ID CVE-2018-8294 Type cve Reporter cve@mitre.org Modified 2020-08-24T17:37:00
Description
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8280, CVE-2018-8286, CVE-2018-8290.
{"symantec": [{"lastseen": "2018-07-10T23:26:10", "bulletinFamily": "software", "cvelist": ["CVE-2018-8294"], "description": "### Description\n\nMicrosoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions.\n\n### Technologies Affected\n\n * Microsoft ChakraCore \n * Microsoft Edge \n\n### Recommendations\n\n**Run all software as a nonprivileged user with minimal access rights.** \nTo reduce the impact of latent vulnerabilities, always run nonadministrative software as an unprivileged user with minimal access rights.\n\n**Deploy network intrusion detection systems to monitor network traffic for malicious activity.** \nDeploy NIDS to monitor network traffic for signs of anomalous or suspicious activity. This includes but is not limited to requests that include NOP sleds and unexplained incoming and outgoing traffic. This may indicate exploit attempts or activity that results from successful exploits\n\n**Do not follow links provided by unknown or untrusted sources.** \nWeb users should be cautious about following links to sites that are provided by unfamiliar or suspicious sources. Filtering HTML from emails may help remove a possible vector for transmitting malicious links to users.\n\n**Implement multiple redundant layers of security.** \nMemory-protection schemes (such as nonexecutable stack and heap configurations and randomly mapped memory segments) will complicate exploits of memory-corruption vulnerabilities.\n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "modified": "2018-07-10T00:00:00", "published": "2018-07-10T00:00:00", "id": "SMNTC-104646", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/104646", "type": "symantec", "title": "Microsoft Edge Scripting Engine CVE-2018-8294 Remote Memory Corruption Vulnerability", "cvss": {"score": 0.0, "vector": "NONE"}}], "threatpost": [{"lastseen": "2019-06-22T05:47:15", "bulletinFamily": "info", "cvelist": ["CVE-2018-8225", "CVE-2018-8278", "CVE-2018-8280", "CVE-2018-8286", "CVE-2018-8290", "CVE-2018-8294", "CVE-2018-8304", "CVE-2018-8310", "CVE-2019-1105", "CVE-2019-11707"], "description": "UDPATE\n\nBrowser vulnerabilities took center stage in Microsoft\u2019s July Patch Tuesday security bulletin. In all, Microsoft patched 17 bugs rated critical, with ten tied to scripting engine flaws impacting Internet Explorer. In total, Microsoft is reporting 53 bugs: 17 critical, 34 rated important, one moderate and one low.\n\nThe most severe of the browser bugs reported are four Chakra scripting engine memory corruption vulnerabilities ([CVE-2018-8280](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8280>), [CVE-2018-8286](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8286>), [CVE-2018-8290](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8290>), [CVE-2018-8294](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8294>)). Each are remote code execution vulnerabilities tied to the JScript engine (Chakra), developed by Microsoft for its 32-bit version of the Internet Explorer. The bugs impact Microsoft\u2019s Edge browser, in this instance.\n\n\u201cThe 16 CVEs covering browsers should be prioritized for workstation type devices, meaning any system where users are commonly accessing the public internet through a browser or checking email. This includes multi-user servers that are used as remote desktops for users,\u201d wrote Jimmy Graham, director of product management at Qualys.\n\nFive bugs are tied to Microsoft Edge. One is a spoofing vulnerability ([CVE-2018-8278](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8278>)) that exists when Microsoft Edge improperly handles specific HTML content, which could trick users into believing that they were visiting a legitimate website. \u201cThe specially crafted website could either spoof content or serve as a pivot to chain an attack with other vulnerabilities in web services,\u201d wrote Microsoft.\n\nAnother bug ([CVE-2018-8304](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8304>)) is a Windows DNSAPI denial of service vulnerability. DNSAPI is a dynamic-link library file in Windows. In this context it contains functions used by a system\u2019s domain name system (DNS) in a client\u2019s application program interface.\n\n\u201cWhile not a severe as last month\u2019s wormable [CVE-2018-8225](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8225>), this bug could allow remote attackers to shut down a DNS server through merely a malformed DNS response. Again, that\u2019s better than code execution, but it\u2019s never good when an adversary can remotely shut down a part of your critical infrastructure,\u201d commented ZDI researchers in their [Patch Tuesday analysis](<https://www.zerodayinitiative.com/blog/2018/7/10/the-july-2018-security-update-review>).\n\nMicrosoft\u2019s Office was also patched to prevent emails from containing untrusted TrueType fonts that could be used to compromise a targeted system.\n\nThe Office tampering vulnerability (CVE-2018-8310) \u201cexists when Microsoft Outlook does not properly handle specific attachment types when rendering HTML emails. An attacker could exploit the vulnerability by sending a specially crafted email and attachment to a victim, or by hosting a malicious .eml file on a web server,\u201d [Microsoft wrote](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8310>). EML files are a file format developed by Microsoft to archive emails while at the same time preserving the original HTML formatting and header.\n\nOther Office bugs include those impacting SharePoint and Skype for Business.\n\nMicrosoft also patched a MSR JavaScript cryptography library security feature bypass vulnerability. In short, the bug allows an attacker to generate signatures that mimic the entity associated with a public/private key pair. \u201cWhile this doesn\u2019t appear to circumvent authentic public/private key pairs, it likely can be used by malware authors to make their attacks appear genuine,\u201d wrote ZDI.\n\nOn Tuesday, Adobe also tackled over 100 bugs as part of its [monthly bug zapping](<https://threatpost.com/adobe-issues-over-100-patches-for-flash-acrobat-and-reader/133832/>).\n\n_(Story was updated on 7/12/18 at 1:06 pm ET to more precisely indicate that bugs [CVE-2018-8280](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8280>), [CVE-2018-8286](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8286>), [CVE-2018-8290](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8290>), [CVE-2018-8294](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8294>) were tied to the Microsoft Edge browser and not Internet Explorer)_\n", "modified": "2018-07-10T19:50:41", "published": "2018-07-10T19:50:41", "id": "THREATPOST:E092AE04A795681857F8FAFF6C9D8DA9", "href": "https://threatpost.com/microsoft-fixes-17-critical-bugs-in-july-patch-tuesday-release/133848/", "type": "threatpost", "title": "Microsoft Fixes 17 Critical Bugs in July Patch Tuesday Release", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "thn": [{"lastseen": "2018-07-10T18:56:11", "bulletinFamily": "info", "cvelist": ["CVE-2018-8242", "CVE-2018-8262", "CVE-2018-8274", "CVE-2018-8275", "CVE-2018-8279", "CVE-2018-8280", "CVE-2018-8283", "CVE-2018-8286", "CVE-2018-8288", "CVE-2018-8290", "CVE-2018-8291", "CVE-2018-8294", "CVE-2018-8296", "CVE-2018-8298", "CVE-2018-8301", "CVE-2018-8324", "CVE-2018-8327"], "description": "[](<https://1.bp.blogspot.com/-3YDRnV5Yt50/W0T-y1h1-yI/AAAAAAAAxcw/7o-KXZj-BYgLV5sFBngpidTGPm-wIRMwgCLcBGAs/s728-e100/microsoft-patch-update.png>)\n\nIt's time to gear up your systems and software for the latest July 2018 Microsoft security patch updates. \n \nMicrosoft today [released](<https://technet.microsoft.com/en-us/security/bulletins>) security patch updates for 53 vulnerabilities, affecting Windows, Internet Explorer (IE), Edge, ChakraCore, .NET Framework, ASP.NET, PowerShell, Visual Studio, and Microsoft Office and Office Services, and Adobe Flash Player. \n \nOut of 53 vulnerabilities, 17 are rated critical, 34 important, one moderate and one as low in severity. \n\n\n \nThis month there is no critical vulnerability patched in Microsoft Windows operating system and surprisingly, none of the flaw patched by the tech giant this month is listed as publicly known or under active attack. \n \n\n\n### Critical Flaws Patched In Microsoft Products\n\n \nMost of the critical issues are memory corruption flaws in IE, Edge browser and Chakra scripting engine, which if successfully exploited, could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system in the context of the current user. \n \n\"If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights,\" Microsoft explains. \n \nOne of these critical flaws (CVE-2018-8327), reported by researchers at Casaba Security, also affects PowerShell Editor Services that could allow a remote attacker to execute malicious code on a vulnerable system. \n \nHere's below you can find a brief list of all critical vulnerabilities Microsoft has patched this month in its various products: \n\n\n * Scripting Engine Memory Corruption Vulnerability (CVE-2018-8242)\n * Edge Memory Corruption Vulnerability (CVE-2018-8262)\n * Edge Memory Corruption Vulnerability (CVE-2018-8274)\n * Scripting Engine Memory Corruption Vulnerability (CVE-2018-8275)\n * Scripting Engine Memory Corruption Vulnerability (CVE-2018-8279)\n * Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8280)\n * Scripting Engine Memory Corruption Vulnerability (CVE-2018-8283)\n * Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8286)\n * Scripting Engine Memory Corruption Vulnerability (CVE-2018-8288)\n * Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8290)\n * Scripting Engine Memory Corruption Vulnerability (CVE-2018-8291)\n * Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8294)\n * Scripting Engine Memory Corruption Vulnerability (CVE-2018-8296)\n * Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8298)\n * Microsoft Edge Memory Corruption Vulnerability (CVE-2018-8301)\n * Microsoft Edge Information Disclosure Vulnerability (CVE-2018-8324)\n * PowerShell Editor Services Remote Code Execution Vulnerability (CVE-2018-8327)\n \n\n\n### Important Patch Updates for Microsoft Products\n\n \nBesides this, Microsoft has also addressed 34 important flaws categorized as below: \n \n\n\n * Microsoft Edge\u2014Remote code execution (RCE), Information disclosure, spoofing, and security feature bypass flaws\n * Microsoft Internet Explorer (IE)\u2014 RCE and security feature bypass flaws\n * MS Office (Powerpoint, Word, Excel, Access, Lync, Skype)\u2014security feature bypass, RCE, and elevation of privilege flaws\n * Windows 10, 8.1, 7 and Server 2008, 2012, 2016\u2014Denial of Service, security feature bypass, elevation of privilege flaws\n * Microsoft .NET Framework\u2014Elevation of privilege and RCE flaws\n * Microsoft SharePoint\u2014Elevation of Privilege, and RCE flaws\n * ChakraCore\u2014RCE, and security feature bypass vulnerabilities\n * Microsoft Visual Studio\u2014RCE flaw\n * Expression Blend 4\u2014RCE flaw\n * ASP .NET\u2014security feature bypass flaws\n * Mail, Calendar, and People in Windows 8.1 App Store\u2014information disclosure flaw\n \nBesides this, Microsoft has also pushed security updates to patch vulnerabilities in Adobe products, details of which you can get through a [separate article posted](<https://thehackernews.com/2018/07/adobe-patch-update-july.html>) today. \n \nUsers are strongly advised to apply security patches as soon as possible to keep hackers and cybercriminals away from taking control of their computers. \n \nFor installing security updates, simply head on to Settings \u2192 Update & security \u2192 Windows Update \u2192 Check for updates, or you can install the updates manually. \n", "modified": "2018-07-10T18:53:22", "published": "2018-07-10T18:47:00", "id": "THN:482268607F3476C1920BBF880270C854", "href": "https://thehackernews.com/2018/07/microsoft-security-patch-update.html", "type": "thn", "title": "Microsoft Releases Patch Updates for 53 Vulnerabilities In Its Software", "cvss": {"score": 0.0, "vector": "NONE"}}], "kaspersky": [{"lastseen": "2020-09-02T11:42:03", "bulletinFamily": "info", "cvelist": ["CVE-2018-8297", "CVE-2018-8276", "CVE-2018-8275", "CVE-2018-8291", "CVE-2018-0949", "CVE-2018-8289", "CVE-2018-8280", "CVE-2018-8279", "CVE-2018-8288", "CVE-2018-8278", "CVE-2018-8287", "CVE-2018-8325", "CVE-2018-8290", "CVE-2018-8262", "CVE-2018-8296", "CVE-2018-8324", "CVE-2018-8294", "CVE-2018-8125", "CVE-2018-8301", "CVE-2018-8286", "CVE-2018-8274", "CVE-2018-8242"], "description": "### *Detect date*:\n07/10/2018\n\n### *Severity*:\nWarning\n\n### *Description*:\nMultiple serious vulnerabilities were found in Microsoft Internet Explorer and Edge. Malicious users can exploit these vulnerabilities to bypass security restrictions, spoof user interface, execute arbitrary code and obtain sensitive information.\n\n### *Affected products*:\nInternet Explorer 10 \nInternet Explorer 11 \nInternet Explorer 9 \nMicrosoft Edge\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2018-0949](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0949>) \n[CVE-2018-8278](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8278>) \n[CVE-2018-8242](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8242>) \n[CVE-2018-8286](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8286>) \n[CVE-2018-8279](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8279>) \n[CVE-2018-8324](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8324>) \n[CVE-2018-8294](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8294>) \n[CVE-2018-8296](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8296>) \n[CVE-2018-8297](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8297>) \n[CVE-2018-8262](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8262>) \n[CVE-2018-8125](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8125>) \n[CVE-2018-8276](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8276>) \n[CVE-2018-8280](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8280>) \n[CVE-2018-8290](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8290>) \n[CVE-2018-8274](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8274>) \n[CVE-2018-8325](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8325>) \n[CVE-2018-8301](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8301>) \n[CVE-2018-8289](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8289>) \n[CVE-2018-8288](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8288>) \n[CVE-2018-8291](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8291>) \n[CVE-2018-8275](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8275>) \n[CVE-2018-8287](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8287>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Internet Explorer](<https://threats.kaspersky.com/en/product/Microsoft-Internet-Explorer/>)\n\n### *CVE-IDS*:\n[CVE-2018-0949](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0949>)6.5High \n[CVE-2018-8278](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8278>)6.1High \n[CVE-2018-8242](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8242>)7.5Critical \n[CVE-2018-8286](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8286>)7.5Critical \n[CVE-2018-8279](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8279>)7.5Critical \n[CVE-2018-8324](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8324>)4.3Warning \n[CVE-2018-8294](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8294>)7.5Critical \n[CVE-2018-8296](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8296>)7.5Critical \n[CVE-2018-8297](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8297>)4.3Warning \n[CVE-2018-8262](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8262>)7.5Critical \n[CVE-2018-8125](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8125>)7.5Critical \n[CVE-2018-8276](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8276>)6.5High \n[CVE-2018-8280](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8280>)7.5Critical \n[CVE-2018-8290](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8290>)7.5Critical \n[CVE-2018-8274](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8274>)7.5Critical \n[CVE-2018-8325](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8325>)4.3Warning \n[CVE-2018-8301](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8301>)7.5Critical \n[CVE-2018-8289](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8289>)4.3Warning \n[CVE-2018-8288](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8288>)7.5Critical \n[CVE-2018-8291](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8291>)7.5Critical \n[CVE-2018-8275](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8275>)7.5Critical \n[CVE-2018-8287](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8287>)7.5Critical\n\n### *Microsoft official advisories*:\n\n\n### *KB list*:\n[4338830](<http://support.microsoft.com/kb/4338830>) \n[4338815](<http://support.microsoft.com/kb/4338815>) \n[4338825](<http://support.microsoft.com/kb/4338825>) \n[4338814](<http://support.microsoft.com/kb/4338814>) \n[4338818](<http://support.microsoft.com/kb/4338818>) \n[4338829](<http://support.microsoft.com/kb/4338829>) \n[4338819](<http://support.microsoft.com/kb/4338819>) \n[4338826](<http://support.microsoft.com/kb/4338826>) \n[4345421](<http://support.microsoft.com/kb/4345421>) \n[4345419](<http://support.microsoft.com/kb/4345419>) \n[4338816](<http://support.microsoft.com/kb/4338816>) \n[4345455](<http://support.microsoft.com/kb/4345455>) \n[4338831](<http://support.microsoft.com/kb/4338831>) \n[4345459](<http://support.microsoft.com/kb/4345459>) \n[4345420](<http://support.microsoft.com/kb/4345420>) \n[4345424](<http://support.microsoft.com/kb/4345424>) \n[4338821](<http://support.microsoft.com/kb/4338821>) \n[4345425](<http://support.microsoft.com/kb/4345425>) \n[4345418](<http://support.microsoft.com/kb/4345418>) \n[4339093](<http://support.microsoft.com/kb/4339093>)\n\n### *Exploitation*:\nThe following public exploits exists for this vulnerability:", "edition": 33, "modified": "2020-06-18T00:00:00", "published": "2018-07-10T00:00:00", "id": "KLA11290", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11290", "title": "\r KLA11290Multiple vulnerabilities in Microsoft Edge and Internet Explorer ", "type": "kaspersky", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-09-02T11:44:13", "bulletinFamily": "info", "cvelist": ["CVE-2018-8260", "CVE-2018-8276", "CVE-2018-8275", "CVE-2018-8291", "CVE-2018-8319", "CVE-2018-8283", "CVE-2018-8280", "CVE-2018-8279", "CVE-2018-8288", "CVE-2018-8287", "CVE-2018-8202", "CVE-2018-8290", "CVE-2018-8171", "CVE-2018-8306", "CVE-2018-8232", "CVE-2018-8172", "CVE-2018-8326", "CVE-2018-8298", "CVE-2018-8356", "CVE-2018-8284", "CVE-2018-8294", "CVE-2018-8327", "CVE-2018-8286"], "description": "### *Detect date*:\n07/10/2018\n\n### *Severity*:\nWarning\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Microsoft Development Tools. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, perform cross-site scripting attacks, gain privileges and spoof user interface.\n\n### *Affected products*:\n.NET Core 2.0 \nASP.NET Core 1.1 \nASP.NET Core 1.0 \nASP.NET Core 2.0 \nASP.NET Web Pages 3.2.3 \nASP.NET MVC 5.2 \nMicrosoft Visual Studio 2015 Update 3 \nMicrosoft Visual Studio 2017 \nMicrosoft Visual Studio 2013 Update 5 \nMicrosoft Visual Studio 2010 Service Pack 1 \nMicrosoft Visual Studio 2012 Update 5 \nMicrosoft Visual Studio 2017 Version 15.7.5 \nMicrosoft Visual Studio 2017 Version 15.8 Preview \nExpression Blend 4 Service Pack 3 \nMicrosoft .NET Framework 3.5.1 \nMicrosoft .NET Framework 3.5 \nMicrosoft .NET Framework 4.5.2 \nMicrosoft .NET Framework 4.6 \nMicrosoft .NET Framework 3.0 Service Pack 2 \nMicrosoft .NET Framework 2.0 Service Pack 2 \nMicrosoft .NET Framework 4.7.2 \nMicrosoft .NET Framework 4.6/4.6.1/4.6.2 \nMicrosoft .NET Framework 4.7/4.7.1/4.7.2 \n.NET Framework 4.7.2 Developer Pack \nChakraCore \nMicrosoft Wireless Display Adapter V2 Software Version 2.0.8365 \nMicrosoft Wireless Display Adapter V2 Software Version 2.0.8372 \nMicrosoft Wireless Display Adapter V2 Software Version 2.0.8350 \nMicrosoft Research JavaScript Cryptography Library \nWeb Customizations for Active Directory Federation Services \nPowerShell Extension for Visual Studio Code \nPowerShell Editor Services \n.NET Core 1.1 \n.NET Core 1.0\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2018-8286](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8286>) \n[CVE-2018-8279](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8279>) \n[CVE-2018-8294](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8294>) \n[CVE-2018-8276](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8276>) \n[CVE-2018-8280](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8280>) \n[CVE-2018-8290](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8290>) \n[CVE-2018-8288](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8288>) \n[CVE-2018-8291](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8291>) \n[CVE-2018-8275](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8275>) \n[CVE-2018-8287](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8287>) \n[CVE-2018-8356](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8356>) \n[CVE-2018-8298](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8298>) \n[CVE-2018-8319](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8319>) \n[CVE-2018-8326](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8326>) \n[CVE-2018-8306](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8306>) \n[CVE-2018-8202](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8202>) \n[CVE-2018-8172](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8172>) \n[CVE-2018-8260](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8260>) \n[CVE-2018-8327](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8327>) \n[CVE-2018-8171](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8171>) \n[CVE-2018-8232](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8232>) \n[CVE-2018-8284](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8284>) \n[CVE-2018-8283](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8283>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft .NET Framework](<https://threats.kaspersky.com/en/product/Microsoft-.NET-Framework/>)\n\n### *CVE-IDS*:\n[CVE-2018-8286](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8286>)7.5Critical \n[CVE-2018-8279](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8279>)7.5Critical \n[CVE-2018-8294](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8294>)7.5Critical \n[CVE-2018-8276](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8276>)6.5High \n[CVE-2018-8280](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8280>)7.5Critical \n[CVE-2018-8290](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8290>)7.5Critical \n[CVE-2018-8288](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8288>)7.5Critical \n[CVE-2018-8291](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8291>)7.5Critical \n[CVE-2018-8275](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8275>)7.5Critical \n[CVE-2018-8287](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8287>)7.5Critical \n[CVE-2018-8356](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8356>)5.5High \n[CVE-2018-8298](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8298>)7.5Critical \n[CVE-2018-8319](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8319>)9.8Critical \n[CVE-2018-8326](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8326>)5.4High \n[CVE-2018-8306](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8306>)5.5High \n[CVE-2018-8202](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8202>)7.8Critical \n[CVE-2018-8172](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8172>)7.8Critical \n[CVE-2018-8260](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8260>)8.8Critical \n[CVE-2018-8327](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8327>)9.8Critical \n[CVE-2018-8171](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8171>)7.5Critical \n[CVE-2018-8232](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8232>)7.8Critical \n[CVE-2018-8284](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8284>)8.1Critical \n[CVE-2018-8283](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8283>)7.5Critical\n\n### *KB