Today, Microsoft Patch Tuesday, July 2018, has finally released its monthly set of security advisories for vulnerabilities that have been identified and addressed in various products. However, This month’s advisory release addresses 53 new vulnerabilities, with 18 of them rated critical, 33 rated Important, and one is listed as Moderate in severity. Also, a vulnerability management tool can remediate these.
Moreover, these vulnerabilities impact Microsoft Windows, Internet Explorer, Microsoft Edge, Microsoft Office, Windows kernel, Microsoft Scripting Engine, Microsoft SharePoint, .NET Framework, Visual Studio, and more. Also, a patch management solution can patch these vulnerabilities.
Interesting Vulnerabilities in Microsoft Patch Tuesday, July 2018
- Windows DNSAPI Denial of Service Vulnerability: This bug (CVE-2018-8304) could allow remote attackers to therefore shut down a DNS server through merely a malformed DNS response.
- Microsoft Office Tampering Vulnerability: An attacker exploiting this vulnerability (CVE-2018-8310) could embed untrusted TrueType fonts into an email. However, the Bugs in fonts have been forerunners since 2013 and have been used in malware attacks. This bug could allow them to spread and possibly even bypass traditional filters.
- Microsoft Wireless Display Adapter Command Injection Vulnerability: This vulnerability (CVE-2018-8306) requires authentication and could cause the display to malfunction. While the bug itself isn’t that bad, the update scenario sounds taxing. Hence, the patch is a firmware update and taxing to implement.
- MSR JavaScript Cryptography Library Security Feature Bypass Vulnerability: This vulnerability (CVE-2018-8319) allows an attacker to generate signatures that mimic the entity associated with a public/private key pair. While this doesn’t appear to circumvent authentic public/private key pairs, it likely can be used by malware authors to make their attacks appear genuine.
July 2018 patch Tuesday release finally consists of security updates for the following software:
- Internet Explorer
- Microsoft Edge
- Microsoft Windows
- Microsoft Office
- ChakraCore
- Adobe Flash Player
- Microsoft Visual Studio
- PowerShell
- Skype for Business and Lync
- Microsoft SharePoint
Microsoft security bulletin summary for July 2018:
1)Product: Internet Explorer
CVE’s/Advisory : CVE-2018-0949, CVE-2018-8242, CVE-2018-8287, CVE-2018-8288, CVE-2018-8291, CVE-2018-8296
Severity : Critical
Impact : Remote Code Execution, Security Feature Bypass
KB’s : 4338814, 4338815, 4338818, 4338819, 4338825, 4338826, 4338829, 4338830, 4339093
2)Product : Microsoft Edge
CVE’s/Advisory : CVE-2018-8125, CVE-2018-8262, CVE-2018-8274, CVE-2018-8275, CVE-2018-8276, CVE-2018-8278, CVE-2018-8279, CVE-2018-8280, CVE-2018-8286, CVE-2018-8287, CVE-2018-8288, CVE-2018-8289, CVE-2018-8290, CVE-2018-8291, CVE-2018-8294, CVE-2018-8297, CVE-2018-8301, CVE-2018-8324, CVE-2018-8325
Severity : Critical
Impact : Information Disclosure, Remote Code Execution, Spoofing, Security Feature Bypass
KB’s : 4338814, 4338819, 4338825, 4338826, 4338829
3)Product : Adobe Flash Player
CVE’s/Advisory : ADV180017
Severity : Important
Impact : Remote Code Execution
KB’s : 4338832
4)Product : ChakraCore
CVE’s/Advisory : CVE-2018-8275, CVE-2018-8276, CVE-2018-8279, CVE-2018-8280, CVE-2018-8283, CVE-2018-8286, CVE-2018-8287, CVE-2018-8288, CVE-2018-8290, CVE-2018-8291, CVE-2018-8294, CVE-2018-8298
Severity : Critical
Impact : Remote Code Execution
5)Product : .Net and Visual Studio
CVE’s/Advisory : CVE-2018-8171, CVE-2018-8172, CVE-2018-8202, CVE-2018-8232, CVE-2018-8260, CVE-2018-8284, CVE-2018-8327, CVE-2018-8356
Severity : Important
Impact : Elevation of Privilege, Impact, Remote Code Execution, Security Feature Bypass, Tampering
KB’s : 4336919, 4336946, 4336986, 4336999, 4338415, 4338416, 4338417, 4338418, 4338419, 4338420, 4338421, 4338422, 4338423, 4338424, 4338600, 4338601, 4338602, 4338604, 4338605, 4338606, 4338610, 4338611, 4338612, 4338613, 4338814, 4338819, 4338825, 4338826, 4338829, 4339279
6)Product : PowerShell
CVE’s/Advisory : CVE-2018-8327
Severity : Therefore, Critical
Impact : Remote Code Execution
7)Product : Microsoft Exchange Server
CVE’s/Advisory : ADV180010
Severity : None
Impact : None
KB’s : 4295699, 4099855, 4099852
8)Product : Microsoft Office
CVE’s/Advisory : CVE-2018-8238, CVE-2018-8281, CVE-2018-8299, CVE-2018-8300, CVE-2018-8310, CVE-2018-8311, CVE-2018-8312, CVE-2018-8323
Severity : Hence, Important
Impact : Elevation of Privilege, Impact, Remote Code Execution, Security Feature Bypass, Tampering
KB’s : 4011202, 4018338, 4018351, 4022200, 4022202, 4022218, 4022221, 4022224, 4022225, 4022228, 4022235, 4022243, 4032214
9)Product: Windows
CVE’s/Advisory : ADV180016, CVE-2018-8206, CVE-2018-8222, CVE-2018-8282, CVE-2018-8304, CVE-2018-8307, CVE-2018-8308, CVE-2018-8309, CVE-2018-8313, CVE-2018-8314
Severity: Hence, Important
Impact: Denial of Service, Elevation of Privilege, Impact, Information Disclosure, Security Feature Bypass
KB’s : 4291391, 4293756, 4295656, 4338814, 4338815, 4338818, 4338819, 4338820, 4338823, 4338824, 4338825, 4338826, 4338829, 4338830, 4339291, 4339503, 4339854, 4340583
10)Product: Mail, Calendar, and People in Windows 8.1 App Store
CVE’s/Advisory: CVE-2018-8305
Severity: Therefore, Important
Impact: Information Disclosure
SecPod SanerNow detects these vulnerabilities and automatically fixes them by applying security updates. Therefore, download SanerNow and keep your systems updated and secure.