.\n (CVE-2018-8260)\n\n - A remote code execution vulnerability exists when the\n Microsoft .NET Framework fails to validate input\n properly. An attacker who successfully exploited this\n vulnerability could take control of an affected system.\n An attacker could then install programs; view, change,\n or delete data; or create new accounts with full user\n rights. Users whose accounts are configured to have\n fewer user rights on the system could be less impacted\n than users who operate with administrative user rights.\n (CVE-2018-8284)\n\n - An elevation of privilege vulnerability exists when\n Windows fails a check, allowing a sandbox escape. An\n attacker who successfully exploited the vulnerability\n could use the sandbox escape to elevate privileges on an\n affected system. This vulnerability by itself does not\n allow arbitrary code execution. However, the\n vulnerability could allow arbitrary code to run if an\n attacker uses it in combination with another\n vulnerability, such as a remote code execution\n vulnerability or another elevation of privilege\n vulnerability, that can leverage the elevated privileges\n when code execution is attempted. The security update\n addresses the vulnerability by correcting how Windows\n file picker handles paths. (CVE-2018-8314)\n\n - A security feature bypass vulnerability exists when\n Microsoft .NET Framework components do not correctly\n validate certificates. An attacker could present expired\n certificates when challenged. The security update\n addresses the vulnerability by ensuring that .NET\n Framework components correctly validate certificates.\n (CVE-2018-8356)\");\n # https://support.microsoft.com/en-us/help/4338830/windows-server-2012-update-kb4338830\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?0c32edc0\");\n # https://support.microsoft.com/en-us/help/4338820/windows-server-2012-kb4338820\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e4caa516\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Only update KB4338820 or Cumulative Update KB4338830.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-8284\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/07/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/07/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS18-07\";\nkbs = make_list('4338830', '4338820');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win8:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\n# Windows 8 EOL\nproductname = get_kb_item_or_exit(\"SMB/ProductName\", exit_code:1);\nif (\"Windows 8\" >< productname) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"6.2\",\n sp:0,\n rollup_date:\"07_2018\",\n bulletin:bulletin,\n rollup_kb_list:[4338830, 4338820])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-02-01T06:16:41", "description": "The remote Windows host is missing security update 4338823\nor cumulative update 4338818. It is, therefore, affected by\nmultiple vulnerabilities :\n\n - An elevation of privilege vulnerability exists in .NET\n Framework which could allow an attacker to elevate their\n privilege level. (CVE-2018-8202)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-8242, CVE-2018-8296)\n\n - A denial of service vulnerability exists in Windows\n Domain Name System (DNS) DNSAPI.dll when it fails to\n properly handle DNS responses. An attacker who\n successfully exploited the vulnerability could cause a\n system to stop responding. Note that the denial of\n service condition would not allow an attacker to execute\n code or to elevate user privileges. However, the denial\n of service condition could prevent authorized users from\n using system resources. (CVE-2018-8304)\n\n - A denial of service vulnerability exists when Windows\n improperly handles objects in memory. An attacker who\n successfully exploited the vulnerability could cause a\n target system to stop responding. (CVE-2018-8309)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Windows kernel-mode driver fails to\n properly handle objects in memory. An attacker who\n successfully exploited this vulnerability could run\n arbitrary code in kernel mode. An attacker could then\n install programs; view, change, or delete data; or\n create new accounts with full user rights.\n (CVE-2018-8282)\n\n - A denial of service vulnerability exists when Windows\n improperly handles File Transfer Protocol (FTP)\n connections. An attacker who successfully exploited the\n vulnerability could cause a target system to stop\n responding. (CVE-2018-8206)\n\n - A security feature bypass vulnerability exists when\n Microsoft Internet Explorer improperly handles requests\n involving UNC resources. An attacker who successfully\n exploited the vulnerability could force the browser to\n load data that would otherwise be restricted.\n (CVE-2018-0949)\n\n - An elevation of privilege vulnerability exists when the\n Windows kernel fails to properly handle objects in\n memory. An attacker who successfully exploited this\n vulnerability could run arbitrary code in kernel mode.\n An attacker could then install programs; view, change,\n or delete data; or create new accounts with full user\n rights. (CVE-2018-8308)\n\n - A security feature bypass vulnerability exists when\n Microsoft WordPad improperly handles embedded OLE\n objects. An attacker who successfully exploited the\n vulnerability could bypass content blocking. In a file-\n sharing attack scenario, an attacker could provide a\n specially crafted document file designed to exploit the\n vulnerability, and then convince a user to open the\n document file. The security update addresses the\n vulnerability by correcting how Microsoft WordPad\n handles input. (CVE-2018-8307)\n\n - A Remote Code Execution vulnerability exists in .NET\n software when the software fails to check the source\n markup of a file. An attacker who successfully exploited\n the vulnerability could run arbitrary code in the\n context of the current user. If the current user is\n logged on with administrative user rights, an attacker\n could take control of the affected system. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with full user rights.\n (CVE-2018-8260)\n\n - A remote code execution vulnerability exists in the way\n the scripting engine handles objects in memory in\n Microsoft browsers. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-8287, CVE-2018-8288, CVE-2018-8291)\n\n - A remote code execution vulnerability exists when the\n Microsoft .NET Framework fails to validate input\n properly. An attacker who successfully exploited this\n vulnerability could take control of an affected system.\n An attacker could then install programs; view, change,\n or delete data; or create new accounts with full user\n rights. Users whose accounts are configured to have\n fewer user rights on the system could be less impacted\n than users who operate with administrative user rights.\n (CVE-2018-8284)\n\n - An elevation of privilege vulnerability exists when\n Windows fails a check, allowing a sandbox escape. An\n attacker who successfully exploited the vulnerability\n could use the sandbox escape to elevate privileges on an\n affected system. This vulnerability by itself does not\n allow arbitrary code execution. However, the\n vulnerability could allow arbitrary code to run if an\n attacker uses it in combination with another\n vulnerability, such as a remote code execution\n vulnerability or another elevation of privilege\n vulnerability, that can leverage the elevated privileges\n when code execution is attempted. The security update\n addresses the vulnerability by correcting how Windows\n file picker handles paths. (CVE-2018-8314)\n\n - A security feature bypass vulnerability exists when\n Microsoft .NET Framework components do not correctly\n validate certificates. An attacker could present expired\n certificates when challenged. The security update\n addresses the vulnerability by ensuring that .NET\n Framework components correctly validate certificates.\n (CVE-2018-8356)", "edition": 25, "cvss3": {"score": 8.1, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-07-10T00:00:00", "title": "KB4338823: Windows 7 and Windows Server 2008 R2 July 2018 Security Update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-8304", "CVE-2018-8260", "CVE-2018-8291", "CVE-2018-0949", "CVE-2018-8308", "CVE-2018-8288", "CVE-2018-8287", "CVE-2018-8307", "CVE-2018-8202", "CVE-2018-8314", "CVE-2018-8296", "CVE-2018-8356", "CVE-2018-8206", "CVE-2018-8309", "CVE-2018-8284", "CVE-2018-8282", "CVE-2018-8242"], "modified": "2021-02-02T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS18_JUL_4338818.NASL", "href": "https://www.tenable.com/plugins/nessus/110982", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(110982);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2019/11/04\");\n\n script_cve_id(\n \"CVE-2018-0949\",\n \"CVE-2018-8202\",\n \"CVE-2018-8206\",\n \"CVE-2018-8242\",\n \"CVE-2018-8260\",\n \"CVE-2018-8282\",\n \"CVE-2018-8284\",\n \"CVE-2018-8287\",\n \"CVE-2018-8288\",\n \"CVE-2018-8291\",\n \"CVE-2018-8296\",\n \"CVE-2018-8304\",\n \"CVE-2018-8307\",\n \"CVE-2018-8308\",\n \"CVE-2018-8309\",\n \"CVE-2018-8314\",\n \"CVE-2018-8356\"\n );\n script_bugtraq_id(\n 104617,\n 104620,\n 104622,\n 104629,\n 104631,\n 104634,\n 104636,\n 104637,\n 104638,\n 104648,\n 104652,\n 104664,\n 104665,\n 104666,\n 104667,\n 104668,\n 104669\n );\n script_xref(name:\"MSKB\", value:\"4338823\");\n script_xref(name:\"MSKB\", value:\"4338818\");\n script_xref(name:\"MSFT\", value:\"MS18-4338823\");\n script_xref(name:\"MSFT\", value:\"MS18-4338818\");\n\n script_name(english:\"KB4338823: Windows 7 and Windows Server 2008 R2 July 2018 Security Update\");\n script_summary(english:\"Checks for rollup.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4338823\nor cumulative update 4338818. It is, therefore, affected by\nmultiple vulnerabilities :\n\n - An elevation of privilege vulnerability exists in .NET\n Framework which could allow an attacker to elevate their\n privilege level. (CVE-2018-8202)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-8242, CVE-2018-8296)\n\n - A denial of service vulnerability exists in Windows\n Domain Name System (DNS) DNSAPI.dll when it fails to\n properly handle DNS responses. An attacker who\n successfully exploited the vulnerability could cause a\n system to stop responding. Note that the denial of\n service condition would not allow an attacker to execute\n code or to elevate user privileges. However, the denial\n of service condition could prevent authorized users from\n using system resources. (CVE-2018-8304)\n\n - A denial of service vulnerability exists when Windows\n improperly handles objects in memory. An attacker who\n successfully exploited the vulnerability could cause a\n target system to stop responding. (CVE-2018-8309)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Windows kernel-mode driver fails to\n properly handle objects in memory. An attacker who\n successfully exploited this vulnerability could run\n arbitrary code in kernel mode. An attacker could then\n install programs; view, change, or delete data; or\n create new accounts with full user rights.\n (CVE-2018-8282)\n\n - A denial of service vulnerability exists when Windows\n improperly handles File Transfer Protocol (FTP)\n connections. An attacker who successfully exploited the\n vulnerability could cause a target system to stop\n responding. (CVE-2018-8206)\n\n - A security feature bypass vulnerability exists when\n Microsoft Internet Explorer improperly handles requests\n involving UNC resources. An attacker who successfully\n exploited the vulnerability could force the browser to\n load data that would otherwise be restricted.\n (CVE-2018-0949)\n\n - An elevation of privilege vulnerability exists when the\n Windows kernel fails to properly handle objects in\n memory. An attacker who successfully exploited this\n vulnerability could run arbitrary code in kernel mode.\n An attacker could then install programs; view, change,\n or delete data; or create new accounts with full user\n rights. (CVE-2018-8308)\n\n - A security feature bypass vulnerability exists when\n Microsoft WordPad improperly handles embedded OLE\n objects. An attacker who successfully exploited the\n vulnerability could bypass content blocking. In a file-\n sharing attack scenario, an attacker could provide a\n specially crafted document file designed to exploit the\n vulnerability, and then convince a user to open the\n document file. The security update addresses the\n vulnerability by correcting how Microsoft WordPad\n handles input. (CVE-2018-8307)\n\n - A Remote Code Execution vulnerability exists in .NET\n software when the software fails to check the source\n markup of a file. An attacker who successfully exploited\n the vulnerability could run arbitrary code in the\n context of the current user. If the current user is\n logged on with administrative user rights, an attacker\n could take control of the affected system. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with full user rights.\n (CVE-2018-8260)\n\n - A remote code execution vulnerability exists in the way\n the scripting engine handles objects in memory in\n Microsoft browsers. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-8287, CVE-2018-8288, CVE-2018-8291)\n\n - A remote code execution vulnerability exists when the\n Microsoft .NET Framework fails to validate input\n properly. An attacker who successfully exploited this\n vulnerability could take control of an affected system.\n An attacker could then install programs; view, change,\n or delete data; or create new accounts with full user\n rights. Users whose accounts are configured to have\n fewer user rights on the system could be less impacted\n than users who operate with administrative user rights.\n (CVE-2018-8284)\n\n - An elevation of privilege vulnerability exists when\n Windows fails a check, allowing a sandbox escape. An\n attacker who successfully exploited the vulnerability\n could use the sandbox escape to elevate privileges on an\n affected system. This vulnerability by itself does not\n allow arbitrary code execution. However, the\n vulnerability could allow arbitrary code to run if an\n attacker uses it in combination with another\n vulnerability, such as a remote code execution\n vulnerability or another elevation of privilege\n vulnerability, that can leverage the elevated privileges\n when code execution is attempted. The security update\n addresses the vulnerability by correcting how Windows\n file picker handles paths. (CVE-2018-8314)\n\n - A security feature bypass vulnerability exists when\n Microsoft .NET Framework components do not correctly\n validate certificates. An attacker could present expired\n certificates when challenged. The security update\n addresses the vulnerability by ensuring that .NET\n Framework components correctly validate certificates.\n (CVE-2018-8356)\");\n # https://support.microsoft.com/en-us/help/4338823/windows-7-update-kb4338823\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?21aadb60\");\n # https://support.microsoft.com/en-us/help/4338818/windows-7-update-kb4338818\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d021f588\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Only update KB4338823 or Cumulative Update KB4338818.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-8284\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/07/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/07/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS18-07\";\nkbs = make_list('4338823', '4338818');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win7:'1') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"6.1\",\n sp:1,\n rollup_date:\"07_2018\",\n bulletin:bulletin,\n rollup_kb_list:[4338823, 4338818])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-02-01T06:16:41", "description": "The remote Windows host is missing security update 4338824\nor cumulative update 4338815. It is, therefore, affected by\nmultiple vulnerabilities :\n\n - An elevation of privilege vulnerability exists in .NET\n Framework which could allow an attacker to elevate their\n privilege level. (CVE-2018-8202)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-8242, CVE-2018-8296)\n\n - A denial of service vulnerability exists in Windows\n Domain Name System (DNS) DNSAPI.dll when it fails to\n properly handle DNS responses. An attacker who\n successfully exploited the vulnerability could cause a\n system to stop responding. Note that the denial of\n service condition would not allow an attacker to execute\n code or to elevate user privileges. However, the denial\n of service condition could prevent authorized users from\n using system resources. (CVE-2018-8304)\n\n - A denial of service vulnerability exists when Windows\n improperly handles objects in memory. An attacker who\n successfully exploited the vulnerability could cause a\n target system to stop responding. (CVE-2018-8309)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Windows kernel-mode driver fails to\n properly handle objects in memory. An attacker who\n successfully exploited this vulnerability could run\n arbitrary code in kernel mode. An attacker could then\n install programs; view, change, or delete data; or\n create new accounts with full user rights.