list*:\n[4338825](<http://support.microsoft.com/kb/4338825>) \n[4338814](<http://support.microsoft.com/kb/4338814>) \n[4338829](<http://support.microsoft.com/kb/4338829>) \n[4338819](<http://support.microsoft.com/kb/4338819>) \n[4338826](<http://support.microsoft.com/kb/4338826>) \n[4345421](<http://support.microsoft.com/kb/4345421>) \n[4345419](<http://support.microsoft.com/kb/4345419>) \n[4345455](<http://support.microsoft.com/kb/4345455>) \n[4345420](<http://support.microsoft.com/kb/4345420>) \n[4345418](<http://support.microsoft.com/kb/4345418>) \n[4338420](<http://support.microsoft.com/kb/4338420>) \n[4338611](<http://support.microsoft.com/kb/4338611>) \n[4338604](<http://support.microsoft.com/kb/4338604>) \n[4338415](<http://support.microsoft.com/kb/4338415>) \n[4338421](<http://support.microsoft.com/kb/4338421>) \n[4338422](<http://support.microsoft.com/kb/4338422>) \n[4338416](<http://support.microsoft.com/kb/4338416>) \n[4338601](<http://support.microsoft.com/kb/4338601>) \n[4336919](<http://support.microsoft.com/kb/4336919>) \n[4338613](<http://support.microsoft.com/kb/4338613>) \n[4338418](<http://support.microsoft.com/kb/4338418>) \n[4338424](<http://support.microsoft.com/kb/4338424>) \n[4338419](<http://support.microsoft.com/kb/4338419>) \n[4338417](<http://support.microsoft.com/kb/4338417>) \n[4339279](<http://support.microsoft.com/kb/4339279>) \n[4336986](<http://support.microsoft.com/kb/4336986>) \n[4338600](<http://support.microsoft.com/kb/4338600>) \n[4338612](<http://support.microsoft.com/kb/4338612>) \n[4336999](<http://support.microsoft.com/kb/4336999>) \n[4338606](<http://support.microsoft.com/kb/4338606>) \n[4336946](<http://support.microsoft.com/kb/4336946>) \n[4338602](<http://support.microsoft.com/kb/4338602>) \n[4338605](<http://support.microsoft.com/kb/4338605>) \n[4338423](<http://support.microsoft.com/kb/4338423>) \n[4342193](<http://support.microsoft.com/kb/4342193>) \n[4338610](<http://support.microsoft.com/kb/4338610>) \n[4342192](<http://support.microsoft.com/kb/4342192>) \n[4342191](<http://support.microsoft.com/kb/4342191>) \n[4346877](<http://support.microsoft.com/kb/4346877>) \n[4344151](<http://support.microsoft.com/kb/4344151>) \n[4344146](<http://support.microsoft.com/kb/4344146>) \n[4343909](<http://support.microsoft.com/kb/4343909>) \n[4344166](<http://support.microsoft.com/kb/4344166>) \n[4344177](<http://support.microsoft.com/kb/4344177>) \n[4344178](<http://support.microsoft.com/kb/4344178>) \n[4344147](<http://support.microsoft.com/kb/4344147>) \n[4344148](<http://support.microsoft.com/kb/4344148>) \n[4343885](<http://support.microsoft.com/kb/4343885>) \n[4344172](<http://support.microsoft.com/kb/4344172>) \n[4344144](<http://support.microsoft.com/kb/4344144>) \n[4343887](<http://support.microsoft.com/kb/4343887>) \n[4344149](<http://support.microsoft.com/kb/4344149>) \n[4344175](<http://support.microsoft.com/kb/4344175>) \n[4344165](<http://support.microsoft.com/kb/4344165>) \n[4344167](<http://support.microsoft.com/kb/4344167>) \n[4343892](<http://support.microsoft.com/kb/4343892>) \n[4344153](<http://support.microsoft.com/kb/4344153>) \n[4344150](<http://support.microsoft.com/kb/4344150>) \n[4344152](<http://support.microsoft.com/kb/4344152>) \n[4344176](<http://support.microsoft.com/kb/4344176>) \n[4344171](<http://support.microsoft.com/kb/4344171>) \n[4344173](<http://support.microsoft.com/kb/4344173>) \n[4344145](<http://support.microsoft.com/kb/4344145>) \n[4343897](<http://support.microsoft.com/kb/4343897>)\n\n### *Microsoft official advisories*:\n\n\n### *Exploitation*:\nThe following public exploits exists for this vulnerability:", "edition": 34, "modified": "2020-06-18T00:00:00", "published": "2018-07-10T00:00:00", "id": "KLA11288", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11288", "title": "\r KLA11288Multiple vulnerabilities in Microsoft Development Tools ", "type": "kaspersky", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2020-06-08T23:06:06", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-8297", "CVE-2018-8260", "CVE-2018-8276", "CVE-2018-8275", "CVE-2018-8291", "CVE-2018-0949", "CVE-2018-8313", "CVE-2018-8222", "CVE-2018-8289", "CVE-2018-8280", "CVE-2018-8279", "CVE-2018-8308", "CVE-2016-7279", "CVE-2018-8288", "CVE-2018-8278", "CVE-2018-8287", "CVE-2018-8325", "CVE-2018-8307", "CVE-2018-8202", "CVE-2018-8290", "CVE-2018-8262", "CVE-2018-8296", "CVE-2018-8324", "CVE-2018-8356", "CVE-2018-8206", "CVE-2018-8309", "CVE-2018-8284", "CVE-2018-8294", "CVE-2018-8282", "CVE-2018-8125", "CVE-2018-8301", "CVE-2018-8286", "CVE-2018-8274", "CVE-2018-8242"], "description": "This host is missing a critical security\n update according to Microsoft KB4338819", "modified": "2020-06-04T00:00:00", "published": "2018-07-11T00:00:00", "id": "OPENVAS:1361412562310813647", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310813647", "type": "openvas", "title": "Microsoft Windows Multiple Vulnerabilities (KB4338819)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft Windows Multiple Vulnerabilities (KB4338819)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.813647\");\n script_version(\"2020-06-04T11:13:22+0000\");\n script_cve_id(\"CVE-2018-8282\", \"CVE-2018-8284\", \"CVE-2018-0949\", \"CVE-2018-8125\",\n \"CVE-2018-8202\", \"CVE-2018-8206\", \"CVE-2018-8222\", \"CVE-2018-8242\",\n \"CVE-2018-8260\", \"CVE-2018-8262\", \"CVE-2018-8274\", \"CVE-2018-8275\",\n \"CVE-2018-8276\", \"CVE-2018-8278\", \"CVE-2018-8279\", \"CVE-2018-8280\",\n \"CVE-2018-8286\", \"CVE-2018-8287\", \"CVE-2018-8288\", \"CVE-2018-8289\",\n \"CVE-2018-8290\", \"CVE-2018-8291\", \"CVE-2018-8294\", \"CVE-2018-8296\",\n \"CVE-2018-8297\", \"CVE-2018-8301\", \"CVE-2018-8307\", \"CVE-2018-8308\",\n \"CVE-2018-8309\", \"CVE-2018-8313\", \"CVE-2018-8324\", \"CVE-2018-8325\",\n \"CVE-2018-8356\", \"CVE-2016-7279\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-04 11:13:22 +0000 (Thu, 04 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-07-11 10:43:41 +0530 (Wed, 11 Jul 2018)\");\n script_name(\"Microsoft Windows Multiple Vulnerabilities (KB4338819)\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security\n update according to Microsoft KB4338819\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to errors,\n\n - When Windows improperly handles File Transfer Protocol (FTP) connections.\n\n - When Windows improperly handles objects in memory.\n\n - When the Windows kernel fails to properly handle objects in memory.\n\n - When Microsoft WordPad improperly handles embedded OLE objects.\n\n - When Microsoft Edge improperly accesses objects in memory.\n\n - When scripting engine improperly handles objects in memory in Microsoft\n browsers.\n\n - When Chakra scripting engine improperly handles objects in memory in\n Microsoft Edge.\n\n - When the Windows kernel-mode driver fails to properly handle objects in\n memory.\n\n - Microsoft Chakra scripting engine allows Control Flow Guard (CFG) to be\n bypassed.\n\n - When Microsoft Internet Explorer improperly handles requests involving UNC\n resources.\n\n - When Microsoft Edge improperly handles specific HTML content.\n\n - When Windows Kernel API improperly enforces permissions.\n\n - When Microsoft .NET Framework components do not correctly validate\n certificates.\n\n - A security feature bypass vulnerability exists in Device Guard.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to cause a target system to stop responding, elevate their privilege level,\n run arbitrary code, bypass security, disclose sensitive information and also\n take control of an affected system.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Windows 10 Version 1803 for 32-bit Systems\n\n - Microsoft Windows 10 Version 1803 for x64-based Systems\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/en-us/help/4338819\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(win10:1, win10x64:1) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_system32root();\nif(!sysPath ){\n exit(0);\n}\n\nedgeVer = fetch_file_version(sysPath:sysPath, file_name:\"edgehtml.dll\");\nif(!edgeVer){\n exit(0);\n}\n\nif(version_in_range(version:edgeVer, test_version:\"11.0.17134.0\", test_version2:\"11.0.17134.164\"))\n{\n report = report_fixed_ver(file_checked:sysPath + \"\\Edgehtml.dll\",\n file_version:edgeVer, vulnerable_range:\"11.0.17134.0 - 11.0.17134.164\");\n security_message(data:report);\n exit(0);\n}\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2020-08-19T05:13:12", "description": "The remote Windows host is missing security update 4338819.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An elevation of privilege vulnerability exists in .NET\n Framework which could allow an attacker to elevate their\n privilege level. (CVE-2018-8202)\n\n - A security feature bypass vulnerability exists when\n Microsoft .NET Framework components do not correctly\n validate certificates. An attacker could present expired\n certificates when challenged. The security update\n addresses the vulnerability by ensuring that .NET\n Framework components correctly validate certificates.