Lucene search

K
myhack58佚名MYHACK58:62201892044
HistoryNov 15, 2018 - 12:00 a.m.

CNNVD about Microsoft more security vulnerability Advisory-vulnerability warning-the black bar safety net

2018-11-1500:00:00
佚名
www.myhack58.com
367

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.43 Medium

EPSS

Percentile

97.0%

Recently, the official Microsoft has released multiple security vulnerabilities in the Bulletin, including Microsoft Internet Explorer security vulnerability, CNNVD-201811-349, CVE-2018-8570, the Microsoft Word security vulnerabilities CNNVD-201811-387, CVE-2018-8539)、(CNNVD-201811-388, CVE-2018-8573 such as multiple vulnerabilities. Successful exploitation of the security vulnerabilities of the attacker can be on the target system execute arbitrary code. Microsoft multiple products and systems affected by the vulnerability. Currently, the official Microsoft has released a patch to fix the vulnerability, users are advised to promptly confirm whether or not affected by the vulnerability as soon as possible to take the repair measures.
A, vulnerability introduction
This vulnerability Bulletin relates to Microsoft Internet Explorer, Microsoft Outlook, Microsoft Word, Microsoft Excel, Microsoft Project, Microsoft JScript, Microsoft SharePoint, Microsoft PowerShell, Windows TFTP server, the Chakra Scripting Engine, Windows kernel, Microsoft Dynamics 365 and other Windows Platform applications and components. The vulnerability details are as follows:
1, the Internet Explorer security vulnerability, CNNVD-201811-349, CVE-2018-8570)
Vulnerability description:
Internet Explorer is part of the version remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory, can trigger the vulnerability. Successful exploitation of the vulnerability an attacker can obtain the current user with the same user permissions.
2, the Microsoft Outlook security vulnerabilities CNNVD-201811-376, CVE-2018-8522)、(CNNVD-201811-378, CVE-2018-8524)、(CNNVD-201811-377, CVE-2018-8576)、(CNNVD-201811-379, CVE-2018-8582)
Vulnerability description:
When the Microsoft Outlook software does not properly handle objects in memory, it will trigger the vulnerability. The attacker may be sending the target system specially crafted file, resulting in the current user permission to execute malicious code.
3, Microsoft Word, security vulnerability, CNNVD-201811-387, CVE-2018-8539)、(CNNVD-201811-388, CVE-2018-8573)
Vulnerability description:
When the Microsoft Word software does not properly handle objects in memory, it will trigger the vulnerability. The attacker must convince the user to use Microsoft Word to open a specially crafted file to exploit this vulnerability. Successful exploitation of this vulnerability an attacker can be in the current user privileges to execute malicious code.
4, the Microsoft Excel security vulnerability, CNNVD-201811-385, CVE-2018-8574)、(CNNVD-201811-386, CVE-2018-8577)
Vulnerability description:
When the Microsoft Excel software does not properly handle objects in memory, it will trigger the vulnerability. The attacker must convince the user to use Microsoft Excel to open a specially crafted file to exploit this vulnerability. Successful exploitation of this vulnerability an attacker can be in the current user privileges to execute malicious code.
5, Microsoft JScript security vulnerabilities CNNVD-201811-360, CVE-2018-8417)
Vulnerability description:
Microsoft JScript exists that could allow an attacker to bypass the Device Guard the safety function of the vulnerability, the attacker by accessing the local computer, and then run a specially crafted application in order to create any COM object.
6, Windows Search security vulnerabilities CNNVD-201811-362, CVE-2018-8450)
Vulnerability description:
If Windows Search does not properly handle objects in memory, it will trigger the vulnerability. The attacker would need to the Windows Search service to send a specially crafted message, thereby executing the malicious file.
7, Microsoft PowerShell security vulnerabilities CNNVD-201811-347, AND CVE-2018-8256)、(CNNVD-201811-358, CVE-2018-8415)
Vulnerability description:
If Microsoft PowerShell does not properly handle objects in memory, it could trigger the vulnerability. The attacker may be sending the target system specially crafted file, thereby executing the malicious file.
8, Microsoft SharePoint elevation of privilege vulnerability, CNNVD-201811-382, CVE-2018-8568)、(CNNVD-201811-383, CVE-2018-8572)
Vulnerability description:
When Microsoft SharePoint Server does not properly handle Barber to the SharePoint Server’s Web request, it will trigger the vulnerability. An authenticated attacker May through to the affected SharePoint Server to send a specially crafted request to exploit this vulnerability to execute a malicious file.
9, Microsoft Project, security vulnerabilities CNNVD-201811-371, CVE-2018-8575)
Vulnerability description:
When the Microsoft Project software does not properly handle objects in memory, it will trigger the vulnerability. An attacker could, by sending the user a specially crafted file and by convincing the user to open, thereby executing the malicious code.
10, Windows kernel information disclosure vulnerability CNNVD-201811-355, CVE-2018-8408)
Vulnerability description:
When the Windows kernel improperly handles objects in memory when triggering the vulnerability. Successful exploitation of this vulnerability an attacker can obtain the information, thereby further invasion of the user system. An authenticated attacker can run a specially crafted application to exploit this vulnerability.
11, Windows TFTP server security vulnerabilities CNNVD-201811-341, CVE-2018-8476)
Vulnerability description:
Windows deployment services TFTP server when processing objects in memory when there is a remote code execution vulnerability. An attacker can create a specially crafted request, elevated Windows permissions, thereby executing the malicious code.
12, the Chakra Scripting Engine security vulnerabilities CNNVD-201811-338, CVE-2018-8541)、(CNNVD-201811-339, CVE-2018-8542)、(CNNVD-201811-390, CVE-2018-8543)(CNNVD-201811-340, CVE-2018-8551)、(CNNVD-201811-342, CVE-2018-8555)、(CNNVD-201811-345, CVE-2018-8556)、(CNNVD-201811-346, CVE-2018-8557)、(CNNVD-201811-348, CVE-2018-8588)
Vulnerability description:
Chakra scripting engine in Microsoft Edge processing objects in memory may trigger the vulnerability. Successful exploitation of the vulnerability an attacker can obtain the current user with the same user permissions. If the current user is logged on with administrative privileges, an attacker can arbitrarily install programs, view, change, or delete data.
13, Windows privilege elevation vulnerability CNNVD-201811-373, CVE-2018-8592)
Vulnerability description:
If on a system using a physical medium USB, DVD etc setup, and during installation select“do not retain any content”option, it will trigger the Windows 10 version 1809 in elevation of privilege vulnerability. Successful exploitation of this vulnerability an attacker can be on an affected system to gain local access.
14, Microsoft Dynamics 365 version 8 security vulnerability, CNNVD-201811-396, CVE-2018-8609)
Vulnerability description:
When the Dynamics server does not correctly clean up the Web request, it will trigger the vulnerability. An authenticated attacker can send the target Dynamics server to send a specially constructed request to exploit this vulnerability, so that on the target server to execute malicious code.
Second, the fix recommends
Currently, the official Microsoft has released a patch to fix the vulnerability, users are advised to promptly confirm the vulnerability as soon as possible to take the repair measures. Official Microsoft link address is as follows:

[1] [2] next

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.43 Medium

EPSS

Percentile

97.0%