\n (CVE-2018-8282)\n\n - A denial of service vulnerability exists when Windows\n improperly handles File Transfer Protocol (FTP)\n connections. An attacker who successfully exploited the\n vulnerability could cause a target system to stop\n responding. (CVE-2018-8206)\n\n - A security feature bypass vulnerability exists when\n Microsoft Internet Explorer improperly handles requests\n involving UNC resources. An attacker who successfully\n exploited the vulnerability could force the browser to\n load data that would otherwise be restricted.\n (CVE-2018-0949)\n\n - An elevation of privilege vulnerability exists when the\n Windows kernel fails to properly handle objects in\n memory. An attacker who successfully exploited this\n vulnerability could run arbitrary code in kernel mode.\n An attacker could then install programs; view, change,\n or delete data; or create new accounts with full user\n rights. (CVE-2018-8308)\n\n - A security feature bypass vulnerability exists when\n Microsoft WordPad improperly handles embedded OLE\n objects. An attacker who successfully exploited the\n vulnerability could bypass content blocking. In a file-\n sharing attack scenario, an attacker could provide a\n specially crafted document file designed to exploit the\n vulnerability, and then convince a user to open the\n document file. The security update addresses the\n vulnerability by correcting how Microsoft WordPad\n handles input. (CVE-2018-8307)\n\n - A Remote Code Execution vulnerability exists in .NET\n software when the software fails to check the source\n markup of a file. An attacker who successfully exploited\n the vulnerability could run arbitrary code in the\n context of the current user. If the current user is\n logged on with administrative user rights, an attacker\n could take control of the affected system. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with full user rights.\n (CVE-2018-8260)\n\n - An elevation of privilege vulnerability exists in the\n way that the Windows Kernel API enforces permissions. An\n attacker who successfully exploited the vulnerability\n could impersonate processes, interject cross-process\n communication, or interrupt system functionality.\n (CVE-2018-8313)\n\n - A remote code execution vulnerability exists in the way\n the scripting engine handles objects in memory in\n Microsoft browsers. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-8287, CVE-2018-8288, CVE-2018-8291)\n\n - A remote code execution vulnerability exists when the\n Microsoft .NET Framework fails to validate input\n properly. An attacker who successfully exploited this\n vulnerability could take control of an affected system.\n An attacker could then install programs; view, change,\n or delete data; or create new accounts with full user\n rights. Users whose accounts are configured to have\n fewer user rights on the system could be less impacted\n than users who operate with administrative user rights.\n (CVE-2018-8284)\n\n - An elevation of privilege vulnerability exists when\n Windows fails a check, allowing a sandbox escape. An\n attacker who successfully exploited the vulnerability\n could use the sandbox escape to elevate privileges on an\n affected system. This vulnerability by itself does not\n allow arbitrary code execution. However, the\n vulnerability could allow arbitrary code to run if an\n attacker uses it in combination with another\n vulnerability, such as a remote code execution\n vulnerability or another elevation of privilege\n vulnerability, that can leverage the elevated privileges\n when code execution is attempted. The security update\n addresses the vulnerability by correcting how Windows\n file picker handles paths. (CVE-2018-8314)\n\n - A security feature bypass vulnerability exists when\n Microsoft .NET Framework components do not correctly\n validate certificates. An attacker could present expired\n certificates when challenged. The security update\n addresses the vulnerability by ensuring that .NET\n Framework components correctly validate certificates.\n (CVE-2018-8356)", "edition": 25, "cvss3": {"score": 8.1, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-07-10T00:00:00", "title": "KB4338824: Windows 8.1 and Windows Server 2012 R2 July 2018 Security Update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-8304", "CVE-2018-8260", "CVE-2018-8291", "CVE-2018-0949", "CVE-2018-8313", "CVE-2018-8308", "CVE-2018-8288", "CVE-2018-8287", "CVE-2018-8307", "CVE-2018-8202", "CVE-2018-8314", "CVE-2018-8296", "CVE-2018-8356", "CVE-2018-8206", "CVE-2018-8309", "CVE-2018-8284", "CVE-2018-8282", "CVE-2018-8242"], "modified": "2021-02-02T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS18_JUL_4338815.NASL", "href": "https://www.tenable.com/plugins/nessus/110981", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(110981);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2019/11/04\");\n\n script_cve_id(\n \"CVE-2018-0949\",\n \"CVE-2018-8202\",\n \"CVE-2018-8206\",\n \"CVE-2018-8242\",\n \"CVE-2018-8260\",\n \"CVE-2018-8282\",\n \"CVE-2018-8284\",\n \"CVE-2018-8287\",\n \"CVE-2018-8288\",\n \"CVE-2018-8291\",\n \"CVE-2018-8296\",\n \"CVE-2018-8304\",\n \"CVE-2018-8307\",\n \"CVE-2018-8308\",\n \"CVE-2018-8309\",\n \"CVE-2018-8313\",\n \"CVE-2018-8314\",\n \"CVE-2018-8356\"\n );\n script_bugtraq_id(\n 104617,\n 104620,\n 104622,\n 104629,\n 104631,\n 104634,\n 104636,\n 104637,\n 104638,\n 104648,\n 104652,\n 104664,\n 104665,\n 104666,\n 104667,\n 104668,\n 104669,\n 104670\n );\n script_xref(name:\"MSKB\", value:\"4338815\");\n script_xref(name:\"MSKB\", value:\"4338824\");\n script_xref(name:\"MSFT\", value:\"MS18-4338815\");\n script_xref(name:\"MSFT\", value:\"MS18-4338824\");\n\n script_name(english:\"KB4338824: Windows 8.1 and Windows Server 2012 R2 July 2018 Security Update\");\n script_summary(english:\"Checks for rollup.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4338824\nor cumulative update 4338815. It is, therefore, affected by\nmultiple vulnerabilities :\n\n - An elevation of privilege vulnerability exists in .NET\n Framework which could allow an attacker to elevate their\n privilege level. (CVE-2018-8202)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-8242, CVE-2018-8296)\n\n - A denial of service vulnerability exists in Windows\n Domain Name System (DNS) DNSAPI.dll when it fails to\n properly handle DNS responses. An attacker who\n successfully exploited the vulnerability could cause a\n system to stop responding. Note that the denial of\n service condition would not allow an attacker to execute\n code or to elevate user privileges. However, the denial\n of service condition could prevent authorized users from\n using system resources. (CVE-2018-8304)\n\n - A denial of service vulnerability exists when Windows\n improperly handles objects in memory. An attacker who\n successfully exploited the vulnerability could cause a\n target system to stop responding. (CVE-2018-8309)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Windows kernel-mode driver fails to\n properly handle objects in memory. An attacker who\n successfully exploited this vulnerability could run\n arbitrary code in kernel mode. An attacker could then\n install programs; view, change, or delete data; or\n create new accounts with full user rights.\n (CVE-2018-8282)\n\n - A denial of service vulnerability exists when Windows\n improperly handles File Transfer Protocol (FTP)\n connections. An attacker who successfully exploited the\n vulnerability could cause a target system to stop\n responding. (CVE-2018-8206)\n\n - A security feature bypass vulnerability exists when\n Microsoft Internet Explorer improperly handles requests\n involving UNC resources. An attacker who successfully\n exploited the vulnerability could force the browser to\n load data that would otherwise be restricted.\n (CVE-2018-0949)\n\n - An elevation of privilege vulnerability exists when the\n Windows kernel fails to properly handle objects in\n memory. An attacker who successfully exploited this\n vulnerability could run arbitrary code in kernel mode.\n An attacker could then install programs; view, change,\n or delete data; or create new accounts with full user\n rights. (CVE-2018-8308)\n\n - A security feature bypass vulnerability exists when\n Microsoft WordPad improperly handles embedded OLE\n objects. An attacker who successfully exploited the\n vulnerability could bypass content blocking. In a file-\n sharing attack scenario, an attacker could provide a\n specially crafted document file designed to exploit the\n vulnerability, and then convince a user to open the\n document file. The security update addresses the\n vulnerability by correcting how Microsoft WordPad\n handles input. (CVE-2018-8307)\n\n - A Remote Code Execution vulnerability exists in .NET\n software when the software fails to check the source\n markup of a file. An attacker who successfully exploited\n the vulnerability could run arbitrary code in the\n context of the current user. If the current user is\n logged on with administrative user rights, an attacker\n could take control of the affected system. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with full user rights.\n (CVE-2018-8260)\n\n - An elevation of privilege vulnerability exists in the\n way that the Windows Kernel API enforces permissions. An\n attacker who successfully exploited the vulnerability\n could impersonate processes, interject cross-process\n communication, or interrupt system functionality.\n (CVE-2018-8313)\n\n - A remote code execution vulnerability exists in the way\n the scripting engine handles objects in memory in\n Microsoft browsers. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-8287, CVE-2018-8288, CVE-2018-8291)\n\n - A remote code execution vulnerability exists when the\n Microsoft .NET Framework fails to validate input\n properly. An attacker who successfully exploited this\n vulnerability could take control of an affected system.\n An attacker could then install programs; view, change,\n or delete data; or create new accounts with full user\n rights. Users whose accounts are configured to have\n fewer user rights on the system could be less impacted\n than users who operate with administrative user rights.\n (CVE-2018-8284)\n\n - An elevation of privilege vulnerability exists when\n Windows fails a check, allowing a sandbox escape. An\n attacker who successfully exploited the vulnerability\n could use the sandbox escape to elevate privileges on an\n affected system. This vulnerability by itself does not\n allow arbitrary code execution. However, the\n vulnerability could allow arbitrary code to run if an\n attacker uses it in combination with another\n vulnerability, such as a remote code execution\n vulnerability or another elevation of privilege\n vulnerability, that can leverage the elevated privileges\n when code execution is attempted. The security update\n addresses the vulnerability by correcting how Windows\n file picker handles paths. (CVE-2018-8314)\n\n - A security feature bypass vulnerability exists when\n Microsoft .NET Framework components do not correctly\n validate certificates. An attacker could present expired\n certificates when challenged. The security update\n addresses the vulnerability by ensuring that .NET\n Framework components correctly validate certificates.\n (CVE-2018-8356)\");\n # https://support.microsoft.com/en-us/help/4338815/windows-81-update-kb4338815\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e0106ae8\");\n # https://support.microsoft.com/en-us/help/4338824/windows-81-update-kb4338824\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?be1b803d\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Only update KB4338824 or Cumulative Update KB4338815.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-8284\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/07/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/07/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS18-07\";\nkbs = make_list('4338815', '4338824');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win81:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\n# Windows 8 EOL\nproductname = get_kb_item_or_exit(\"SMB/ProductName\", exit_code:1);\nif (\"Windows 8\" >< productname && \"8.1\" >!< productname)\n audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"6.3\",\n sp:0,\n rollup_date:\"07_2018\",\n bulletin:bulletin,\n rollup_kb_list:[4338815, 4338824])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-08-19T05:13:13", "description": "The remote Windows host is missing security update 4338829.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-8242, CVE-2018-8296)\n\n - A denial of service vulnerability exists in Windows\n Domain Name System (DNS) DNSAPI.dll when it fails to\n properly handle DNS responses. An attacker who\n successfully exploited the vulnerability could cause a\n system to stop responding. Note that the denial of\n service condition would not allow an attacker to execute\n code or to elevate user privileges. However, the denial\n of service condition could prevent authorized users from\n using system resources. (CVE-2018-8304)\n\n - A denial of service vulnerability exists when Windows\n improperly handles objects in memory. An attacker who\n successfully exploited the vulnerability could cause a\n target system to stop responding. (CVE-2018-8309)\n\n - A remote code execution vulnerability exists in the way\n that the Chakra scripting engine handles objects in\n memory in Microsoft Edge. The vulnerability could\n corrupt memory in such a way that an attacker could\n execute arbitrary code in the context of the current\n user. An attacker who successfully exploited the\n vulnerability could gain the same user rights as the\n current user. (CVE-2018-8280, CVE-2018-8290)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Windows kernel-mode driver fails to\n properly handle objects in memory. An attacker who\n successfully exploited this vulnerability could run\n arbitrary code in kernel mode. An attacker could then\n install programs; view, change, or delete data; or\n create new accounts with full user rights.\n (CVE-2018-8282)\n\n - A denial of service vulnerability exists when Windows\n improperly handles File Transfer Protocol (FTP)\n connections. An attacker who successfully exploited the\n vulnerability could cause a target system to stop\n responding. (CVE-2018-8206)\n\n - A remote code execution vulnerability exists when\n Microsoft Edge improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way\n that enables an attacker to execute arbitrary code in\n the context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2018-8125)\n\n - A security feature bypass vulnerability exists in Device\n Guard that could allow an attacker to inject malicious\n code into a Windows PowerShell session. An attacker who\n successfully exploited this vulnerability could inject\n code into a trusted PowerShell process to bypass the\n Device Guard Code Integrity policy on the local machine.\n (CVE-2018-8222)\n\n - A security feature bypass vulnerability exists when\n Microsoft Internet Explorer improperly handles requests\n involving UNC resources. An attacker who successfully\n exploited the vulnerability could force the browser to\n load data that would otherwise be restricted.\n (CVE-2018-0949)\n\n - An elevation of privilege vulnerability exists when the\n Windows kernel fails to properly handle objects in\n memory. An attacker who successfully exploited this\n vulnerability could run arbitrary code in kernel mode.\n An attacker could then install programs; view, change,\n or delete data; or create new accounts with full user\n rights. (CVE-2018-8308)\n\n - A security feature bypass vulnerability exists when\n Microsoft WordPad improperly handles embedded OLE\n objects. An attacker who successfully exploited the\n vulnerability could bypass content blocking. In a file-\n sharing attack scenario, an attacker could provide a\n specially crafted document file designed to exploit the\n vulnerability, and then convince a user to open the\n document file. The security update addresses the\n vulnerability by correcting how Microsoft WordPad\n handles input. (CVE-2018-8307)\n\n - An elevation of privilege vulnerability exists in .NET\n Framework which could allow an attacker to elevate their\n privilege level. (CVE-2018-8202)\n\n - An elevation of privilege vulnerability exists in the\n way that the Windows Kernel API enforces permissions. An\n attacker who successfully exploited the vulnerability\n could impersonate processes, interject cross-process\n communication, or interrupt system functionality.