\n (CVE-2018-8356)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-8242, CVE-2018-8296)\n\n - A Remote Code Execution vulnerability exists in .NET\n software when the software fails to check the source\n markup of a file. An attacker who successfully exploited\n the vulnerability could run arbitrary code in the\n context of the current user. If the current user is\n logged on with administrative user rights, an attacker\n could take control of the affected system. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with full user rights.\n (CVE-2018-8260)\n\n - A denial of service vulnerability exists when Windows\n improperly handles objects in memory. An attacker who\n successfully exploited the vulnerability could cause a\n target system to stop responding. (CVE-2018-8309)\n\n - A remote code execution vulnerability exists in the way\n that the Chakra scripting engine handles objects in\n memory in Microsoft Edge. The vulnerability could\n corrupt memory in such a way that an attacker could\n execute arbitrary code in the context of the current\n user. An attacker who successfully exploited the\n vulnerability could gain the same user rights as the\n current user. (CVE-2018-8280, CVE-2018-8286,\n CVE-2018-8290, CVE-2018-8294)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Windows kernel-mode driver fails to\n properly handle objects in memory. An attacker who\n successfully exploited this vulnerability could run\n arbitrary code in kernel mode. An attacker could then\n install programs; view, change, or delete data; or\n create new accounts with full user rights.\n (CVE-2018-8282)\n\n - A denial of service vulnerability exists when Windows\n improperly handles File Transfer Protocol (FTP)\n connections. An attacker who successfully exploited the\n vulnerability could cause a target system to stop\n responding. (CVE-2018-8206)\n\n - An information disclosure vulnerability exists when\n Microsoft Edge improperly handles objects in memory. An\n attacker who successfully exploited the vulnerability\n could obtain information to further compromise the users\n system. (CVE-2018-8289, CVE-2018-8297, CVE-2018-8324,\n CVE-2018-8325)\n\n - A security feature bypass vulnerability exists in Device\n Guard that could allow an attacker to inject malicious\n code into a Windows PowerShell session. An attacker who\n successfully exploited this vulnerability could inject\n code into a trusted PowerShell process to bypass the\n Device Guard Code Integrity policy on the local machine.\n (CVE-2018-8222)\n\n - A security feature bypass vulnerability exists when\n Microsoft Internet Explorer improperly handles requests\n involving UNC resources. An attacker who successfully\n exploited the vulnerability could force the browser to\n load data that would otherwise be restricted.\n (CVE-2018-0949)\n\n - An elevation of privilege vulnerability exists when the\n Windows kernel fails to properly handle objects in\n memory. An attacker who successfully exploited this\n vulnerability could run arbitrary code in kernel mode.\n An attacker could then install programs; view, change,\n or delete data; or create new accounts with full user\n rights. (CVE-2018-8308)\n\n - A security feature bypass vulnerability exists when\n Microsoft WordPad improperly handles embedded OLE\n objects. An attacker who successfully exploited the\n vulnerability could bypass content blocking. In a file-\n sharing attack scenario, an attacker could provide a\n specially crafted document file designed to exploit the\n vulnerability, and then convince a user to open the\n document file. The security update addresses the\n vulnerability by correcting how Microsoft WordPad\n handles input. (CVE-2018-8307)\n\n - A security feature bypass vulnerability exists in the\n Microsoft Chakra scripting engine that allows Control\n Flow Guard (CFG) to be bypassed. By itself, the CFG\n bypass vulnerability does not allow arbitrary code\n execution. However, an attacker could use the CFG bypass\n vulnerability in conjunction with another vulnerability,\n such as a remote code execution vulnerability, to run\n arbitrary code on a target system. (CVE-2018-8276)\n\n - An elevation of privilege vulnerability exists in the\n way that the Windows Kernel API enforces permissions. An\n attacker who successfully exploited the vulnerability\n could impersonate processes, interject cross-process\n communication, or interrupt system functionality.\n (CVE-2018-8313)\n\n - A remote code execution vulnerability exists in the way\n the scripting engine handles objects in memory in\n Microsoft browsers. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-8287, CVE-2018-8288, CVE-2018-8291)\n\n - A remote code execution vulnerability exists when\n Microsoft Edge improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way\n that enables an attacker to execute arbitrary code in\n the context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2018-8125,\n CVE-2018-8262, CVE-2018-8274, CVE-2018-8275,\n CVE-2018-8279, CVE-2018-8301)\n\n - A remote code execution vulnerability exists when the\n Microsoft .NET Framework fails to validate input\n properly. An attacker who successfully exploited this\n vulnerability could take control of an affected system.\n An attacker could then install programs; view, change,\n or delete data; or create new accounts with full user\n rights. Users whose accounts are configured to have\n fewer user rights on the system could be less impacted\n than users who operate with administrative user rights.\n (CVE-2018-8284)\n\n - A spoofing vulnerability exists when Microsoft Edge\n improperly handles specific HTML content. An attacker\n who successfully exploited this vulnerability could\n trick a user into believing that the user was on a\n legitimate website. The specially crafted website could\n either spoof content or serve as a pivot to chain an\n attack with other vulnerabilities in web services.\n (CVE-2018-8278)", "edition": 23, "cvss3": {"score": 8.1, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-07-10T00:00:00", "title": "KB4338819: Windows 10 Version 1803 and Windows Server Version 1803 July 2018 Security Update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-8297", "CVE-2018-8260", "CVE-2018-8276", "CVE-2018-8275", "CVE-2018-8291", "CVE-2018-0949", "CVE-2018-8313", "CVE-2018-8222", "CVE-2018-8289", "CVE-2018-8280", "CVE-2018-8279", "CVE-2018-8308", "CVE-2018-8288", "CVE-2018-8278", "CVE-2018-8287", "CVE-2018-8325", "CVE-2018-8307", "CVE-2018-8202", "CVE-2018-8290", "CVE-2018-8262", "CVE-2018-8296", "CVE-2018-8324", "CVE-2018-8356", "CVE-2018-8206", "CVE-2018-8309", "CVE-2018-8284", "CVE-2018-8294", "CVE-2018-8282", "CVE-2018-8125", "CVE-2018-8301", "CVE-2018-8286", "CVE-2018-8274", "CVE-2018-8242"], "modified": "2018-07-10T00:00:00", "cpe": ["cpe:/o:microsoft:windows", "cpe:/a:microsoft:edge"], "id": "SMB_NT_MS18_JUL_4338819.NASL", "href": "https://www.tenable.com/plugins/nessus/110983", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(110983);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/08/18\");\n\n script_cve_id(\n \"CVE-2018-0949\",\n \"CVE-2018-8125\",\n \"CVE-2018-8202\",\n \"CVE-2018-8206\",\n \"CVE-2018-8222\",\n \"CVE-2018-8242\",\n \"CVE-2018-8260\",\n \"CVE-2018-8262\",\n \"CVE-2018-8274\",\n \"CVE-2018-8275\",\n \"CVE-2018-8276\",\n \"CVE-2018-8278\",\n \"CVE-2018-8279\",\n \"CVE-2018-8280\",\n \"CVE-2018-8282\",\n \"CVE-2018-8284\",\n \"CVE-2018-8286\",\n \"CVE-2018-8287\",\n \"CVE-2018-8288\",\n \"CVE-2018-8289\",\n \"CVE-2018-8290\",\n \"CVE-2018-8291\",\n \"CVE-2018-8294\",\n \"CVE-2018-8296\",\n \"CVE-2018-8297\",\n \"CVE-2018-8301\",\n \"CVE-2018-8307\",\n \"CVE-2018-8308\",\n \"CVE-2018-8309\",\n \"CVE-2018-8313\",\n \"CVE-2018-8324\",\n \"CVE-2018-8325\",\n \"CVE-2018-8356\"\n );\n script_bugtraq_id(\n 104620,\n 104622,\n 104623,\n 104626,\n 104627,\n 104628,\n 104629,\n 104630,\n 104631,\n 104632,\n 104634,\n 104635,\n 104636,\n 104637,\n 104638,\n 104641,\n 104642,\n 104643,\n 104644,\n 104646,\n 104647,\n 104648,\n 104650,\n 104651,\n 104653,\n 104654,\n 104664,\n 104665,\n 104666,\n 104667,\n 104668,\n 104669,\n 104670\n );\n script_xref(name:\"MSKB\", value:\"4338819\");\n script_xref(name:\"MSFT\", value:\"MS18-4338819\");\n\n script_name(english:\"KB4338819: Windows 10 Version 1803 and Windows Server Version 1803 July 2018 Security Update\");\n script_summary(english:\"Checks for rollup.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4338819.