Today, Microsoft Security Bulletin August 2018 has released its monthly set of security advisories for vulnerabilities that have been identified and addressed in various products. This month’s advisory release addresses 60 new vulnerabilities, with 20 of them rated critical, 38 are rated Important, one is listed as Moderate and one as Low in severity. These vulnerabilities impact Microsoft Windows, Internet Explorer, Microsoft Edge, Microsoft Office, Microsoft Scripting Engine, Device Guard Code, Microsoft Exchange Server, .NET Framework, Microsoft SQL Server and Visual StudioI.
In-the-wild disclosed vulnerabilities
The update resolves two zero-day vulnerabilities found in Windows systems,
- CVE-2018-8373: This vulnerability exists in Internet Explorer’s scripting engine and could aid an attacker in executing arbitrary code in the context of the current user via malicious webpage or office document. It was revealed last month by Trend Micro. It’s rated as 2 on Microsoft’s Exploitability Index(Exploitation Less Likely) for the latest software releases, whereas, on older releases, the exploitation is detected. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website. An attacker could also embed an ActiveX control marked ‘safe for initialization’ in an application or Microsoft Office document that hosts the IE rendering engine. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.
- CVE-2018-8414: This vulnerability exists in Windows Shell when it fails to properly validate file paths. An attacker may convince a user to visit a malicious page, click a malicious link, or open a malicious attachment through which it’s possible to execute arbitrary code in the context of the current user. Microsoft has credited Matt Nelson of SpecterOps with uncovering the exploited RCE bug.
Few other criticalities
- CVE-2018-8371, CVE-2018-8371, CVE-2018-8373, CVE-2018-8385, CVE-2018-8390, CVE-2018-8353, CVE-2018-8389 : These memory corruption vulnerabilities in scripting engine may lead to arbitrary code execution.
- CVE-2018-8266, CVE-2018-8355, CVE-2018-8380, CVE-2018-8311, CVE-2018-8384 : These memory corruption vulnerabilities in chakra core may lead to arbitrary code execution
- CVE-2018-8302: This memory corruption vulnerability in Microsoft Exchange may lead to arbitrary code execution.
- CVE-2018-8273: This buffer overflow vulnerability exists in the Microsoft SQL Server that could allow remote code execution on an affected system.
- CVE-2018-8350:This memory corruption vulnerability in Microsoft Windows PDF Library may lead to remote code execution.
August 2018 patch Tuesday release consists of security updates for the following softwares:
- Microsoft Windows
- Internet Explorer
- Microsoft Edge
- Microsoft Office
- Microsoft Scripting Engine
- Device Guard Code
- Microsoft Exchange Server
- .NET Framework
- Microsoft SQL Server
- Visual Studio
Microsoft security bulletin summary for August 2018:
Product : Adobe Flash Player
CVE’s/Advisory : ADV180020
Severity : Critical
Impact : Remote Code Execution
KB’s : 4343902
Product : Internet Explorer
CVE’s/Advisory : CVE-2018-8316, CVE-2018-8351, CVE-2018-8353, CVE-2018-8355, CVE-2018-8357, CVE-2018-8371, CVE-2018-8372, CVE-2018-8373, CVE-2018-8385, CVE-2018-8389, CVE-2018-8403
Severity : Critical
Impact : Remote Code Execution, Information Disclosure, Elevation of Privilege
KB’s : 4343205, 4343885, 4343887, 4343892, 4343897, 4343898, 4343899, 4343900, 4343901, 4343909
Product : Microsoft Edge
CVE’s/Advisory : CVE-2018-8266, CVE-2018-8351, CVE-2018-8355, CVE-2018-8357, CVE-2018-8358, CVE-2018-8370, CVE-2018-8372, CVE-2018-8377, CVE-2018-8380, CVE-2018-8381, CVE-2018-8383, CVE-2018-8385, CVE-2018-8387, CVE-2018-8388, CVE-2018-8390, CVE-2018-8403
Severity : Critical
Impact : Remote Code Execution, Information Disclosure, Elevation of Privilege, Spoofing
KB’s : 4343885, 4343887, 4343892, 4343897, 4343909
Product : Microsoft Visual Studio and .NET Framework
CVE’s/Advisory : CVE-2018-0952, CVE-2018-8360
Severity : Important
Impact : Information Disclosure, Elevation of Privilege
KB’s : 4343885, 4343887, 4343892, 4343897, 4343909, 4344144, 4344145, 4344146, 4344147, 4344148, 4344149, 4344150, 4344151, 4344152, 4344153, 4344165, 4344166, 4344167, 4344171, 4344172, 4344173, 4344175, 4344176, 4344177, 4344178
Product : ChakraCore
CVE’s/Advisory : CVE-2018-8266, CVE-2018-8355, CVE-2018-8359, CVE-2018-8372, CVE-2018-8380, CVE-2018-8381, CVE-2018-8384, CVE-2018-8385, CVE-2018-8390
Severity : Critical
Impact : Remote Code Execution
Product : Microsoft Exchange Server
CVE’s/Advisory : CVE-2018-8302, CVE-2018-8374
Severity : Critical
Impact : Remote Code Execution, Tampering
KB’s : 4340731, 4340733
Product : Microsoft Office
CVE’s/Advisory : CVE-2018-8375, CVE-2018-8376, CVE-2018-8378, CVE-2018-8379, CVE-2018-8382, CVE-2018-8412
Severity : Important
Impact : Defense in Depth, Remote Code Execution, Information Disclosure, Elevation of Privilege
KB’s : 3213636, 4018310, 4018392, 4022195, 4022198, 4022234, 4022236, 4022238, 4032212, 4032213, 4032215, 4032220, 4032222, 4032223, 4032229, 4032233, 4032235, 4032239, 4032240, 4032241, 4032256, 4092433, 4092434
Product : Microsoft SQL Server
CVE’s/Advisory : CVE-2018-8273
Severity : Critical
Impact : Remote Code Execution
KB’s : 4293801, 4293802, 4293803, 4293805, 4293807, 4293808
Product : Windows
CVE’s/Advisory : CVE-2018-0952, CVE-2018-8200, CVE-2018-8204, CVE-2018-8253, CVE-2018-8339, CVE-2018-8340, CVE-2018-8341, CVE-2018-8342, CVE-2018-8343, CVE-2018-8344, CVE-2018-8345, CVE-2018-8346, CVE-2018-8347, CVE-2018-8348, CVE-2018-8349, CVE-2018-8350, CVE-2018-8394, CVE-2018-8396, CVE-2018-8397, CVE-2018-8398, CVE-2018-8399, CVE-2018-8400, CVE-2018-8401, CVE-2018-8404, CVE-2018-8405, CVE-2018-8406, CVE-2018-8414
Severity : Critical
Impact : Security Feature Bypass, Remote Code Execution, Information Disclosure, Elevation of Privilege
KB’s : 4338380, 4340937, 4340939, 4341832, 4343674, 4343885, 4343887, 4343888, 4343892, 4343896, 4343897, 4343898, 4343899, 4343900, 4343901, 4343909, 4344104
SecPod Saner detects these vulnerabilities and automatically fixes it by applying security updates. Download Saner now and keep your systems updated and secure.