\n (CVE-2018-8313)\n\n - A remote code execution vulnerability exists in the way\n the scripting engine handles objects in memory in\n Microsoft browsers. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-8287, CVE-2018-8288, CVE-2018-8291)\n\n - A remote code execution vulnerability exists when the\n Microsoft .NET Framework fails to validate input\n properly. An attacker who successfully exploited this\n vulnerability could take control of an affected system.\n An attacker could then install programs; view, change,\n or delete data; or create new accounts with full user\n rights. Users whose accounts are configured to have\n fewer user rights on the system could be less impacted\n than users who operate with administrative user rights.\n (CVE-2018-8284)\n\n - An elevation of privilege vulnerability exists when\n Windows fails a check, allowing a sandbox escape. An\n attacker who successfully exploited the vulnerability\n could use the sandbox escape to elevate privileges on an\n affected system. This vulnerability by itself does not\n allow arbitrary code execution. However, the\n vulnerability could allow arbitrary code to run if an\n attacker uses it in combination with another\n vulnerability, such as a remote code execution\n vulnerability or another elevation of privilege\n vulnerability, that can leverage the elevated privileges\n when code execution is attempted. The security update\n addresses the vulnerability by correcting how Windows\n file picker handles paths. (CVE-2018-8314)\n\n - A security feature bypass vulnerability exists when\n Microsoft .NET Framework components do not correctly\n validate certificates. An attacker could present expired\n certificates when challenged. The security update\n addresses the vulnerability by ensuring that .NET\n Framework components correctly validate certificates.\n (CVE-2018-8356)", "edition": 23, "cvss3": {"score": 8.1, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-07-10T00:00:00", "title": "KB4338829: Windows 10 July 2018 Security Update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-8304", "CVE-2018-8291", "CVE-2018-0949", "CVE-2018-8313", "CVE-2018-8222", "CVE-2018-8280", "CVE-2018-8308", "CVE-2018-8288", "CVE-2018-8287", "CVE-2018-8307", "CVE-2018-8202", "CVE-2018-8290", "CVE-2018-8314", "CVE-2018-8296", "CVE-2018-8356", "CVE-2018-8206", "CVE-2018-8309", "CVE-2018-8284", "CVE-2018-8282", "CVE-2018-8125", "CVE-2018-8242"], "modified": "2018-07-10T00:00:00", "cpe": ["cpe:/o:microsoft:windows", "cpe:/a:microsoft:edge"], "id": "SMB_NT_MS18_JUL_4338829.NASL", "href": "https://www.tenable.com/plugins/nessus/110986", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(110986);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/08/18\");\n\n script_cve_id(\n \"CVE-2018-0949\",\n \"CVE-2018-8125\",\n \"CVE-2018-8202\",\n \"CVE-2018-8206\",\n \"CVE-2018-8222\",\n \"CVE-2018-8242\",\n \"CVE-2018-8280\",\n \"CVE-2018-8282\",\n \"CVE-2018-8284\",\n \"CVE-2018-8287\",\n \"CVE-2018-8288\",\n \"CVE-2018-8290\",\n \"CVE-2018-8291\",\n \"CVE-2018-8296\",\n \"CVE-2018-8304\",\n \"CVE-2018-8307\",\n \"CVE-2018-8308\",\n \"CVE-2018-8309\",\n \"CVE-2018-8313\",\n \"CVE-2018-8314\",\n \"CVE-2018-8356\"\n );\n script_bugtraq_id(\n 104617,\n 104620,\n 104622,\n 104623,\n 104629,\n 104631,\n 104634,\n 104635,\n 104636,\n 104637,\n 104638,\n 104642,\n 104644,\n 104648,\n 104652,\n 104664,\n 104665,\n 104667,\n 104668,\n 104669,\n 104670\n );\n script_xref(name:\"MSKB\", value:\"4338829\");\n script_xref(name:\"MSFT\", value:\"MS18-4338829\");\n\n script_name(english:\"KB4338829: Windows 10 July 2018 Security Update\");\n script_summary(english:\"Checks for rollup.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4338829.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-8242, CVE-2018-8296)\n\n - A denial of service vulnerability exists in Windows\n Domain Name System (DNS) DNSAPI.dll when it fails to\n properly handle DNS responses. An attacker who\n successfully exploited the vulnerability could cause a\n system to stop responding. Note that the denial of\n service condition would not allow an attacker to execute\n code or to elevate user privileges. However, the denial\n of service condition could prevent authorized users from\n using system resources. (CVE-2018-8304)\n\n - A denial of service vulnerability exists when Windows\n improperly handles objects in memory. An attacker who\n successfully exploited the vulnerability could cause a\n target system to stop responding. (CVE-2018-8309)\n\n - A remote code execution vulnerability exists in the way\n that the Chakra scripting engine handles objects in\n memory in Microsoft Edge. The vulnerability could\n corrupt memory in such a way that an attacker could\n execute arbitrary code in the context of the current\n user. An attacker who successfully exploited the\n vulnerability could gain the same user rights as the\n current user. (CVE-2018-8280, CVE-2018-8290)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Windows kernel-mode driver fails to\n properly handle objects in memory. An attacker who\n successfully exploited this vulnerability could run\n arbitrary code in kernel mode. An attacker could then\n install programs; view, change, or delete data; or\n create new accounts with full user rights.\n (CVE-2018-8282)\n\n - A denial of service vulnerability exists when Windows\n improperly handles File Transfer Protocol (FTP)\n connections. An attacker who successfully exploited the\n vulnerability could cause a target system to stop\n responding. (CVE-2018-8206)\n\n - A remote code execution vulnerability exists when\n Microsoft Edge improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way\n that enables an attacker to execute arbitrary code in\n the context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2018-8125)\n\n - A security feature bypass vulnerability exists in Device\n Guard that could allow an attacker to inject malicious\n code into a Windows PowerShell session. An attacker who\n successfully exploited this vulnerability could inject\n code into a trusted PowerShell process to bypass the\n Device Guard Code Integrity policy on the local machine.\n (CVE-2018-8222)\n\n - A security feature bypass vulnerability exists when\n Microsoft Internet Explorer improperly handles requests\n involving UNC resources. An attacker who successfully\n exploited the vulnerability could force the browser to\n load data that would otherwise be restricted.\n (CVE-2018-0949)\n\n - An elevation of privilege vulnerability exists when the\n Windows kernel fails to properly handle objects in\n memory. An attacker who successfully exploited this\n vulnerability could run arbitrary code in kernel mode.\n An attacker could then install programs; view, change,\n or delete data; or create new accounts with full user\n rights. (CVE-2018-8308)\n\n - A security feature bypass vulnerability exists when\n Microsoft WordPad improperly handles embedded OLE\n objects. An attacker who successfully exploited the\n vulnerability could bypass content blocking. In a file-\n sharing attack scenario, an attacker could provide a\n specially crafted document file designed to exploit the\n vulnerability, and then convince a user to open the\n document file. The security update addresses the\n vulnerability by correcting how Microsoft WordPad\n handles input. (CVE-2018-8307)\n\n - An elevation of privilege vulnerability exists in .NET\n Framework which could allow an attacker to elevate their\n privilege level. (CVE-2018-8202)\n\n - An elevation of privilege vulnerability exists in the\n way that the Windows Kernel API enforces permissions. An\n attacker who successfully exploited the vulnerability\n could impersonate processes, interject cross-process\n communication, or interrupt system functionality.\n (CVE-2018-8313)\n\n - A remote code execution vulnerability exists in the way\n the scripting engine handles objects in memory in\n Microsoft browsers. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-8287, CVE-2018-8288, CVE-2018-8291)\n\n - A remote code execution vulnerability exists when the\n Microsoft .NET Framework fails to validate input\n properly. An attacker who successfully exploited this\n vulnerability could take control of an affected system.\n An attacker could then install programs; view, change,\n or delete data; or create new accounts with full user\n rights. Users whose accounts are configured to have\n fewer user rights on the system could be less impacted\n than users who operate with administrative user rights.\n (CVE-2018-8284)\n\n - An elevation of privilege vulnerability exists when\n Windows fails a check, allowing a sandbox escape. An\n attacker who successfully exploited the vulnerability\n could use the sandbox escape to elevate privileges on an\n affected system. This vulnerability by itself does not\n allow arbitrary code execution. However, the\n vulnerability could allow arbitrary code to run if an\n attacker uses it in combination with another\n vulnerability, such as a remote code execution\n vulnerability or another elevation of privilege\n vulnerability, that can leverage the elevated privileges\n when code execution is attempted. The security update\n addresses the vulnerability by correcting how Windows\n file picker handles paths. (CVE-2018-8314)\n\n - A security feature bypass vulnerability exists when\n Microsoft .NET Framework components do not correctly\n validate certificates. An attacker could present expired\n certificates when challenged. The security update\n addresses the vulnerability by ensuring that .NET\n Framework components correctly validate certificates.\n (CVE-2018-8356)\");\n # https://support.microsoft.com/en-us/help/4338829/windows-10-update-kb4338829\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a0a3fc8a\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB4338829.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-8284\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/07/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/07/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:edge\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS18-07\";\nkbs = make_list('4338829');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:\"10240\",\n rollup_date:\"07_2018\",\n bulletin:bulletin,\n rollup_kb_list:[4338829])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-08-19T05:13:12", "description": "The remote Windows host is missing security update 4338814.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An elevation of privilege vulnerability exists in .NET\n Framework which could allow an attacker to elevate their\n privilege level. (CVE-2018-8202)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-8242, CVE-2018-8296)\n\n - A denial of service vulnerability exists in Windows\n Domain Name System (DNS) DNSAPI.dll when it fails to\n properly handle DNS responses. An attacker who\n successfully exploited the vulnerability could cause a\n system to stop responding. Note that the denial of\n service condition would not allow an attacker to execute\n code or to elevate user privileges. However, the denial\n of service condition could prevent authorized users from\n using system resources. (CVE-2018-8304)\n\n - A denial of service vulnerability exists when Windows\n improperly handles objects in memory. An attacker who\n successfully exploited the vulnerability could cause a\n target system to stop responding. (CVE-2018-8309)\n\n - A remote code execution vulnerability exists in the way\n that the Chakra scripting engine handles objects in\n memory in Microsoft Edge. The vulnerability could\n corrupt memory in such a way that an attacker could\n execute arbitrary code in the context of the current\n user. An attacker who successfully exploited the\n vulnerability could gain the same user rights as the\n current user. (CVE-2018-8280, CVE-2018-8290)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Windows kernel-mode driver fails to\n properly handle objects in memory. An attacker who\n successfully exploited this vulnerability could run\n arbitrary code in kernel mode. An attacker could then\n install programs; view, change, or delete data; or\n create new accounts with full user rights.\n (CVE-2018-8282)\n\n - A remote code execution vulnerability exists when\n Microsoft Edge improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way\n that enables an attacker to execute arbitrary code in\n the context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2018-8125,\n CVE-2018-8275)\n\n - A denial of service vulnerability exists when Windows\n improperly handles File Transfer Protocol (FTP)\n connections. An attacker who successfully exploited the\n vulnerability could cause a target system to stop\n responding. (CVE-2018-8206)\n\n - A security feature bypass vulnerability exists in Device\n Guard that could allow an attacker to inject malicious\n code into a Windows PowerShell session. An attacker who\n successfully exploited this vulnerability could inject\n code into a trusted PowerShell process to bypass the\n Device Guard Code Integrity policy on the local machine.\n (CVE-2018-8222)\n\n - A security feature bypass vulnerability exists when\n Microsoft Internet Explorer improperly handles requests\n involving UNC resources. An attacker who successfully\n exploited the vulnerability could force the browser to\n load data that would otherwise be restricted.\n (CVE-2018-0949)\n\n - An elevation of privilege vulnerability exists when the\n Windows kernel fails to properly handle objects in\n memory. An attacker who successfully exploited this\n vulnerability could run arbitrary code in kernel mode.\n An attacker could then install programs; view, change,\n or delete data; or create new accounts with full user\n rights. (CVE-2018-8308)\n\n - A security feature bypass vulnerability exists when\n Microsoft WordPad improperly handles embedded OLE\n objects. An attacker who successfully exploited the\n vulnerability could bypass content blocking. In a file-\n sharing attack scenario, an attacker could provide a\n specially crafted document file designed to exploit the\n vulnerability, and then convince a user to open the\n document file. The security update addresses the\n vulnerability by correcting how Microsoft WordPad\n handles input. (CVE-2018-8307)\n\n - A Remote Code Execution vulnerability exists in .NET\n software when the software fails to check the source\n markup of a file. An attacker who successfully exploited\n the vulnerability could run arbitrary code in the\n context of the current user. If the current user is\n logged on with administrative user rights, an attacker\n could take control of the affected system. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with full user rights.\n (CVE-2018-8260)\n\n - An elevation of privilege vulnerability exists in the\n way that the Windows Kernel API enforces permissions. An\n attacker who successfully exploited the vulnerability\n could impersonate processes, interject cross-process\n communication, or interrupt system functionality.\n (CVE-2018-8313)\n\n - A remote code execution vulnerability exists in the way\n the scripting engine handles objects in memory in\n Microsoft browsers. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-8287, CVE-2018-8288, CVE-2018-8291)\n\n - A remote code execution vulnerability exists when the\n Microsoft .NET Framework fails to validate input\n properly. An attacker who successfully exploited this\n vulnerability could take control of an affected system.\n An attacker could then install programs; view, change,\n or delete data; or create new accounts with full user\n rights. Users whose accounts are configured to have\n fewer user rights on the system could be less impacted\n than users who operate with administrative user rights.\n (CVE-2018-8284)\n\n - A security feature bypass vulnerability exists when\n Microsoft .NET Framework components do not correctly\n validate certificates. An attacker could present expired\n certificates when challenged. The security update\n addresses the vulnerability by ensuring that .NET\n Framework components correctly validate certificates.