\nIt is, therefore, affected by multiple vulnerabilities :\n\n - An elevation of privilege vulnerability exists in .NET\n Framework which could allow an attacker to elevate their\n privilege level. (CVE-2018-8202)\n\n - A security feature bypass vulnerability exists when\n Microsoft .NET Framework components do not correctly\n validate certificates. An attacker could present expired\n certificates when challenged. The security update\n addresses the vulnerability by ensuring that .NET\n Framework components correctly validate certificates.\n (CVE-2018-8356)\n\n - A remote code execution vulnerability exists in the way\n that the scripting engine handles objects in memory in\n Internet Explorer. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-8242, CVE-2018-8296)\n\n - A Remote Code Execution vulnerability exists in .NET\n software when the software fails to check the source\n markup of a file. An attacker who successfully exploited\n the vulnerability could run arbitrary code in the\n context of the current user. If the current user is\n logged on with administrative user rights, an attacker\n could take control of the affected system. An attacker\n could then install programs; view, change, or delete\n data; or create new accounts with full user rights.\n (CVE-2018-8260)\n\n - A denial of service vulnerability exists when Windows\n improperly handles objects in memory. An attacker who\n successfully exploited the vulnerability could cause a\n target system to stop responding. (CVE-2018-8309)\n\n - A remote code execution vulnerability exists in the way\n that the Chakra scripting engine handles objects in\n memory in Microsoft Edge. The vulnerability could\n corrupt memory in such a way that an attacker could\n execute arbitrary code in the context of the current\n user. An attacker who successfully exploited the\n vulnerability could gain the same user rights as the\n current user. (CVE-2018-8280, CVE-2018-8286,\n CVE-2018-8290, CVE-2018-8294)\n\n - An elevation of privilege vulnerability exists in\n Windows when the Windows kernel-mode driver fails to\n properly handle objects in memory. An attacker who\n successfully exploited this vulnerability could run\n arbitrary code in kernel mode. An attacker could then\n install programs; view, change, or delete data; or\n create new accounts with full user rights.\n (CVE-2018-8282)\n\n - A denial of service vulnerability exists when Windows\n improperly handles File Transfer Protocol (FTP)\n connections. An attacker who successfully exploited the\n vulnerability could cause a target system to stop\n responding. (CVE-2018-8206)\n\n - An information disclosure vulnerability exists when\n Microsoft Edge improperly handles objects in memory. An\n attacker who successfully exploited the vulnerability\n could obtain information to further compromise the users\n system. (CVE-2018-8289, CVE-2018-8297, CVE-2018-8324,\n CVE-2018-8325)\n\n - A security feature bypass vulnerability exists in Device\n Guard that could allow an attacker to inject malicious\n code into a Windows PowerShell session. An attacker who\n successfully exploited this vulnerability could inject\n code into a trusted PowerShell process to bypass the\n Device Guard Code Integrity policy on the local machine.\n (CVE-2018-8222)\n\n - A security feature bypass vulnerability exists when\n Microsoft Internet Explorer improperly handles requests\n involving UNC resources. An attacker who successfully\n exploited the vulnerability could force the browser to\n load data that would otherwise be restricted.\n (CVE-2018-0949)\n\n - An elevation of privilege vulnerability exists when the\n Windows kernel fails to properly handle objects in\n memory. An attacker who successfully exploited this\n vulnerability could run arbitrary code in kernel mode.\n An attacker could then install programs; view, change,\n or delete data; or create new accounts with full user\n rights. (CVE-2018-8308)\n\n - A security feature bypass vulnerability exists when\n Microsoft WordPad improperly handles embedded OLE\n objects. An attacker who successfully exploited the\n vulnerability could bypass content blocking. In a file-\n sharing attack scenario, an attacker could provide a\n specially crafted document file designed to exploit the\n vulnerability, and then convince a user to open the\n document file. The security update addresses the\n vulnerability by correcting how Microsoft WordPad\n handles input. (CVE-2018-8307)\n\n - A security feature bypass vulnerability exists in the\n Microsoft Chakra scripting engine that allows Control\n Flow Guard (CFG) to be bypassed. By itself, the CFG\n bypass vulnerability does not allow arbitrary code\n execution. However, an attacker could use the CFG bypass\n vulnerability in conjunction with another vulnerability,\n such as a remote code execution vulnerability, to run\n arbitrary code on a target system. (CVE-2018-8276)\n\n - An elevation of privilege vulnerability exists in the\n way that the Windows Kernel API enforces permissions. An\n attacker who successfully exploited the vulnerability\n could impersonate processes, interject cross-process\n communication, or interrupt system functionality.\n (CVE-2018-8313)\n\n - A remote code execution vulnerability exists in the way\n the scripting engine handles objects in memory in\n Microsoft browsers. The vulnerability could corrupt\n memory in such a way that an attacker could execute\n arbitrary code in the context of the current user. An\n attacker who successfully exploited the vulnerability\n could gain the same user rights as the current user.\n (CVE-2018-8287, CVE-2018-8288, CVE-2018-8291)\n\n - A remote code execution vulnerability exists when\n Microsoft Edge improperly accesses objects in memory.\n The vulnerability could corrupt memory in such a way\n that enables an attacker to execute arbitrary code in\n the context of the current user. An attacker who\n successfully exploited the vulnerability could gain the\n same user rights as the current user. (CVE-2018-8125,\n CVE-2018-8262, CVE-2018-8274, CVE-2018-8275,\n CVE-2018-8279, CVE-2018-8301)\n\n - A remote code execution vulnerability exists when the\n Microsoft .NET Framework fails to validate input\n properly. An attacker who successfully exploited this\n vulnerability could take control of an affected system.\n An attacker could then install programs; view, change,\n or delete data; or create new accounts with full user\n rights. Users whose accounts are configured to have\n fewer user rights on the system could be less impacted\n than users who operate with administrative user rights.\n (CVE-2018-8284)\n\n - A spoofing vulnerability exists when Microsoft Edge\n improperly handles specific HTML content. An attacker\n who successfully exploited this vulnerability could\n trick a user into believing that the user was on a\n legitimate website. The specially crafted website could\n either spoof content or serve as a pivot to chain an\n attack with other vulnerabilities in web services.\n (CVE-2018-8278)\");\n # https://support.microsoft.com/en-us/help/4338819/windows-10-update-kb4338819\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b9bfc0c9\");\n script_set_attribute(attribute:\"solution\", value:\n \"Apply Cumulative Update KB4338819.