\n (CVE-2018-8356)", "edition": 23, "cvss3": {"score": 8.1, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-07-10T00:00:00", "title": "KB4338814: Windows 10 Version 1607 and Windows Server 2016 July 2018 Security Update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-8304", "CVE-2018-8260", "CVE-2018-8275", "CVE-2018-8291", "CVE-2018-0949", "CVE-2018-8313", "CVE-2018-8222", "CVE-2018-8280", "CVE-2018-8308", "CVE-2018-8288", "CVE-2018-8287", "CVE-2018-8307", "CVE-2018-8202", "CVE-2018-8290", "CVE-2018-8296", "CVE-2018-8356", "CVE-2018-8206", "CVE-2018-8309", "CVE-2018-8284", "CVE-2018-8282", "CVE-2018-8125", "CVE-2018-8242"], "modified": "2018-07-10T00:00:00", "cpe": ["cpe:/o:microsoft:windows", "cpe:/a:microsoft:edge"], "id": "SMB_NT_MS18_JUL_4338814.NASL", "href": "https://www.tenable.com/plugins/nessus/110980", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(110980);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/08/18\");\n\n script_cve_id(\n \"CVE-2018-0949\",\n \"CVE-2018-8125\",\n \"CVE-2018-8202\",\n \"CVE-2018-8206\",\n \"CVE-2018-8222\",\n \"CVE-2018-8242\",\n \"CVE-2018-8260\",\n \"CVE-2018-8275\",\n \"CVE-2018-8280\",\n \"CVE-2018-8282\",\n \"CVE-2018-8284\",\n \"CVE-2018-8287\",\n \"CVE-2018-8288\",\n \"CVE-2018-8290\",\n \"CVE-2018-8291\",\n \"CVE-2018-8296\",\n \"CVE-2018-8304\",\n \"CVE-2018-8307\",\n \"CVE-2018-8308\",\n \"CVE-2018-8309\",\n \"CVE-2018-8313\",\n \"CVE-2018-8356\"\n );\n script_bugtraq_id(\n 104617,\n 104620,\n 104622,\n 104623,\n 104629,\n 104631,\n 104632,\n 104634,\n 104635,\n 104636,\n 104637,\n 104638,\n 104642,\n 104644,\n 104648,\n 104664,\n 104665,\n 104666,\n 104667,\n 104668,\n 104669,\n 104670\n );\n script_xref(name:\"MSKB\", value:\"4338814\");\n script_xref(name:\"MSFT\", value:\"MS18-4338814\");\n\n script_name(english:\"KB4338814: Windows 10 Version 1607 and Windows Server 2016 July 2018 Security Update\");\n script_summary(english:\"Checks for rollup.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4338814.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An elevation of privilege vulnerability exists in .NET\n Framework which could allow an attacker to elevate their\n privilege level. (CVE-2018-8202)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-8242, CVE-2018-8296)\n\n - A denial of service vulnerability exists in Windows\n Domain Name System (DNS) DNSAPI.dll when it fails to\n properly handle DNS responses. An attacker who\n successfully exploited the vulnerability could cause a\n system to stop responding. Note that the denial of\n service condition would not allow an attacker to execute\n code or to elevate user privileges. However, the denial\n of service condition could prevent authorized users from\n using system resources. (CVE-2018-8304)\n\n - A denial of service vulnerability exists when Windows\n improperly handles objects in memory. An attacker who\n successfully exploited the vulnerability could cause a\n target system to stop responding. (CVE-2018-8309)\n\n - A remote code execution vulnerability exists in the way\n that the Chakra scripting engine handles objects in\n memory in Microsoft Edge. The vulnerability could\n corrupt memory in such a way that an attacker could\n execute arbitrary code in the context of the current\n user. An attacker who successfully exploited the\n vulnerability could gain the same user rights as the\n current user. (CVE-2018-8280, CVE-2018-8290)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Windows kernel-mode driver fails to\n properly handle objects in memory. An attacker who\n successfully exploited this vulnerability could run\n arbitrary code in kernel mode. An attacker could then\n install programs; view, change, or delete data; or\n create new accounts with full user rights.\n (CVE-2018-8282)\n\n - A remote code execution vulnerability exists when\n Microsoft Edge improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way\n that enables an attacker to execute arbitrary code in\n the context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2018-8125,\n CVE-2018-8275)\n\n - A denial of service vulnerability exists when Windows\n improperly handles File Transfer Protocol (FTP)\n connections. An attacker who successfully exploited the\n vulnerability could cause a target system to stop\n responding. (CVE-2018-8206)\n\n - A security feature bypass vulnerability exists in Device\n Guard that could allow an attacker to inject malicious\n code into a Windows PowerShell session. An attacker who\n successfully exploited this vulnerability could inject\n code into a trusted PowerShell process to bypass the\n Device Guard Code Integrity policy on the local machine.\n (CVE-2018-8222)\n\n - A security feature bypass vulnerability exists when\n Microsoft Internet Explorer improperly handles requests\n involving UNC resources. An attacker who successfully\n exploited the vulnerability could force the browser to\n load data that would otherwise be restricted.\n (CVE-2018-0949)\n\n - An elevation of privilege vulnerability exists when the\n Windows kernel fails to properly handle objects in\n memory. An attacker who successfully exploited this\n vulnerability could run arbitrary code in kernel mode.\n An attacker could then install programs; view, change,\n or delete data; or create new accounts with full user\n rights. (CVE-2018-8308)\n\n - A security feature bypass vulnerability exists when\n Microsoft WordPad improperly handles embedded OLE\n objects. An attacker who successfully exploited the\n vulnerability could bypass content blocking. In a file-\n sharing attack scenario, an attacker could provide a\n specially crafted document file designed to exploit the\n vulnerability, and then convince a user to open the\n document file. The security update addresses the\n vulnerability by correcting how Microsoft WordPad\n handles input. (CVE-2018-8307)\n\n - A Remote Code Execution vulnerability exists in .NET\n software when the software fails to check the source\n markup of a file. An attacker who successfully exploited\n the vulnerability could run arbitrary code in the\n context of the current user. If the current user is\n logged on with administrative user rights, an attacker\n could take control of the affected system. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with full user rights.\n (CVE-2018-8260)\n\n - An elevation of privilege vulnerability exists in the\n way that the Windows Kernel API enforces permissions. An\n attacker who successfully exploited the vulnerability\n could impersonate processes, interject cross-process\n communication, or interrupt system functionality.\n (CVE-2018-8313)\n\n - A remote code execution vulnerability exists in the way\n the scripting engine handles objects in memory in\n Microsoft browsers. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-8287, CVE-2018-8288, CVE-2018-8291)\n\n - A remote code execution vulnerability exists when the\n Microsoft .NET Framework fails to validate input\n properly. An attacker who successfully exploited this\n vulnerability could take control of an affected system.\n An attacker could then install programs; view, change,\n or delete data; or create new accounts with full user\n rights. Users whose accounts are configured to have\n fewer user rights on the system could be less impacted\n than users who operate with administrative user rights.\n (CVE-2018-8284)\n\n - A security feature bypass vulnerability exists when\n Microsoft .NET Framework components do not correctly\n validate certificates. An attacker could present expired\n certificates when challenged. The security update\n addresses the vulnerability by ensuring that .NET\n Framework components correctly validate certificates.\n (CVE-2018-8356)\");\n # https://support.microsoft.com/en-us/help/4338814/windows-10-update-kb4338814\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?6a189799\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB4338814.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-8284\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/07/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/07/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:edge\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS18-07\";\nkbs = make_list('4338814');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:\"14393\",\n rollup_date:\"07_2018\",\n bulletin:bulletin,\n rollup_kb_list:[4338814])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-08-19T05:13:12", "description": "The remote Windows host is missing security update 4338826.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An elevation of privilege vulnerability exists in .NET\n Framework which could allow an attacker to elevate their\n privilege level. (CVE-2018-8202)\n\n - A remote code execution vulnerability exists when\n Microsoft Edge improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way\n that enables an attacker to execute arbitrary code in\n the context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2018-8125,\n CVE-2018-8274, CVE-2018-8275, CVE-2018-8279)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-8242, CVE-2018-8296)\n\n - A denial of service vulnerability exists in Windows\n Domain Name System (DNS) DNSAPI.dll when it fails to\n properly handle DNS responses. An attacker who\n successfully exploited the vulnerability could cause a\n system to stop responding. Note that the denial of\n service condition would not allow an attacker to execute\n code or to elevate user privileges. However, the denial\n of service condition could prevent authorized users from\n using system resources. (CVE-2018-8304)\n\n - A Remote Code Execution vulnerability exists in .NET\n software when the software fails to check the source\n markup of a file. An attacker who successfully exploited\n the vulnerability could run arbitrary code in the\n context of the current user. If the current user is\n logged on with administrative user rights, an attacker\n could take control of the affected system. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with full user rights.\n (CVE-2018-8260)\n\n - A denial of service vulnerability exists when Windows\n improperly handles objects in memory. An attacker who\n successfully exploited the vulnerability could cause a\n target system to stop responding. (CVE-2018-8309)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Windows kernel-mode driver fails to\n properly handle objects in memory. An attacker who\n successfully exploited this vulnerability could run\n arbitrary code in kernel mode. An attacker could then\n install programs; view, change, or delete data; or\n create new accounts with full user rights.\n (CVE-2018-8282)\n\n - A security feature bypass vulnerability exists in Device\n Guard that could allow an attacker to inject malicious\n code into a Windows PowerShell session. An attacker who\n successfully exploited this vulnerability could inject\n code into a trusted PowerShell process to bypass the\n Device Guard Code Integrity policy on the local machine.\n (CVE-2018-8222)\n\n - A denial of service vulnerability exists when Windows\n improperly handles File Transfer Protocol (FTP)\n connections. An attacker who successfully exploited the\n vulnerability could cause a target system to stop\n responding. (CVE-2018-8206)\n\n - A security feature bypass vulnerability exists when\n Microsoft Internet Explorer improperly handles requests\n involving UNC resources. An attacker who successfully\n exploited the vulnerability could force the browser to\n load data that would otherwise be restricted.\n (CVE-2018-0949)\n\n - An information disclosure vulnerability exists when\n Microsoft Edge improperly handles objects in memory. An\n attacker who successfully exploited the vulnerability\n could obtain information to further compromise the users\n system. (CVE-2018-8324)\n\n - An elevation of privilege vulnerability exists when the\n Windows kernel fails to properly handle objects in\n memory. An attacker who successfully exploited this\n vulnerability could run arbitrary code in kernel mode.\n An attacker could then install programs; view, change,\n or delete data; or create new accounts with full user\n rights. (CVE-2018-8308)\n\n - A security feature bypass vulnerability exists when\n Microsoft WordPad improperly handles embedded OLE\n objects. An attacker who successfully exploited the\n vulnerability could bypass content blocking. In a file-\n sharing attack scenario, an attacker could provide a\n specially crafted document file designed to exploit the\n vulnerability, and then convince a user to open the\n document file. The security update addresses the\n vulnerability by correcting how Microsoft WordPad\n handles input. (CVE-2018-8307)\n\n - A security feature bypass vulnerability exists in the\n Microsoft Chakra scripting engine that allows Control\n Flow Guard (CFG) to be bypassed. By itself, the CFG\n bypass vulnerability does not allow arbitrary code\n execution. However, an attacker could use the CFG bypass\n vulnerability in conjunction with another vulnerability,\n such as a remote code execution vulnerability, to run\n arbitrary code on a target system. (CVE-2018-8276)\n\n - An elevation of privilege vulnerability exists in the\n way that the Windows Kernel API enforces permissions. An\n attacker who successfully exploited the vulnerability\n could impersonate processes, interject cross-process\n communication, or interrupt system functionality.\n (CVE-2018-8313)\n\n - A remote code execution vulnerability exists in the way\n the scripting engine handles objects in memory in\n Microsoft browsers. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-8287, CVE-2018-8288, CVE-2018-8291)\n\n - A remote code execution vulnerability exists when the\n Microsoft .NET Framework fails to validate input\n properly. An attacker who successfully exploited this\n vulnerability could take control of an affected system.\n An attacker could then install programs; view, change,\n or delete data; or create new accounts with full user\n rights. Users whose accounts are configured to have\n fewer user rights on the system could be less impacted\n than users who operate with administrative user rights.\n (CVE-2018-8284)\n\n - A remote code execution vulnerability exists in the way\n that the Chakra scripting engine handles objects in\n memory in Microsoft Edge. The vulnerability could\n corrupt memory in such a way that an attacker could\n execute arbitrary code in the context of the current\n user. An attacker who successfully exploited the\n vulnerability could gain the same user rights as the\n current user. (CVE-2018-8280, CVE-2018-8286,\n CVE-2018-8290)\n\n - A security feature bypass vulnerability exists when\n Microsoft .NET Framework components do not correctly\n validate certificates. An attacker could present expired\n certificates when challenged. The security update\n addresses the vulnerability by ensuring that .NET\n Framework components correctly validate certificates.\n (CVE-2018-8356)", "edition": 23, "cvss3": {"score": 8.1, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-07-10T00:00:00", "title": "KB4338826: Windows 10 Version 1703 July 2018 Security Update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-8304", "CVE-2018-8260", "CVE-2018-8276", "CVE-2018-8275", "CVE-2018-8291", "CVE-2018-0949", "CVE-2018-8313", "CVE-2018-8222", "CVE-2018-8280", "CVE-2018-8279", "CVE-2018-8308", "CVE-2018-8288", "CVE-2018-8287", "CVE-2018-8307", "CVE-2018-8202", "CVE-2018-8290", "CVE-2018-8296", "CVE-2018-8324", "CVE-2018-8356", "CVE-2018-8206", "CVE-2018-8309", "CVE-2018-8284", "CVE-2018-8282", "CVE-2018-8125", "CVE-2018-8286", "CVE-2018-8274", "CVE-2018-8242"], "modified": "2018-07-10T00:00:00", "cpe": ["cpe:/o:microsoft:windows", "cpe:/a:microsoft:edge"], "id": "SMB_NT_MS18_JUL_4338826.NASL", "href": "https://www.tenable.com/plugins/nessus/110985", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(110985);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/08/18\");\n\n script_cve_id(\n \"CVE-2018-0949\",\n \"CVE-2018-8125\",\n \"CVE-2018-8202\",\n \"CVE-2018-8206\",\n \"CVE-2018-8222\",\n \"CVE-2018-8242\",\n \"CVE-2018-8260\",\n \"CVE-2018-8274\",\n \"CVE-2018-8275\",\n \"CVE-2018-8276\",\n \"CVE-2018-8279\",\n \"CVE-2018-8280\",\n \"CVE-2018-8282\",\n \"CVE-2018-8284\",\n \"CVE-2018-8286\",\n \"CVE-2018-8287\",\n \"CVE-2018-8288\",\n \"CVE-2018-8290\",\n \"CVE-2018-8291\",\n \"CVE-2018-8296\",\n \"CVE-2018-8304\",\n \"CVE-2018-8307\",\n \"CVE-2018-8308\",\n \"CVE-2018-8309\",\n \"CVE-2018-8313\",\n \"CVE-2018-8324\",\n \"CVE-2018-8356\"\n );\n script_bugtraq_id(\n 104617,\n 104620,\n 104622,\n 104623,\n 104626,\n 104629,\n 104631,\n 104632,\n 104634,\n 104635,\n 104636,\n 104637,\n 104638,\n 104641,\n 104642,\n 104643,\n 104644,\n 104648,\n 104650,\n 104653,\n 104664,\n 104665,\n 104666,\n 104667,\n 104668,\n 104669,\n 104670\n );\n script_xref(name:\"MSKB\", value:\"4338826\");\n script_xref(name:\"MSFT\", value:\"MS18-4338826\");\n\n script_name(english:\"KB4338826: Windows 10 Version 1703 July 2018 Security Update\");\n script_summary(english:\"Checks for rollup.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4338826.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An elevation of privilege vulnerability exists in .NET\n Framework which could allow an attacker to elevate their\n privilege level. (CVE-2018-8202)\n\n - A remote code execution vulnerability exists when\n Microsoft Edge improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way\n that enables an attacker to execute arbitrary code in\n the context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2018-8125,\n CVE-2018-8274, CVE-2018-8275, CVE-2018-8279)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-8242, CVE-2018-8296)\n\n - A denial of service vulnerability exists in Windows\n Domain Name System (DNS) DNSAPI.dll when it fails to\n properly handle DNS responses. An attacker who\n successfully exploited the vulnerability could cause a\n system to stop responding. Note that the denial of\n service condition would not allow an attacker to execute\n code or to elevate user privileges. However, the denial\n of service condition could prevent authorized users from\n using system resources. (CVE-2018-8304)\n\n - A Remote Code Execution vulnerability exists in .NET\n software when the software fails to check the source\n markup of a file. An attacker who successfully exploited\n the vulnerability could run arbitrary code in the\n context of the current user. If the current user is\n logged on with administrative user rights, an attacker\n could take control of the affected system. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with full user rights.\n (CVE-2018-8260)\n\n - A denial of service vulnerability exists when Windows\n improperly handles objects in memory. An attacker who\n successfully exploited the vulnerability could cause a\n target system to stop responding. (CVE-2018-8309)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Windows kernel-mode driver fails to\n properly handle objects in memory. An attacker who\n successfully exploited this vulnerability could run\n arbitrary code in kernel mode. An attacker could then\n install programs; view, change, or delete data; or\n create new accounts with full user rights.\n (CVE-2018-8282)\n\n - A security feature bypass vulnerability exists in Device\n Guard that could allow an attacker to inject malicious\n code into a Windows PowerShell session. An attacker who\n successfully exploited this vulnerability could inject\n code into a trusted PowerShell process to bypass the\n Device Guard Code Integrity policy on the local machine.\n (CVE-2018-8222)\n\n - A denial of service vulnerability exists when Windows\n improperly handles File Transfer Protocol (FTP)\n connections. An attacker who successfully exploited the\n vulnerability could cause a target system to stop\n responding. (CVE-2018-8206)\n\n - A security feature bypass vulnerability exists when\n Microsoft Internet Explorer improperly handles requests\n involving UNC resources. An attacker who successfully\n exploited the vulnerability could force the browser to\n load data that would otherwise be restricted.\n (CVE-2018-0949)\n\n - An information disclosure vulnerability exists when\n Microsoft Edge improperly handles objects in memory. An\n attacker who successfully exploited the vulnerability\n could obtain information to further compromise the users\n system. (CVE-2018-8324)\n\n - An elevation of privilege vulnerability exists when the\n Windows kernel fails to properly handle objects in\n memory. An attacker who successfully exploited this\n vulnerability could run arbitrary code in kernel mode.\n An attacker could then install programs; view, change,\n or delete data; or create new accounts with full user\n rights. (CVE-2018-8308)\n\n - A security feature bypass vulnerability exists when\n Microsoft WordPad improperly handles embedded OLE\n objects. An attacker who successfully exploited the\n vulnerability could bypass content blocking. In a file-\n sharing attack scenario, an attacker could provide a\n specially crafted document file designed to exploit the\n vulnerability, and then convince a user to open the\n document file. The security update addresses the\n vulnerability by correcting how Microsoft WordPad\n handles input. (CVE-2018-8307)\n\n - A security feature bypass vulnerability exists in the\n Microsoft Chakra scripting engine that allows Control\n Flow Guard (CFG) to be bypassed. By itself, the CFG\n bypass vulnerability does not allow arbitrary code\n execution. However, an attacker could use the CFG bypass\n vulnerability in conjunction with another vulnerability,\n such as a remote code execution vulnerability, to run\n arbitrary code on a target system. (CVE-2018-8276)\n\n - An elevation of privilege vulnerability exists in the\n way that the Windows Kernel API enforces permissions. An\n attacker who successfully exploited the vulnerability\n could impersonate processes, interject cross-process\n communication, or interrupt system functionality.\n (CVE-2018-8313)\n\n - A remote code execution vulnerability exists in the way\n the scripting engine handles objects in memory in\n Microsoft browsers. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-8287, CVE-2018-8288, CVE-2018-8291)\n\n - A remote code execution vulnerability exists when the\n Microsoft .NET Framework fails to validate input\n properly. An attacker who successfully exploited this\n vulnerability could take control of an affected system.\n An attacker could then install programs; view, change,\n or delete data; or create new accounts with full user\n rights. Users whose accounts are configured to have\n fewer user rights on the system could be less impacted\n than users who operate with administrative user rights.\n (CVE-2018-8284)\n\n - A remote code execution vulnerability exists in the way\n that the Chakra scripting engine handles objects in\n memory in Microsoft Edge. The vulnerability could\n corrupt memory in such a way that an attacker could\n execute arbitrary code in the context of the current\n user. An attacker who successfully exploited the\n vulnerability could gain the same user rights as the\n current user. (CVE-2018-8280, CVE-2018-8286,\n CVE-2018-8290)\n\n - A security feature bypass vulnerability exists when\n Microsoft .NET Framework components do not correctly\n validate certificates. An attacker could present expired\n certificates when challenged. The security update\n addresses the vulnerability by ensuring that .NET\n Framework components correctly validate certificates.\n (CVE-2018-8356)\");\n # https://support.microsoft.com/en-us/help/4338826/windows-10-update-kb4338826\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?454614d0\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB4338826.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-8284\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/07/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/07/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:edge\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS18-07\";\nkbs = make_list('4338826');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:\"15063\",\n rollup_date:\"07_2018\",\n bulletin:bulletin,\n rollup_kb_list:[4338826])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-08-19T05:13:12", "description": "The remote Windows host is missing security update 4338825.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An elevation of privilege vulnerability exists in .NET\n Framework which could allow an attacker to elevate their\n privilege level. (CVE-2018-8202)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-8242, CVE-2018-8296)\n\n - A remote code execution vulnerability exists when\n Microsoft Edge improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way\n that enables an attacker to execute arbitrary code in\n the context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2018-8125,\n CVE-2018-8274, CVE-2018-8275, CVE-2018-8279,\n CVE-2018-8301)\n\n - A denial of service vulnerability exists in Windows\n Domain Name System (DNS) DNSAPI.dll when it fails to\n properly handle DNS responses. An attacker who\n successfully exploited the vulnerability could cause a\n system to stop responding. Note that the denial of\n service condition would not allow an attacker to execute\n code or to elevate user privileges. However, the denial\n of service condition could prevent authorized users from\n using system resources. (CVE-2018-8304)\n\n - A Remote Code Execution vulnerability exists in .NET\n software when the software fails to check the source\n markup of a file. An attacker who successfully exploited\n the vulnerability could run arbitrary code in the\n context of the current user. If the current user is\n logged on with administrative user rights, an attacker\n could take control of the affected system. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with full user rights.\n (CVE-2018-8260)\n\n - A denial of service vulnerability exists when Windows\n improperly handles objects in memory. An attacker who\n successfully exploited the vulnerability could cause a\n target system to stop responding. (CVE-2018-8309)\n\n - An information disclosure vulnerability exists when\n Microsoft Edge improperly handles objects in memory. An\n attacker who successfully exploited the vulnerability\n could obtain information to further compromise the users\n system. (CVE-2018-8297, CVE-2018-8324)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Windows kernel-mode driver fails to\n properly handle objects in memory. An attacker who\n successfully exploited this vulnerability could run\n arbitrary code in kernel mode. An attacker could then\n install programs; view, change, or delete data; or\n create new accounts with full user rights.\n (CVE-2018-8282)\n\n - A denial of service vulnerability exists when Windows\n improperly handles File Transfer Protocol (FTP)\n connections. An attacker who successfully exploited the\n vulnerability could cause a target system to stop\n responding. (CVE-2018-8206)\n\n - A security feature bypass vulnerability exists in Device\n Guard that could allow an attacker to inject malicious\n code into a Windows PowerShell session. An attacker who\n successfully exploited this vulnerability could inject\n code into a trusted PowerShell process to bypass the\n Device Guard Code Integrity policy on the local machine.\n (CVE-2018-8222)\n\n - A security feature bypass vulnerability exists when\n Microsoft Internet Explorer improperly handles requests\n involving UNC resources. An attacker who successfully\n exploited the vulnerability could force the browser to\n load data that would otherwise be restricted.\n (CVE-2018-0949)\n\n - An elevation of privilege vulnerability exists when the\n Windows kernel fails to properly handle objects in\n memory. An attacker who successfully exploited this\n vulnerability could run arbitrary code in kernel mode.\n An attacker could then install programs; view, change,\n or delete data; or create new accounts with full user\n rights. (CVE-2018-8308)\n\n - A security feature bypass vulnerability exists when\n Microsoft WordPad improperly handles embedded OLE\n objects. An attacker who successfully exploited the\n vulnerability could bypass content blocking. In a file-\n sharing attack scenario, an attacker could provide a\n specially crafted document file designed to exploit the\n vulnerability, and then convince a user to open the\n document file. The security update addresses the\n vulnerability by correcting how Microsoft WordPad\n handles input. (CVE-2018-8307)\n\n - A security feature bypass vulnerability exists in the\n Microsoft Chakra scripting engine that allows Control\n Flow Guard (CFG) to be bypassed. By itself, the CFG\n bypass vulnerability does not allow arbitrary code\n execution. However, an attacker could use the CFG bypass\n vulnerability in conjunction with another vulnerability,\n such as a remote code execution vulnerability, to run\n arbitrary code on a target system. (CVE-2018-8276)\n\n - An elevation of privilege vulnerability exists in the\n way that the Windows Kernel API enforces permissions. An\n attacker who successfully exploited the vulnerability\n could impersonate processes, interject cross-process\n communication, or interrupt system functionality.\n (CVE-2018-8313)\n\n - A remote code execution vulnerability exists in the way\n the scripting engine handles objects in memory in\n Microsoft browsers. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-8287, CVE-2018-8288, CVE-2018-8291)\n\n - A remote code execution vulnerability exists when the\n Microsoft .NET Framework fails to validate input\n properly. An attacker who successfully exploited this\n vulnerability could take control of an affected system.\n An attacker could then install programs; view, change,\n or delete data; or create new accounts with full user\n rights. Users whose accounts are configured to have\n fewer user rights on the system could be less impacted\n than users who operate with administrative user rights.\n (CVE-2018-8284)\n\n - A remote code execution vulnerability exists in the way\n that the Chakra scripting engine handles objects in\n memory in Microsoft Edge. The vulnerability could\n corrupt memory in such a way that an attacker could\n execute arbitrary code in the context of the current\n user. An attacker who successfully exploited the\n vulnerability could gain the same user rights as the\n current user. (CVE-2018-8280, CVE-2018-8286,\n CVE-2018-8290)\n\n - A security feature bypass vulnerability exists when\n Microsoft .NET Framework components do not correctly\n validate certificates. An attacker could present expired\n certificates when challenged. The security update\n addresses the vulnerability by ensuring that .NET\n Framework components correctly validate certificates.\n (CVE-2018-8356)", "edition": 23, "cvss3": {"score": 8.1, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-07-10T00:00:00", "title": "KB4338825: Windows 10 Version 1709 and Windows Server Version 1709 July 2018 Security Update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-8304", "CVE-2018-8297", "CVE-2018-8260", "CVE-2018-8276", "CVE-2018-8275", "CVE-2018-8291", "CVE-2018-0949", "CVE-2018-8313", "CVE-2018-8222", "CVE-2018-8280", "CVE-2018-8279", "CVE-2018-8308", "CVE-2018-8288", "CVE-2018-8287", "CVE-2018-8307", "CVE-2018-8202", "CVE-2018-8290", "CVE-2018-8296", "CVE-2018-8324", "CVE-2018-8356", "CVE-2018-8206", "CVE-2018-8309", "CVE-2018-8284", "CVE-2018-8282", "CVE-2018-8125", "CVE-2018-8301", "CVE-2018-8286", "CVE-2018-8274", "CVE-2018-8242"], "modified": "2018-07-10T00:00:00", "cpe": ["cpe:/o:microsoft:windows", "cpe:/a:microsoft:edge"], "id": "SMB_NT_MS18_JUL_4338825.NASL", "href": "https://www.tenable.com/plugins/nessus/110984", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(110984);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/08/18\");\n\n script_cve_id(\n \"CVE-2018-0949\",\n \"CVE-2018-8125\",\n \"CVE-2018-8202\",\n \"CVE-2018-8206\",\n \"CVE-2018-8222\",\n \"CVE-2018-8242\",\n \"CVE-2018-8260\",\n \"CVE-2018-8274\",\n \"CVE-2018-8275\",\n \"CVE-2018-8276\",\n \"CVE-2018-8279\",\n \"CVE-2018-8280\",\n \"CVE-2018-8282\",\n \"CVE-2018-8284\",\n \"CVE-2018-8286\",\n \"CVE-2018-8287\",\n \"CVE-2018-8288\",\n \"CVE-2018-8290\",\n \"CVE-2018-8291\",\n \"CVE-2018-8296\",\n \"CVE-2018-8297\",\n \"CVE-2018-8301\",\n \"CVE-2018-8304\",\n \"CVE-2018-8307\",\n \"CVE-2018-8308\",\n \"CVE-2018-8309\",\n \"CVE-2018-8313\",\n \"CVE-2018-8324\",\n \"CVE-2018-8356\"\n );\n script_bugtraq_id(\n 104617,\n 104620,\n 104622,\n 104623,\n 104626,\n 104629,\n 104631,\n 104632,\n 104634,\n 104635,\n 104636,\n 104637,\n 104638,\n 104641,\n 104642,\n 104643,\n 104644,\n 104647,\n 104648,\n 104650,\n 104653,\n 104654,\n 104664,\n 104665,\n 104666,\n 104667,\n 104668,\n 104669,\n 104670\n );\n script_xref(name:\"MSKB\", value:\"4338825\");\n script_xref(name:\"MSFT\", value:\"MS18-4338825\");\n\n script_name(english:\"KB4338825: Windows 10 Version 1709 and Windows Server Version 1709 July 2018 Security Update\");\n script_summary(english:\"Checks for rollup.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4338825.