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-8284\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/07/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/07/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:edge\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS18-07\";\nkbs = make_list('4338819');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:\"17134\",\n rollup_date:\"07_2018\",\n bulletin:bulletin,\n rollup_kb_list:[4338819])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "talosblog": [{"lastseen": "2018-08-03T09:00:12", "bulletinFamily": "blog", "cvelist": ["CVE-2018-0949", "CVE-2018-8125", "CVE-2018-8171", "CVE-2018-8172", "CVE-2018-8202", "CVE-2018-8206", "CVE-2018-8222", "CVE-2018-8238", "CVE-2018-8242", "CVE-2018-8260", "CVE-2018-8262", "CVE-2018-8274", "CVE-2018-8275", "CVE-2018-8276", "CVE-2018-8278", "CVE-2018-8279", "CVE-2018-8280", "CVE-2018-8281", "CVE-2018-8282", "CVE-2018-8283", "CVE-2018-8284", "CVE-2018-8286", "CVE-2018-8287", "CVE-2018-8288", "CVE-2018-8289", "CVE-2018-8290", "CVE-2018-8291", "CVE-2018-8294", "CVE-2018-8296", "CVE-2018-8297", "CVE-2018-8298", "CVE-2018-8299", "CVE-2018-8300", "CVE-2018-8301", "CVE-2018-8304", "CVE-2018-8305", "CVE-2018-8306", "CVE-2018-8307", "CVE-2018-8308", "CVE-2018-8309", "CVE-2018-8311", "CVE-2018-8312", "CVE-2018-8313", "CVE-2018-8314", "CVE-2018-8319", "CVE-2018-8323", "CVE-2018-8324", "CVE-2018-8325", "CVE-2018-8326", "CVE-2018-8327", "CVE-2018-8356"], "description": "Microsoft released its monthly set of security advisories today for vulnerabilities that have been identified and addressed in various products. This month's release addresses 53 new vulnerabilities, 17 of which are rated critical, 34 are rated important, one is rated moderate, and one is rated as low severity. These vulnerabilities impact Windows Operating System, Edge, Internet Explorer and more. \n \nIn addition to the 53 vulnerabilities referenced above, Microsoft has also released a critical update advisory, [ADV180017](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV180017>), which addresses the vulnerabilities described in the Adobe security bulletin [APSB18-24](<https://helpx.adobe.com/security/products/flash-player/apsb18-24.html>). \n \n\n\n## \n\n## Critical vulnerabilities\n\n \nThis month, Microsoft is addressing 17 vulnerabilities that are rated as critical: \n \n \n[CVE-2018-8242](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8242>) \\- Scripting Engine Memory Corruption Vulnerability \n[CVE-2018-8262](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8262>) \\- Microsoft Edge Memory Corruption Vulnerability \n[CVE-2018-8274](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8274>) \\- Microsoft Edge Memory Corruption Vulnerability \n[CVE-2018-8275](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8275>) \\- Scripting Engine Memory Corruption Vulnerability \n[CVE-2018-8279](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8279>) \\- Scripting Engine Memory Corruption Vulnerability \n[CVE-2018-8280](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8280>) \\- Chakra Scripting Engine Memory Corruption Vulnerability \n[CVE-2018-8283](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8283>) \\- Scripting Engine Memory Corruption Vulnerability \n[CVE-2018-8286](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8286>) \\- Chakra Scripting Engine Memory Corruption Vulnerability \n[CVE-2018-8288](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8288>) \\- Scripting Engine Memory Corruption Vulnerability \n[CVE-2018-8290](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8290>) \\- Chakra Scripting Engine Memory Corruption Vulnerability \n[CVE-2018-8291](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8291>) \\- Scripting Engine Memory Corruption Vulnerability \n[CVE-2018-8294](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8294>) \\- Chakra Scripting Engine Memory Corruption Vulnerability \n[CVE-2018-8296](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8296>) \\- Scripting Engine Memory Corruption Vulnerability \n[CVE-2018-8298](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8298>) \\- Chakra Scripting Engine Memory Corruption Vulnerability \n[CVE-2018-8301](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8301>) \\- Microsoft Edge Memory Corruption Vulnerability \n[CVE-2018-8324](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8324>) \\- Microsoft Edge Information Disclosure Vulnerability \n[CVE-2018-8327](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8327>) \\- PowerShell Editor Services Remote Code Execution Vulnerability \n \n\n\n## Important vulnerabilities\n\n \nThis month, Microsoft is addressing 34 vulnerabilities that are rated as important. \n \n \n[CVE-2018-0949](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0949>) \\- Internet Explorer Security Feature Bypass Vulnerability \n[CVE-2018-8125](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8125>) \\- Chakra Scripting Engine Memory Corruption Vulnerability \n[CVE-2018-8171](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8171>) \\- ASP.NET Core Security Feature Bypass Vulnerability \n[CVE-2018-8172](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8172>) \\- Visual Studio Remote Code Execution Vulnerability \n[CVE-2018-8202](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8202>) \\- .NET Framework Elevation of Privilege Vulnerability \n[CVE-2018-8206](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8206>) \\- Windows FTP Server Denial of Service Vulnerability \n[CVE-2018-8222](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8222>) \\- Device Guard Code Integrity Policy Security Feature Bypass Vulnerability \n[CVE-2018-8238](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8238>) \\- Skype for Business and Lync Security Feature Bypass Vulnerability \n[CVE-2018-8260](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8260>) \\- .NET Framework Remote Code Execution Vulnerability \n[CVE-2018-8276](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8276>) \\- Scripting Engine Security Feature Bypass Vulnerability \n[CVE-2018-8278](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8278>) \\- Microsoft Edge Spoofing Vulnerability \n[CVE-2018-8281](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8281>) \\- Microsoft Office Remote Code Execution Vulnerability \n[CVE-2018-8282](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8282>) \\- Win32k Elevation of Privilege Vulnerability \n[CVE-2018-8284](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8284>) \\- .NET Framework Remote Code Injection Vulnerability \n[CVE-2018-8287](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8287>) \\- Scripting Engine Memory Corruption Vulnerability \n[CVE-2018-8289](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8289>) \\- Microsoft Edge Information Disclosure Vulnerability \n[CVE-2018-8297](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8297>) \\- Microsoft Edge Information Disclosure Vulnerability \n[CVE-2018-8299](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8299>) \\- Microsoft SharePoint Elevation of Privilege Vulnerability \n[CVE-2018-8300](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8300>) \\- Microsoft SharePoint Remote Code Execution Vulnerability \n[CVE-2018-8304](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8304>) \\- Windows DNSAPI Denial of Service Vulnerability \n[CVE-2018-8305](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8305>) \\- Windows Mail Client Information Disclosure Vulnerability \n[CVE-2018-8306](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8306>) \\- Microsoft Wireless Display Adapter Command Injection Vulnerability \n[CVE-2018-8307](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8307>) \\- WordPad Security Feature Bypass Vulnerability \n[CVE-2018-8308](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8308>) \\- Windows Kernel Elevation of Privilege Vulnerability \n[CVE-2018-8309](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8309>) \\- Windows Denial of Service Vulnerability \n[CVE-2018-8311](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8311>) \\- Remote Code Execution Vulnerability in Skype For Business and Lync \n[CVE-2018-8312](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8312>) \\- Microsoft Access Remote Code Execution Use After Free Vulnerability \n[CVE-2018-8313](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8313>) \\- Windows Elevation of Privilege Vulnerability \n[CVE-2018-8314](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8314>) \\- Windows Elevation of Privilege Vulnerability \n[CVE-2018-8319](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8319>) \\- MSR JavaScript Cryptography Library Security Feature Bypass Vulnerability \n[CVE-2018-8323](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8323>) \\- Microsoft SharePoint Elevation of Privilege Vulnerability \n[CVE-2018-8325](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8325>) \\- Microsoft Edge Information Disclosure Vulnerability \n[CVE-2018-8326](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8326>) \\- Open Source Customization for Active Directory Federation Services XSS Vulnerability \n[CVE-2018-8356](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8356>) \\- .NET Framework Security Feature Bypass Vulnerability \n \n\n\n## Coverage\n\n \n \nIn response to these vulnerability disclosures, Talos is releasing the following Snort rules that detect attempts to exploit them. Please note that additional rules may be released at a future date and current rules are subject to change