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An elevation of privilege vulnerability exists in .NET\n Framework which could allow an attacker to elevate their\n privilege level. (CVE-2018-8202)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-8242, CVE-2018-8296)\n\n - A remote code execution vulnerability exists when\n Microsoft Edge improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way\n that enables an attacker to execute arbitrary code in\n the context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2018-8125,\n CVE-2018-8274, CVE-2018-8275, CVE-2018-8279,\n CVE-2018-8301)\n\n - A denial of service vulnerability exists in Windows\n Domain Name System (DNS) DNSAPI.dll when it fails to\n properly handle DNS responses. An attacker who\n successfully exploited the vulnerability could cause a\n system to stop responding. Note that the denial of\n service condition would not allow an attacker to execute\n code or to elevate user privileges. However, the denial\n of service condition could prevent authorized users from\n using system resources. (CVE-2018-8304)\n\n - A Remote Code Execution vulnerability exists in .NET\n software when the software fails to check the source\n markup of a file. An attacker who successfully exploited\n the vulnerability could run arbitrary code in the\n context of the current user. If the current user is\n logged on with administrative user rights, an attacker\n could take control of the affected system. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with full user rights.\n (CVE-2018-8260)\n\n - A denial of service vulnerability exists when Windows\n improperly handles objects in memory. An attacker who\n successfully exploited the vulnerability could cause a\n target system to stop responding. (CVE-2018-8309)\n\n - An information disclosure vulnerability exists when\n Microsoft Edge improperly handles objects in memory. An\n attacker who successfully exploited the vulnerability\n could obtain information to further compromise the users\n system. (CVE-2018-8297, CVE-2018-8324)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Windows kernel-mode driver fails to\n properly handle objects in memory. An attacker who\n successfully exploited this vulnerability could run\n arbitrary code in kernel mode. An attacker could then\n install programs; view, change, or delete data; or\n create new accounts with full user rights.\n (CVE-2018-8282)\n\n - A denial of service vulnerability exists when Windows\n improperly handles File Transfer Protocol (FTP)\n connections. An attacker who successfully exploited the\n vulnerability could cause a target system to stop\n responding. (CVE-2018-8206)\n\n - A security feature bypass vulnerability exists in Device\n Guard that could allow an attacker to inject malicious\n code into a Windows PowerShell session. An attacker who\n successfully exploited this vulnerability could inject\n code into a trusted PowerShell process to bypass the\n Device Guard Code Integrity policy on the local machine.\n (CVE-2018-8222)\n\n - A security feature bypass vulnerability exists when\n Microsoft Internet Explorer improperly handles requests\n involving UNC resources. An attacker who successfully\n exploited the vulnerability could force the browser to\n load data that would otherwise be restricted.\n (CVE-2018-0949)\n\n - An elevation of privilege vulnerability exists when the\n Windows kernel fails to properly handle objects in\n memory. An attacker who successfully exploited this\n vulnerability could run arbitrary code in kernel mode.\n An attacker could then install programs; view, change,\n or delete data; or create new accounts with full user\n rights. (CVE-2018-8308)\n\n - A security feature bypass vulnerability exists when\n Microsoft WordPad improperly handles embedded OLE\n objects. An attacker who successfully exploited the\n vulnerability could bypass content blocking. In a file-\n sharing attack scenario, an attacker could provide a\n specially crafted document file designed to exploit the\n vulnerability, and then convince a user to open the\n document file. The security update addresses the\n vulnerability by correcting how Microsoft WordPad\n handles input. (CVE-2018-8307)\n\n - A security feature bypass vulnerability exists in the\n Microsoft Chakra scripting engine that allows Control\n Flow Guard (CFG) to be bypassed. By itself, the CFG\n bypass vulnerability does not allow arbitrary code\n execution. However, an attacker could use the CFG bypass\n vulnerability in conjunction with another vulnerability,\n such as a remote code execution vulnerability, to run\n arbitrary code on a target system. (CVE-2018-8276)\n\n - An elevation of privilege vulnerability exists in the\n way that the Windows Kernel API enforces permissions. An\n attacker who successfully exploited the vulnerability\n could impersonate processes, interject cross-process\n communication, or interrupt system functionality.\n (CVE-2018-8313)\n\n - A remote code execution vulnerability exists in the way\n the scripting engine handles objects in memory in\n Microsoft browsers. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-8287, CVE-2018-8288, CVE-2018-8291)\n\n - A remote code execution vulnerability exists when the\n Microsoft .NET Framework fails to validate input\n properly. An attacker who successfully exploited this\n vulnerability could take control of an affected system.\n An attacker could then install programs; view, change,\n or delete data; or create new accounts with full user\n rights. Users whose accounts are configured to have\n fewer user rights on the system could be less impacted\n than users who operate with administrative user rights.\n (CVE-2018-8284)\n\n - A remote code execution vulnerability exists in the way\n that the Chakra scripting engine handles objects in\n memory in Microsoft Edge. The vulnerability could\n corrupt memory in such a way that an attacker could\n execute arbitrary code in the context of the current\n user. An attacker who successfully exploited the\n vulnerability could gain the same user rights as the\n current user. (CVE-2018-8280, CVE-2018-8286,\n CVE-2018-8290)\n\n - A security feature bypass vulnerability exists when\n Microsoft .NET Framework components do not correctly\n validate certificates. An attacker could present expired\n certificates when challenged. The security update\n addresses the vulnerability by ensuring that .NET\n Framework components correctly validate certificates.\n (CVE-2018-8356)\");\n # https://support.microsoft.com/en-us/help/4338825/windows-10-update-kb4338825\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?3c803961\");\n script_set_attribute(attribute:\"solution\", value:\n \"Apply Cumulative Update KB4338825.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-8284\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/07/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/07/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:edge\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS18-07\";\nkbs = make_list('4338825');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:\"16299\",\n rollup_date:\"07_2018\",\n bulletin:bulletin,\n rollup_kb_list:[4338825])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-08-19T05:13:12", "description": "The remote Windows host is missing security update 4338819.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An elevation of privilege vulnerability exists in .NET\n Framework which could allow an attacker to elevate their\n privilege level. (CVE-2018-8202)\n\n - A security feature bypass vulnerability exists when\n Microsoft .NET Framework components do not correctly\n validate certificates. An attacker could present expired\n certificates when challenged. The security update\n addresses the vulnerability by ensuring that .NET\n Framework components correctly validate certificates.\n (CVE-2018-8356)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-8242, CVE-2018-8296)\n\n - A Remote Code Execution vulnerability exists in .NET\n software when the software fails to check the source\n markup of a file. An attacker who successfully exploited\n the vulnerability could run arbitrary code in the\n context of the current user. If the current user is\n logged on with administrative user rights, an attacker\n could take control of the affected system. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with full user rights.\n (CVE-2018-8260)\n\n - A denial of service vulnerability exists when Windows\n improperly handles objects in memory. An attacker who\n successfully exploited the vulnerability could cause a\n target system to stop responding. (CVE-2018-8309)\n\n - A remote code execution vulnerability exists in the way\n that the Chakra scripting engine handles objects in\n memory in Microsoft Edge. The vulnerability could\n corrupt memory in such a way that an attacker could\n execute arbitrary code in the context of the current\n user. An attacker who successfully exploited the\n vulnerability could gain the same user rights as the\n current user. (CVE-2018-8280, CVE-2018-8286,\n CVE-2018-8290, CVE-2018-8294)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Windows kernel-mode driver fails to\n properly handle objects in memory. An attacker who\n successfully exploited this vulnerability could run\n arbitrary code in kernel mode. An attacker could then\n install programs; view, change, or delete data; or\n create new accounts with full user rights.\n (CVE-2018-8282)\n\n - A denial of service vulnerability exists when Windows\n improperly handles File Transfer Protocol (FTP)\n connections. An attacker who successfully exploited the\n vulnerability could cause a target system to stop\n responding. (CVE-2018-8206)\n\n - An information disclosure vulnerability exists when\n Microsoft Edge improperly handles objects in memory. An\n attacker who successfully exploited the vulnerability\n could obtain information to further compromise the users\n system. (CVE-2018-8289, CVE-2018-8297, CVE-2018-8324,\n CVE-2018-8325)\n\n - A security feature bypass vulnerability exists in Device\n Guard that could allow an attacker to inject malicious\n code into a Windows PowerShell session. An attacker who\n successfully exploited this vulnerability could inject\n code into a trusted PowerShell process to bypass the\n Device Guard Code Integrity policy on the local machine.\n (CVE-2018-8222)\n\n - A security feature bypass vulnerability exists when\n Microsoft Internet Explorer improperly handles requests\n involving UNC resources. An attacker who successfully\n exploited the vulnerability could force the browser to\n load data that would otherwise be restricted.\n (CVE-2018-0949)\n\n - An elevation of privilege vulnerability exists when the\n Windows kernel fails to properly handle objects in\n memory. An attacker who successfully exploited this\n vulnerability could run arbitrary code in kernel mode.\n An attacker could then install programs; view, change,\n or delete data; or create new accounts with full user\n rights. (CVE-2018-8308)\n\n - A security feature bypass vulnerability exists when\n Microsoft WordPad improperly handles embedded OLE\n objects. An attacker who successfully exploited the\n vulnerability could bypass content blocking. In a file-\n sharing attack scenario, an attacker could provide a\n specially crafted document file designed to exploit the\n vulnerability, and then convince a user to open the\n document file. The security update addresses the\n vulnerability by correcting how Microsoft WordPad\n handles input. (CVE-2018-8307)\n\n - A security feature bypass vulnerability exists in the\n Microsoft Chakra scripting engine that allows Control\n Flow Guard (CFG) to be bypassed. By itself, the CFG\n bypass vulnerability does not allow arbitrary code\n execution. However, an attacker could use the CFG bypass\n vulnerability in conjunction with another vulnerability,\n such as a remote code execution vulnerability, to run\n arbitrary code on a target system. (CVE-2018-8276)\n\n - An elevation of privilege vulnerability exists in the\n way that the Windows Kernel API enforces permissions. An\n attacker who successfully exploited the vulnerability\n could impersonate processes, interject cross-process\n communication, or interrupt system functionality.\n (CVE-2018-8313)\n\n - A remote code execution vulnerability exists in the way\n the scripting engine handles objects in memory in\n Microsoft browsers. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-8287, CVE-2018-8288, CVE-2018-8291)\n\n - A remote code execution vulnerability exists when\n Microsoft Edge improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way\n that enables an attacker to execute arbitrary code in\n the context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2018-8125,\n CVE-2018-8262, CVE-2018-8274, CVE-2018-8275,\n CVE-2018-8279, CVE-2018-8301)\n\n - A remote code execution vulnerability exists when the\n Microsoft .NET Framework fails to validate input\n properly. An attacker who successfully exploited this\n vulnerability could take control of an affected system.\n An attacker could then install programs; view, change,\n or delete data; or create new accounts with full user\n rights. Users whose accounts are configured to have\n fewer user rights on the system could be less impacted\n than users who operate with administrative user rights.\n (CVE-2018-8284)\n\n - A spoofing vulnerability exists when Microsoft Edge\n improperly handles specific HTML content. An attacker\n who successfully exploited this vulnerability could\n trick a user into believing that the user was on a\n legitimate website. The specially crafted website could\n either spoof content or serve as a pivot to chain an\n attack with other vulnerabilities in web services.\n (CVE-2018-8278)", "edition": 23, "cvss3": {"score": 8.1, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-07-10T00:00:00", "title": "KB4338819: Windows 10 Version 1803 and Windows Server Version 1803 July 2018 Security Update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-8297", "CVE-2018-8260", "CVE-2018-8276", "CVE-2018-8275", "CVE-2018-8291", "CVE-2018-0949", "CVE-2018-8313", "CVE-2018-8222", "CVE-2018-8289", "CVE-2018-8280", "CVE-2018-8279", "CVE-2018-8308", "CVE-2018-8288", "CVE-2018-8278", "CVE-2018-8287", "CVE-2018-8325", "CVE-2018-8307", "CVE-2018-8202", "CVE-2018-8290", "CVE-2018-8262", "CVE-2018-8296", "CVE-2018-8324", "CVE-2018-8356", "CVE-2018-8206", "CVE-2018-8309", "CVE-2018-8284", "CVE-2018-8294", "CVE-2018-8282", "CVE-2018-8125", "CVE-2018-8301", "CVE-2018-8286", "CVE-2018-8274", "CVE-2018-8242"], "modified": "2018-07-10T00:00:00", "cpe": ["cpe:/o:microsoft:windows", "cpe:/a:microsoft:edge"], "id": "SMB_NT_MS18_JUL_4338819.NASL", "href": "https://www.tenable.com/plugins/nessus/110983", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(110983);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/08/18\");\n\n script_cve_id(\n \"CVE-2018-0949\",\n \"CVE-2018-8125\",\n \"CVE-2018-8202\",\n \"CVE-2018-8206\",\n \"CVE-2018-8222\",\n \"CVE-2018-8242\",\n \"CVE-2018-8260\",\n \"CVE-2018-8262\",\n \"CVE-2018-8274\",\n \"CVE-2018-8275\",\n \"CVE-2018-8276\",\n \"CVE-2018-8278\",\n \"CVE-2018-8279\",\n \"CVE-2018-8280\",\n \"CVE-2018-8282\",\n \"CVE-2018-8284\",\n \"CVE-2018-8286\",\n \"CVE-2018-8287\",\n \"CVE-2018-8288\",\n \"CVE-2018-8289\",\n \"CVE-2018-8290\",\n \"CVE-2018-8291\",\n \"CVE-2018-8294\",\n \"CVE-2018-8296\",\n \"CVE-2018-8297\",\n \"CVE-2018-8301\",\n \"CVE-2018-8307\",\n \"CVE-2018-8308\",\n \"CVE-2018-8309\",\n \"CVE-2018-8313\",\n \"CVE-2018-8324\",\n \"CVE-2018-8325\",\n \"CVE-2018-8356\"\n );\n script_bugtraq_id(\n 104620,\n 104622,\n 104623,\n 104626,\n 104627,\n 104628,\n 104629,\n 104630,\n 104631,\n 104632,\n 104634,\n 104635,\n 104636,\n 104637,\n 104638,\n 104641,\n 104642,\n 104643,\n 104644,\n 104646,\n 104647,\n 104648,\n 104650,\n 104651,\n 104653,\n 104654,\n 104664,\n 104665,\n 104666,\n 104667,\n 104668,\n 104669,\n 104670\n );\n script_xref(name:\"MSKB\", value:\"4338819\");\n script_xref(name:\"MSFT\", value:\"MS18-4338819\");\n\n script_name(english:\"KB4338819: Windows 10 Version 1803 and Windows Server Version 1803 July 2018 Security Update\");\n script_summary(english:\"Checks for rollup.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4338819.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An elevation of privilege vulnerability exists in .NET\n Framework which could allow an attacker to elevate their\n privilege level. (CVE-2018-8202)\n\n - A security feature bypass vulnerability exists when\n Microsoft .NET Framework components do not correctly\n validate certificates. An attacker could present expired\n certificates when challenged. The security update\n addresses the vulnerability by ensuring that .NET\n Framework components correctly validate certificates.\n (CVE-2018-8356)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-8242, CVE-2018-8296)\n\n - A Remote Code Execution vulnerability exists in .NET\n software when the software fails to check the source\n markup of a file. An attacker who successfully exploited\n the vulnerability could run arbitrary code in the\n context of the current user. If the current user is\n logged on with administrative user rights, an attacker\n could take control of the affected system. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with full user rights.\n (CVE-2018-8260)\n\n - A denial of service vulnerability exists when Windows\n improperly handles objects in memory. An attacker who\n successfully exploited the vulnerability could cause a\n target system to stop responding. (CVE-2018-8309)\n\n - A remote code execution vulnerability exists in the way\n that the Chakra scripting engine handles objects in\n memory in Microsoft Edge. The vulnerability could\n corrupt memory in such a way that an attacker could\n execute arbitrary code in the context of the current\n user. An attacker who successfully exploited the\n vulnerability could gain the same user rights as the\n current user. (CVE-2018-8280, CVE-2018-8286,\n CVE-2018-8290, CVE-2018-8294)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Windows kernel-mode driver fails to\n properly handle objects in memory. An attacker who\n successfully exploited this vulnerability could run\n arbitrary code in kernel mode. An attacker could then\n install programs; view, change, or delete data; or\n create new accounts with full user rights.\n (CVE-2018-8282)\n\n - A denial of service vulnerability exists when Windows\n improperly handles File Transfer Protocol (FTP)\n connections. An attacker who successfully exploited the\n vulnerability could cause a target system to stop\n responding. (CVE-2018-8206)\n\n - An information disclosure vulnerability exists when\n Microsoft Edge improperly handles objects in memory. An\n attacker who successfully exploited the vulnerability\n could obtain information to further compromise the users\n system. (CVE-2018-8289, CVE-2018-8297, CVE-2018-8324,\n CVE-2018-8325)\n\n - A security feature bypass vulnerability exists in Device\n Guard that could allow an attacker to inject malicious\n code into a Windows PowerShell session. An attacker who\n successfully exploited this vulnerability could inject\n code into a trusted PowerShell process to bypass the\n Device Guard Code Integrity policy on the local machine.\n (CVE-2018-8222)\n\n - A security feature bypass vulnerability exists when\n Microsoft Internet Explorer improperly handles requests\n involving UNC resources. An attacker who successfully\n exploited the vulnerability could force the browser to\n load data that would otherwise be restricted.\n (CVE-2018-0949)\n\n - An elevation of privilege vulnerability exists when the\n Windows kernel fails to properly handle objects in\n memory. An attacker who successfully exploited this\n vulnerability could run arbitrary code in kernel mode.\n An attacker could then install programs; view, change,\n or delete data; or create new accounts with full user\n rights. (CVE-2018-8308)\n\n - A security feature bypass vulnerability exists when\n Microsoft WordPad improperly handles embedded OLE\n objects. An attacker who successfully exploited the\n vulnerability could bypass content blocking. In a file-\n sharing attack scenario, an attacker could provide a\n specially crafted document file designed to exploit the\n vulnerability, and then convince a user to open the\n document file. The security update addresses the\n vulnerability by correcting how Microsoft WordPad\n handles input. (CVE-2018-8307)\n\n - A security feature bypass vulnerability exists in the\n Microsoft Chakra scripting engine that allows Control\n Flow Guard (CFG) to be bypassed. By itself, the CFG\n bypass vulnerability does not allow arbitrary code\n execution. However, an attacker could use the CFG bypass\n vulnerability in conjunction with another vulnerability,\n such as a remote code execution vulnerability, to run\n arbitrary code on a target system. (CVE-2018-8276)\n\n - An elevation of privilege vulnerability exists in the\n way that the Windows Kernel API enforces permissions. An\n attacker who successfully exploited the vulnerability\n could impersonate processes, interject cross-process\n communication, or interrupt system functionality.\n (CVE-2018-8313)\n\n - A remote code execution vulnerability exists in the way\n the scripting engine handles objects in memory in\n Microsoft browsers. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-8287, CVE-2018-8288, CVE-2018-8291)\n\n - A remote code execution vulnerability exists when\n Microsoft Edge improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way\n that enables an attacker to execute arbitrary code in\n the context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2018-8125,\n CVE-2018-8262, CVE-2018-8274, CVE-2018-8275,\n CVE-2018-8279, CVE-2018-8301)\n\n - A remote code execution vulnerability exists when the\n Microsoft .NET Framework fails to validate input\n properly. An attacker who successfully exploited this\n vulnerability could take control of an affected system.\n An attacker could then install programs; view, change,\n or delete data; or create new accounts with full user\n rights. Users whose accounts are configured to have\n fewer user rights on the system could be less impacted\n than users who operate with administrative user rights.\n (CVE-2018-8284)\n\n - A spoofing vulnerability exists when Microsoft Edge\n improperly handles specific HTML content. An attacker\n who successfully exploited this vulnerability could\n trick a user into believing that the user was on a\n legitimate website. The specially crafted website could\n either spoof content or serve as a pivot to chain an\n attack with other vulnerabilities in web services.\n (CVE-2018-8278)\");\n # https://support.microsoft.com/en-us/help/4338819/windows-10-update-kb4338819\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b9bfc0c9\");\n script_set_attribute(attribute:\"solution\", value:\n \"Apply Cumulative Update KB4338819.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-8284\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/07/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/07/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:edge\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS18-07\";\nkbs = make_list('4338819');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:\"17134\",\n rollup_date:\"07_2018\",\n bulletin:bulletin,\n rollup_kb_list:[4338819])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "kaspersky": [{"lastseen": "2020-09-02T11:44:13", "bulletinFamily": "info", "cvelist": ["CVE-2018-8260", "CVE-2018-8276", "CVE-2018-8275", "CVE-2018-8291", "CVE-2018-8319", "CVE-2018-8283", "CVE-2018-8280", "CVE-2018-8279", "CVE-2018-8288", "CVE-2018-8287", "CVE-2018-8202", "CVE-2018-8290", "CVE-2018-8171", "CVE-2018-8306", "CVE-2018-8232", "CVE-2018-8172", "CVE-2018-8326", "CVE-2018-8298", "CVE-2018-8356", "CVE-2018-8284", "CVE-2018-8294", "CVE-2018-8327", "CVE-2018-8286"], "description": "### *Detect date*:\n07/10/2018\n\n### *Severity*:\nWarning\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Microsoft Development Tools. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, perform cross-site scripting attacks, gain privileges and spoof user interface.\n\n### *Affected products*:\n.NET Core 2.0 \nASP.NET Core 1.1 \nASP.NET Core 1.0 \nASP.NET Core 2.0 \nASP.NET Web Pages 3.2.3 \nASP.NET MVC 5.2 \nMicrosoft Visual Studio 2015 Update 3 \nMicrosoft Visual Studio 2017 \nMicrosoft Visual Studio 2013 Update 5 \nMicrosoft Visual Studio 2010 Service Pack 1 \nMicrosoft Visual Studio 2012 Update 5 \nMicrosoft Visual Studio 2017 Version 15.7.5 \nMicrosoft Visual Studio 2017 Version 15.8 Preview \nExpression Blend 4 Service Pack 3 \nMicrosoft .NET Framework 3.5.1 \nMicrosoft .NET Framework 3.5 \nMicrosoft .NET Framework 4.5.2 \nMicrosoft .NET Framework 4.6 \nMicrosoft .NET Framework 3.0 Service Pack 2 \nMicrosoft .NET Framework 2.0 Service Pack 2 \nMicrosoft .NET Framework 4.7.2 \nMicrosoft .NET Framework 4.6/4.6.1/4.6.2 \nMicrosoft .NET Framework 4.7/4.7.1/4.7.2 \n.NET Framework 4.7.2 Developer Pack \nChakraCore \nMicrosoft Wireless Display Adapter V2 Software Version 2.0.8365 \nMicrosoft Wireless Display Adapter V2 Software Version 2.0.8372 \nMicrosoft Wireless Display Adapter V2 Software Version 2.0.8350 \nMicrosoft Research JavaScript Cryptography Library \nWeb Customizations for Active Directory Federation Services \nPowerShell Extension for Visual Studio Code \nPowerShell Editor Services \n.NET Core 1.1 \n.NET Core 1.0\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2018-8286](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8286>) \n[CVE-2018-8279](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8279>) \n[CVE-2018-8294](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8294>) \n[CVE-2018-8276](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8276>) \n[CVE-2018-8280](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8280>) \n[CVE-2018-8290](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8290>) \n[CVE-2018-8288](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8288>) \n[CVE-2018-8291](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8291>) \n[CVE-2018-8275](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8275>) \n[CVE-2018-8287](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8287>) \n[CVE-2018-8356](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8356>) \n[CVE-2018-8298](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8298>) \n[CVE-2018-8319](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8319>) \n[CVE-2018-8326](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8326>) \n[CVE-2018-8306](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8306>) \n[CVE-2018-8202](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8202>) \n[CVE-2018-8172](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8172>) \n[CVE-2018-8260](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8260>) \n[CVE-2018-8327](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8327>) \n[CVE-2018-8171](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8171>) \n[CVE-2018-8232](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8232>) \n[CVE-2018-8284](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8284>) \n[CVE-2018-8283](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8283>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft .NET Framework](<https://threats.kaspersky.com/en/product/Microsoft-.NET-Framework/>)\n\n### *CVE-IDS*:\n[CVE-2018-8286](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8286>)7.5Critical \n[CVE-2018-8279](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8279>)7.5Critical \n[CVE-2018-8294](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8294>)7.5Critical \n[CVE-2018-8276](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8276>)6.5High \n[CVE-2018-8280](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8280>)7.5Critical \n[CVE-2018-8290](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8290>)7.5Critical \n[CVE-2018-8288](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8288>)7.5Critical \n[CVE-2018-8291](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8291>)7.5Critical \n[CVE-2018-8275](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8275>)7.5Critical \n[CVE-2018-8287](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8287>)7.5Critical \n[CVE-2018-8356](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8356>)5.5High \n[CVE-2018-8298](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8298>)7.5Critical \n[CVE-2018-8319](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8319>)9.8Critical \n[CVE-2018-8326](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8326>)5.4High \n[CVE-2018-8306](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8306>)5.5High \n[CVE-2018-8202](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8202>)7.8Critical \n[CVE-2018-8172](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8172>)7.8Critical \n[CVE-2018-8260](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8260>)8.8Critical \n[CVE-2018-8327](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8327>)9.8Critical \n[CVE-2018-8171](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8171>)7.5Critical \n[CVE-2018-8232](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8232>)7.8Critical \n[CVE-2018-8284](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8284>)8.1Critical \n[CVE-2018-8283](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8283>)7.5Critical\n\n### *KB list*:\n[4338825](<http://support.microsoft.com/kb/4338825>) \n[4338814](<http://support.microsoft.com/kb/4338814>) \n[4338829](<http://support.microsoft.com/kb/4338829>) \n[4338819](<http://support.microsoft.com/kb/4338819>) \n[4338826](<http://support.microsoft.com/kb/4338826>) \n[4345421](<http://support.microsoft.com/kb/4345421>) \n[4345419](<http://support.microsoft.com/kb/4345419>) \n[4345455](<http://support.microsoft.com/kb/4345455>) \n[4345420](<http://support.microsoft.com/kb/4345420>) \n[4345418](<http://support.microsoft.com/kb/4345418>) \n[4338420](<http://support.microsoft.com/kb/4338420>) \n[4338611](<http://support.microsoft.com/kb/4338611>) \n[4338604](<http://support.microsoft.com/kb/4338604>) \n[4338415](<http://support.microsoft.com/kb/4338415>) \n[4338421](<http://support.microsoft.com/kb/4338421>) \n[4338422](<http://support.microsoft.com/kb/4338422>) \n[4338416](<http://support.microsoft.com/kb/4338416>) \n[4338601](<http://support.microsoft.com/kb/4338601>) \n[4336919](<http://support.microsoft.com/kb/4336919>) \n[4338613](<http://support.microsoft.com/kb/4338613>) \n[4338418](<http://support.microsoft.com/kb/4338418>) \n[4338424](<http://support.microsoft.com/kb/4338424>) \n[4338419](<http://support.microsoft.com/kb/4338419>) \n[4338417](<http://support.microsoft.com/kb/4338417>) \n[4339279](<http://support.microsoft.com/kb/4339279>) \n[4336986](<http://support.microsoft.com/kb/4336986>) \n[4338600](<http://support.microsoft.com/kb/4338600>) \n[4338612](<http://support.microsoft.com/kb/4338612>) \n[4336999](<http://support.microsoft.com/kb/4336999>) \n[4338606](<http://support.microsoft.com/kb/4338606>) \n[4336946](<http://support.microsoft.com/kb/4336946>) \n[4338602](<http://support.microsoft.com/kb/4338602>) \n[4338605](<http://support.microsoft.com/kb/4338605>) \n[4338423](<http://support.microsoft.com/kb/4338423>) \n[4342193](<http://support.microsoft.com/kb/4342193>) \n[4338610](<http://support.microsoft.com/kb/4338610>) \n[4342192](<http://support.microsoft.com/kb/4342192>) \n[4342191](<http://support.microsoft.com/kb/4342191>) \n[4346877](<http://support.microsoft.com/kb/4346877>) \n[4344151](<http://support.microsoft.com/kb/4344151>) \n[4344146](<http://support.microsoft.com/kb/4344146>) \n[4343909](<http://support.microsoft.com/kb/4343909>) \n[4344166](<http://support.microsoft.com/kb/4344166>) \n[4344177](<http://support.microsoft.com/kb/4344177>) \n[4344178](<http://support.microsoft.com/kb/4344178>) \n[4344147](<http://support.microsoft.com/kb/4344147>) \n[4344148](<http://support.microsoft.com/kb/4344148>) \n[4343885](<http://support.microsoft.com/kb/4343885>) \n[4344172](<http://support.microsoft.com/kb/4344172>) \n[4344144](<http://support.microsoft.com/kb/4344144>) \n[4343887](<http://support.microsoft.com/kb/4343887>) \n[4344149](<http://support.microsoft.com/kb/4344149>) \n[4344175](<http://support.microsoft.com/kb/4344175>) \n[4344165](<http://support.microsoft.com/kb/4344165>) \n[4344167](<http://support.microsoft.com/kb/4344167>) \n[4343892](<http://support.microsoft.com/kb/4343892>) \n[4344153](<http://support.microsoft.com/kb/4344153>) \n[4344150](<http://support.microsoft.com/kb/4344150>) \n[4344152](<http://support.microsoft.com/kb/4344152>) \n[4344176](<http://support.microsoft.com/kb/4344176>) \n[4344171](<http://support.microsoft.com/kb/4344171>) \n[4344173](<http://support.microsoft.com/kb/4344173>) \n[4344145](<http://support.microsoft.com/kb/4344145>) \n[4343897](<http://support.microsoft.com/kb/4343897>)\n\n### *Microsoft official advisories*:\n\n\n### *Exploitation*:\nThe following public exploits exists for this vulnerability:", "edition": 34, "modified": "2020-06-18T00:00:00", "published": "2018-07-10T00:00:00", "id": "KLA11288", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11288", "title": "\r KLA11288Multiple vulnerabilities in Microsoft Development Tools ", "type": "kaspersky", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "trendmicroblog": [{"lastseen": "2018-07-13T16:31:41", "bulletinFamily": "blog", "cvelist": ["CVE-2018-0949", "CVE-2018-8125", "CVE-2018-8171", "CVE-2018-8172", "CVE-2018-8202", "CVE-2018-8206", "CVE-2018-8222", "CVE-2018-8232", "CVE-2018-8238", "CVE-2018-8242", "CVE-2018-8260", "CVE-2018-8262", "CVE-2018-8274", "CVE-2018-8275", "CVE-2018-8276", "CVE-2018-8278", "CVE-2018-8279", "CVE-2018-8280", "CVE-2018-8281", "CVE-2018-8282", "CVE-2018-8283", "CVE-2018-8284", "CVE-2018-8286", "CVE-2018-8287", "CVE-2018-8288", "CVE-2018-8289", "CVE-2018-8290", "CVE-2018-8291", "CVE-2018-8294", "CVE-2018-8296", "CVE-2018-8297", "CVE-2018-8298", "CVE-2018-8299", "CVE-2018-8300", "CVE-2018-8301", "CVE-2018-8304", "CVE-2018-8305", "CVE-2018-8306", "CVE-2018-8307", "CVE-2018-8308", "CVE-2018-8309", "CVE-2018-8310", "CVE-2018-8311", "CVE-2018-8312", "CVE-2018-8313", "CVE-2018-8314", "CVE-2018-8319", "CVE-2018-8323", "CVE-2018-8324", "CVE-2018-8325", "CVE-2018-8326", "CVE-2018-8327", "CVE-2018-8356"], "description": "\n\nEarlier this week, I wrote a [blog](<https://blog.trendmicro.com/zero-day-initiative-a-1h2018-recap/>) covering a couple of the statistics from the Zero Day Initiative\u2019s (ZDI) first half of 2018. One of the stats that I didn\u2019t cover is the increasing focus on enterprise applications. The team is seeing consistent growth in submissions of Microsoft and Apple vulnerabilities, but now they\u2019re also seeing an increase of submissions in virtualization software vulnerabilities from the likes of VMware and Oracle. With a 33% increase in published advisories compared to 2017, the ZDI has their hands full. With more than 500 new researchers registering to participate in the program this year, the internal ZDI team is growing as well to accommodate this growth. 