pending additional information. Firepower customers should use the latest update to their ruleset by updating their SRU. Open Source Snort Subscriber Rule Set customers can stay up-to-date by downloading the latest rule pack available for purchase on Snort.org. \n \nSnort Rules: \n \n47111-47112 \n47109-47110 \n47102-47103 \n47091-47092 \n47113-47114 \n47107-47108 \n47100-47101 \n47098-47099 \n47096-47097 \n \n", "modified": "2018-07-10T17:40:37", "published": "2018-07-10T10:36:00", "id": "TALOSBLOG:64097F241B66E90D3723AFE8991AFAB4", "href": "http://feedproxy.google.com/~r/feedburner/Talos/~3/dvxVeBIywlk/ms-tuesday.html", "type": "talosblog", "title": "Microsoft Patch Tuesday - July 2018", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "trendmicroblog": [{"lastseen": "2018-07-13T16:31:41", "bulletinFamily": "blog", "cvelist": ["CVE-2018-0949", "CVE-2018-8125", "CVE-2018-8171", "CVE-2018-8172", "CVE-2018-8202", "CVE-2018-8206", "CVE-2018-8222", "CVE-2018-8232", "CVE-2018-8238", "CVE-2018-8242", "CVE-2018-8260", "CVE-2018-8262", "CVE-2018-8274", "CVE-2018-8275", "CVE-2018-8276", "CVE-2018-8278", "CVE-2018-8279", "CVE-2018-8280", "CVE-2018-8281", "CVE-2018-8282", "CVE-2018-8283", "CVE-2018-8284", "CVE-2018-8286", "CVE-2018-8287", "CVE-2018-8288", "CVE-2018-8289", "CVE-2018-8290", "CVE-2018-8291", "CVE-2018-8294", "CVE-2018-8296", "CVE-2018-8297", "CVE-2018-8298", "CVE-2018-8299", "CVE-2018-8300", "CVE-2018-8301", "CVE-2018-8304", "CVE-2018-8305", "CVE-2018-8306", "CVE-2018-8307", "CVE-2018-8308", "CVE-2018-8309", "CVE-2018-8310", "CVE-2018-8311", "CVE-2018-8312", "CVE-2018-8313", "CVE-2018-8314", "CVE-2018-8319", "CVE-2018-8323", "CVE-2018-8324", "CVE-2018-8325", "CVE-2018-8326", "CVE-2018-8327", "CVE-2018-8356"], "description": "\n\nEarlier this week, I wrote a [blog](<https://blog.trendmicro.com/zero-day-initiative-a-1h2018-recap/>) covering a couple of the statistics from the Zero Day Initiative\u2019s (ZDI) first half of 2018. One of the stats that I didn\u2019t cover is the increasing focus on enterprise applications. The team is seeing consistent growth in submissions of Microsoft and Apple vulnerabilities, but now they\u2019re also seeing an increase of submissions in virtualization software vulnerabilities from the likes of VMware and Oracle. With a 33% increase in published advisories compared to 2017, the ZDI has their hands full. With more than 500 new researchers registering to participate in the program this year, the internal ZDI team is growing as well to accommodate this growth. 2018 may just be the biggest year yet for ZDI!\n\nIn case you missed it, you can read Brian Gorenc\u2019s [blog](<https://www.thezdi.com/blog/2018/7/9/checking-in-a-look-back-at-the-first-half-of-2018>) covering the detailed stats from the ZDI\u2019s first half of 2018.\n\n**Microsoft Security Updates**\n\nThis week\u2019s Digital Vaccine\u00ae (DV) package includes coverage for Microsoft updates released on or before July 10, 2018. It was another big month for Microsoft with 53 security patches covering both browsers (Internet Explorer, Edge), ChakraCore, Windows, .NET Framework, ASP.NET, PowerShell, Visual Studio, and Microsoft Office and Office Services. Of these 53 CVEs, 18 are listed as Critical, 33 are rated Important, one is rated as Moderate, and one is rated as Low in severity.\n\nFive CVEs in this month\u2019s Microsoft update came through the Zero Day Initiative:\n\n| \n\n * [CVE-2018-8242](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8242>)\n * [CVE-2018-8274](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8274>)\n * [CVE-2018-8275](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8275>)\n * [CVE-2018-8282](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8282>)\n * [CVE-2018-8307](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8307>) \n---|--- \n| \n \nThe following table maps Digital Vaccine filters to Microsoft\u2019s updates. You can get more detailed information on this month\u2019s security updates from Dustin Childs\u2019 [July 2018 Security Update Review](<https://www.zerodayinitiative.com/blog/2018/7/10/the-july-2018-security-update-review>) from the Zero Day Initiative:\n\n**CVE #** | **Digital Vaccine Filter #** | **Status** \n---|---|--- \nCVE-2018-0949 | 32494 | \nCVE-2018-8125 | 32486 | \nCVE-2018-8171 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8172 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8202 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8206 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8222 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8232 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8238 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8242 | 32487 | \nCVE-2018-8260 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8262 | 32491 | \nCVE-2018-8274 | 32492 | \nCVE-2018-8275 | 32493 | \nCVE-2018-8276 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8278 | 32358 | \nCVE-2018-8279 | 32359 | \nCVE-2018-8280 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8281 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8282 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8283 | 32361 | \nCVE-2018-8284 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8286 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8287 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8288 | 32488 | \nCVE-2018-8289 | 32490 | \nCVE-2018-8290 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8291 | 32360 | \nCVE-2018-8294 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8296 | 32478 | \nCVE-2018-8297 | 32551 | \nCVE-2018-8298 | 32479 | \nCVE-2018-8299 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8300 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8301 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8304 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8305 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8306 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8307 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8308 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8309 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8310 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8311 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8312 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8313 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8314 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8319 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8323 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8324 | 32558 | \nCVE-2018-8325 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8326 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8327 | | Vendor Deemed Reproducibility or Exploitation Unlikely \nCVE-2018-8356 | | Vendor Deemed Reproducibility or Exploitation Unlikely \n \n \n\n**Zero-Day Filters**\n\nThere is one new zero-day filter covering one vendor in this week\u2019s Digital Vaccine (DV) package. A number of existing filters in this week\u2019s DV package were modified to update the filter description, update specific filter deployment recommendation, increase filter accuracy and/or optimize performance. You can browse the list of [published advisories](<http://www.zerodayinitiative.com/advisories/published/>) and [upcoming advisories](<http://www.zerodayinitiative.com/advisories/upcoming/>) on the [Zero Day Initiative](<http://www.zerodayinitiative.com/>) website. You can also follow the Zero Day Initiative on Twitter [@thezdi](<https://twitter.com/thezdi>) and on their [blog](<https://www.zerodayinitiative.com/blog>).\n\n**_Advantech (1)_**\n\n| \n\n * 32341: RPC: Advantech Webaccess webvrpcs Directory Traversal Vulnerability (ZDI-18-024) \n---|--- \n| \n \n**Missed Last Week\u2019s News?**\n\nCatch up on last week\u2019s news in my [weekly recap](<https://blog.trendmicro.com/zero-day-coverage-update-week-of-july-2-2018/>).\n\nThe post [Zero-Day Coverage Update \u2013 Week of July 9, 2018](<https://blog.trendmicro.com/zero-day-coverage-update-week-of-july-9-2018/>) appeared first on [](<https://blog.trendmicro.com>).", "modified": "2018-07-13T14:10:20", "published": "2018-07-13T14:10:20", "id": "TRENDMICROBLOG:D2DE4A375F3757187EBBB5A3EA061E42", "href": "https://blog.trendmicro.com/zero-day-coverage-update-week-of-july-9-2018/", "type": "trendmicroblog", "title": "Zero-Day Coverage Update \u2013 Week of July 9, 2018", "cvss": {"score": 0.0, "vector": "NONE"}}]}