2018 may just be the biggest year yet for ZDI!\n\nIn case you missed it, you can read Brian Gorenc\u2019s [blog](<https://www.thezdi.com/blog/2018/7/9/checking-in-a-look-back-at-the-first-half-of-2018>) covering the detailed stats from the ZDI\u2019s first half of 2018.\n\n**Microsoft Security Updates**\n\nThis week\u2019s Digital Vaccine\u00ae (DV) package includes coverage for Microsoft updates released on or before July 10, 2018. It was another big month for Microsoft with 53 security patches covering both browsers (Internet Explorer, Edge), ChakraCore, Windows, .NET Framework, ASP.NET, PowerShell, Visual Studio, and Microsoft Office and Office Services. Of these 53 CVEs, 18 are listed as Critical, 33 are rated Important, one is rated as Moderate, and one is rated as Low in severity.\n\nFive CVEs in this month\u2019s Microsoft update came through the Zero Day Initiative:\n\n| \n\n * [CVE-2018-8242](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8242>)\n * [CVE-2018-8274](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8274>)\n * [CVE-2018-8275](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8275>)\n * [CVE-2018-8282](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8282>)\n * [CVE-2018-8307](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8307>) \n---|--- \n| \n \nThe following table maps Digital Vaccine filters to Microsoft\u2019s updates. You can get more detailed information on this month\u2019s security updates from Dustin Childs\u2019 [July 2018 Security Update Review](<https://www.zerodayinitiative.com/blog/2018/7/10/the-july-2018-security-update-review>) from the Zero Day Initiative:\n\n**CVE #** | **Digital Vaccine Filter #** | **Status** \n---|---|--- \nCVE-2018-0949 | 32494 | \nCVE-2018-8125 | 32486 | \nCVE-2018-8171 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8172 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8202 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8206 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8222 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8232 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8238 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8242 | 32487 | \nCVE-2018-8260 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8262 | 32491 | \nCVE-2018-8274 | 32492 | \nCVE-2018-8275 | 32493 | \nCVE-2018-8276 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8278 | 32358 | \nCVE-2018-8279 | 32359 | \nCVE-2018-8280 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8281 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8282 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8283 | 32361 | \nCVE-2018-8284 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8286 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8287 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8288 | 32488 | \nCVE-2018-8289 | 32490 | \nCVE-2018-8290 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8291 | 32360 | \nCVE-2018-8294 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8296 | 32478 | \nCVE-2018-8297 | 32551 | \nCVE-2018-8298 | 32479 | \nCVE-2018-8299 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8300 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8301 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8304 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8305 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8306 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8307 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8308 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8309 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8310 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8311 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8312 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8313 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8314 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8319 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8323 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8324 | 32558 | \nCVE-2018-8325 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8326 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8327 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8356 | | Vendor Deemed Reproducibility or Exploitation Unlikely \n \n \n\n**Zero-Day Filters**\n\nThere is one new zero-day filter covering one vendor in this week\u2019s Digital Vaccine (DV) package. A number of existing filters in this week\u2019s DV package were modified to update the filter description, update specific filter deployment recommendation, increase filter accuracy and/or optimize performance. You can browse the list of [published advisories](<http://www.zerodayinitiative.com/advisories/published/>) and [upcoming advisories](<http://www.zerodayinitiative.com/advisories/upcoming/>) on the [Zero Day Initiative](<http://www.zerodayinitiative.com/>) website. You can also follow the Zero Day Initiative on Twitter [@thezdi](<https://twitter.com/thezdi>) and on their [blog](<https://www.zerodayinitiative.com/blog>).\n\n**_Advantech (1)_**\n\n| \n\n * 32341: RPC: Advantech Webaccess webvrpcs Directory Traversal Vulnerability (ZDI-18-024) \n---|--- \n| \n \n**Missed Last Week\u2019s News?**\n\nCatch up on last week\u2019s news in my [weekly recap](<https://blog.trendmicro.com/zero-day-coverage-update-week-of-july-2-2018/>).\n\nThe post [Zero-Day Coverage Update \u2013 Week of July 9, 2018](<https://blog.trendmicro.com/zero-day-coverage-update-week-of-july-9-2018/>) appeared first on [](<https://blog.trendmicro.com>).", "modified": "2018-07-13T14:10:20", "published": "2018-07-13T14:10:20", "id": "TRENDMICROBLOG:D2DE4A375F3757187EBBB5A3EA061E42", "href": "https://blog.trendmicro.com/zero-day-coverage-update-week-of-july-9-2018/", "type": "trendmicroblog", "title": "Zero-Day Coverage Update \u2013 Week of July 9, 2018", "cvss": {"score": 0.0, "vector": "NONE"}}], "talosblog": [{"lastseen": "2018-08-03T09:00:12", "bulletinFamily": "blog", "cvelist": ["CVE-2018-0949", "CVE-2018-8125", "CVE-2018-8171", "CVE-2018-8172", "CVE-2018-8202", "CVE-2018-8206", "CVE-2018-8222", "CVE-2018-8238", "CVE-2018-8242", "CVE-2018-8260", "CVE-2018-8262", "CVE-2018-8274", "CVE-2018-8275", "CVE-2018-8276", "CVE-2018-8278", "CVE-2018-8279", "CVE-2018-8280", "CVE-2018-8281", "CVE-2018-8282", "CVE-2018-8283", "CVE-2018-8284", "CVE-2018-8286", "CVE-2018-8287", "CVE-2018-8288", "CVE-2018-8289", "CVE-2018-8290", "CVE-2018-8291", "CVE-2018-8294", "CVE-2018-8296", "CVE-2018-8297", "CVE-2018-8298", "CVE-2018-8299", "CVE-2018-8300", "CVE-2018-8301", "CVE-2018-8304", "CVE-2018-8305", "CVE-2018-8306", "CVE-2018-8307", "CVE-2018-8308", "CVE-2018-8309", "CVE-2018-8311", "CVE-2018-8312", "CVE-2018-8313", "CVE-2018-8314", "CVE-2018-8319", "CVE-2018-8323", "CVE-2018-8324", "CVE-2018-8325", "CVE-2018-8326", "CVE-2018-8327", "CVE-2018-8356"], "description": "Microsoft released its monthly set of security advisories today for vulnerabilities that have been identified and addressed in various products. This month's release addresses 53 new vulnerabilities, 17 of which are rated critical, 34 are rated important, one is rated moderate, and one is rated as low severity. These vulnerabilities impact Windows Operating System, Edge, Internet Explorer and more. \n \nIn addition to the 53 vulnerabilities referenced above, Microsoft has also released a critical update advisory, [ADV180017](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV180017>), which addresses the vulnerabilities described in the Adobe security bulletin [APSB18-24](<https://helpx.adobe.com/security/products/flash-player/apsb18-24.html>). \n \n\n\n## \n\n## Critical vulnerabilities\n\n \nThis month, Microsoft is addressing 17 vulnerabilities that are rated as critical: \n \n \n[CVE-2018-8242](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8242>) \\- Scripting Engine Memory Corruption Vulnerability \n[CVE-2018-8262](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8262>) \\- Microsoft Edge Memory Corruption Vulnerability \n[CVE-2018-8274](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8274>) \\- Microsoft Edge Memory Corruption Vulnerability \n[CVE-2018-8275](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8275>) \\- Scripting Engine Memory Corruption Vulnerability \n[CVE-2018-8279](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8279>) \\- Scripting Engine Memory Corruption Vulnerability \n[CVE-2018-8280](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8280>) \\- Chakra Scripting Engine Memory Corruption Vulnerability \n[CVE-2018-8283](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8283>) \\- Scripting Engine Memory Corruption Vulnerability \n[CVE-2018-8286](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8286>) \\- Chakra Scripting Engine Memory Corruption Vulnerability \n[CVE-2018-8288](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8288>) \\- Scripting Engine Memory Corruption Vulnerability \n[CVE-2018-8290](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8290>) \\- Chakra Scripting Engine Memory Corruption Vulnerability \n[CVE-2018-8291](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8291>) \\- Scripting Engine Memory Corruption Vulnerability \n[CVE-2018-8294](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8294>) \\- Chakra Scripting Engine Memory Corruption Vulnerability \n[CVE-2018-8296](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8296>) \\- Scripting Engine Memory Corruption Vulnerability \n[CVE-2018-8298](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8298>) \\- Chakra Scripting Engine Memory Corruption Vulnerability \n[CVE-2018-8301](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8301>) \\- Microsoft Edge Memory Corruption Vulnerability \n[CVE-2018-8324](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8324>) \\- Microsoft Edge Information Disclosure Vulnerability \n[CVE-2018-8327](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8327>) \\- PowerShell Editor Services Remote Code Execution Vulnerability \n \n\n\n## Important vulnerabilities\n\n \nThis month, Microsoft is addressing 34 vulnerabilities that are rated as important. \n \n \n[CVE-2018-0949](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0949>) \\- Internet Explorer Security Feature Bypass Vulnerability \n[CVE-2018-8125](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8125>) \\- Chakra Scripting Engine Memory Corruption Vulnerability \n[CVE-2018-8171](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8171>) \\- ASP.NET Core Security Feature Bypass Vulnerability \n[CVE-2018-8172](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8172>) \\- Visual Studio Remote Code Execution Vulnerability \n[CVE-2018-8202](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8202>) \\- .NET Framework Elevation of Privilege Vulnerability \n[CVE-2018-8206](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8206>) \\- Windows FTP Server Denial of Service Vulnerability \n[CVE-2018-8222](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8222>) \\- Device Guard Code Integrity Policy Security Feature Bypass Vulnerability \n[CVE-2018-8238](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8238>) \\- Skype for Business and Lync Security Feature Bypass Vulnerability \n[CVE-2018-8260](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8260>) \\- .NET Framework Remote Code Execution Vulnerability \n[CVE-2018-8276](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8276>) \\- Scripting Engine Security Feature Bypass Vulnerability \n[CVE-2018-8278](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8278>) \\- Microsoft Edge Spoofing Vulnerability \n[CVE-2018-8281](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8281>) \\- Microsoft Office Remote Code Execution Vulnerability \n[CVE-2018-8282](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8282>) \\- Win32k Elevation of Privilege Vulnerability \n[CVE-2018-8284](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8284>) \\- .NET Framework Remote Code Injection Vulnerability \n[CVE-2018-8287](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8287>) \\- Scripting Engine Memory Corruption Vulnerability \n[CVE-2018-8289](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8289>) \\- Microsoft Edge Information Disclosure Vulnerability \n[CVE-2018-8297](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8297>) \\- Microsoft Edge Information Disclosure Vulnerability \n[CVE-2018-8299](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8299>) \\- Microsoft SharePoint Elevation of Privilege Vulnerability \n[CVE-2018-8300](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8300>) \\- Microsoft SharePoint Remote Code Execution Vulnerability \n[CVE-2018-8304](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8304>) \\- Windows DNSAPI Denial of Service Vulnerability \n[CVE-2018-8305](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8305>) \\- Windows Mail Client Information Disclosure Vulnerability \n[CVE-2018-8306](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8306>) \\- Microsoft Wireless Display Adapter Command Injection Vulnerability \n[CVE-2018-8307](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8307>) \\- WordPad Security Feature Bypass Vulnerability \n[CVE-2018-8308](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8308>) \\- Windows Kernel Elevation of Privilege Vulnerability \n[CVE-2018-8309](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8309>) \\- Windows Denial of Service Vulnerability \n[CVE-2018-8311](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8311>) \\- Remote Code Execution Vulnerability in Skype For Business and Lync \n[CVE-2018-8312](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8312>) \\- Microsoft Access Remote Code Execution Use After Free Vulnerability \n[CVE-2018-8313](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8313>) \\- Windows Elevation of Privilege Vulnerability \n[CVE-2018-8314](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8314>) \\- Windows Elevation of Privilege Vulnerability \n[CVE-2018-8319](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8319>) \\- MSR JavaScript Cryptography Library Security Feature Bypass Vulnerability \n[CVE-2018-8323](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8323>) \\- Microsoft SharePoint Elevation of Privilege Vulnerability \n[CVE-2018-8325](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8325>) \\- Microsoft Edge Information Disclosure Vulnerability \n[CVE-2018-8326](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8326>) \\- Open Source Customization for Active Directory Federation Services XSS Vulnerability \n[CVE-2018-8356](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8356>) \\- .NET Framework Security Feature Bypass Vulnerability \n \n\n\n## Coverage\n\n \n \nIn response to these vulnerability disclosures, Talos is releasing the following Snort rules that detect attempts to exploit them. Please note that additional rules may be released at a future date and current rules are subject to change pending additional information. Firepower customers should use the latest update to their ruleset by updating their SRU. Open Source Snort Subscriber Rule Set customers can stay up-to-date by downloading the latest rule pack available for purchase on Snort.org. \n \nSnort Rules: \n \n47111-47112 \n47109-47110 \n47102-47103 \n47091-47092 \n47113-47114 \n47107-47108 \n47100-47101 \n47098-47099 \n47096-47097 \n \n", "modified": "2018-07-10T17:40:37", "published": "2018-07-10T10:36:00", "id": "TALOSBLOG:64097F241B66E90D3723AFE8991AFAB4", "href": "http://feedproxy.google.com/~r/feedburner/Talos/~3/dvxVeBIywlk/ms-tuesday.html", "type": "talosblog", "title": "Microsoft Patch Tuesday - July 2018", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}