Microsoft Security Bulletin April 2018
Today, Microsoft Security Bulletin April 2018 has released its monthly set of security advisories for vulnerabilities that have been identified and addressed in various products. Also, This month’s advisory release addresses 67 new vulnerabilities and one advisory, with 24 of them rated critical, 42 are rated Important, and one is listed as Moderate in severity . However, These vulnerabilities impact Microsoft Windows, Internet Explorer, Microsoft Edge, Microsoft Office, Windows kernel, Microsoft Scripting Engine and more. A vulnerability management solution can remediate these.
The major patches are for Microsoft browsers, Chakra scripting engine, Microsoft graphics and Adobe Flash player. Also, auto patching can patch these critical vulnerabilities.
In-The-Wild and Disclosed vulnerability (CVE-2018-1034):
A privilege escalation vulnerability in SharePoint Server could allow specially crafted web requests to read unauthorized content or perform actions in the context of an authorized user. Also, Failure to properly sanitize certain web requests is the cause for this vulnerability. Microsoft has rated this as 3 on the Exploitability Index (Exploitation Unlikely). Till now there are no signs of exploitation but as some details were available openly, attackers have an edge over this and it’s advised to be patched ASAP.
The Spectre/Meltdown saga continues …
One of the most important patches rolled out this Tuesday was actually identified in March CVE-2018-1038, which is when Microsoft released an out-of-band fix for a Windows vulnerability introduced with the January Patch Tuesday update. However, If exploited, the bug could allow an authenticated attacker to install programs, access stored data or create new accounts with full user rights on Windows 7 and Server 2008 R2 machines. The top priority for anyone who has Windows 7 for x64-based Systems or Windows Server 2008 R2 for x64-based Systems, and have installed any of the service updates released during or after January 2018. Also, A patch kb4100480 should be installed immediately to be protected from this Elevation of Privilege vulnerability.
One more Spectre patch released today, KB4093112 which mitigates CVE-2017-5715 for Windows 10 version 1709 systems running on AMD processors. Also, Aapplying this update will only protect against some attack scenarios. However, To prevent a malicious application run in user mode from being able to disclose the contents of kernel memory (user-to-kernel), the Indirect Branch Prediction Barrier must be enabled by adding certain registry keys and restarting. Moreover, This may negatively impact system performance, which is why it is not automatically enabled. Also, Process-to-process and virtualized guest-to-host mitigations enabled by default.
The one with the script …
The usual crop of scripting engine bugs patched for Edge and Internet Explorer. The two browsers combined for 10 memory corruption and remote code execution scripting vulnerabilities, while Internet Explorer also saw fixes for four additional CVE-2018-0870, CVE-2018-0991, CVE-2018-1018, CVE-2018-1020 memory corruption vulnerabilities.
The usual suspect …
Update for Flash Player that patches three remote code execution vulnerabilities and three information disclosure flaws. These needs to be patched RIGHT NOW!
Bug box office …
Microsoft Office, meanwhile, is getting fixes for a number of nasty bugs, including remote code execution flaws in VBScript CVE-2018-1004, Excel CVE-2018-0920, and an information disclosure bug in apps that handle .RTF files CVE-2018-0950.
April 2018 patch Tuesday release consists of security updates for the following softwares:
- Internet Explorer
- Microsoft Edge
- Microsoft Windows
- Microsoft Office and Microsoft Office Services and Web Apps
- ChakraCore
- Adobe Flash Player
- Microsoft Visual Studio
Microsoft security bulletin summary for April 2018:
- Product : Internet Explorer
CVE’s/Advisory : CVE-2018-0870, CVE-2018-0981, CVE-2018-0987, CVE-2018-0988, CVE-2018-0989, CVE-2018-0991, CVE-2018-0996, CVE-2018-0997, CVE-2018-1000, CVE-2018-1001, CVE-2018-1004, CVE-2018-1018, CVE-2018-1020, CVE-2018-8118
Severity : Critical
Impact : Information disclosure and then Remote Code Execution
KB’s : 4088776, 4088779, 4088782, 4088786, 4088787, 4088875, 4088876, 4088877, 4089187, 4092946, 4093107, 4093109, 4093111, 4093112, 4093114, 4093118, 4093119, 4093123
2. Product : Microsoft Edge
CVE’s/Advisory : CVE-2018-0892, CVE-2018-0979, CVE-2018-0980, CVE-2018-0990, CVE-2018-0993, CVE-2018-0994, CVE-2018-0995, CVE-2018-0998, CVE-2018-1019, CVE-2018-1023
Severity : Critical
Impact : Information disclosure and then Remote Code Execution
KB’s : 4093107, 4093109, 4093111, 4093112, 4093119
3. Product : Microsoft Windows
CVE’s/Advisory : CVE-2018-0887, CVE-2018-0890, CVE-2018-0956, CVE-2018-0957, CVE-2018-0960, CVE-2018-0963, CVE-2018-0964, CVE-2018-0966, CVE-2018-0967, CVE-2018-0968, CVE-2018-0969, CVE-2018-0970, CVE-2018-0971, CVE-2018-0972, CVE-2018-0973, CVE-2018-0974, CVE-2018-0975, CVE-2018-0976, CVE-2018-1003, CVE-2018-1004, CVE-2018-1008, CVE-2018-1009, CVE-2018-1010, CVE-2018-1012, CVE-2018-1013, CVE-2018-1015, CVE-2018-1016, CVE-2018-8116
Severity : Critical
Impact : Denial of Service, Elevation of Privilege, Impact, Information Disclosure, Remote Code Execution and then Security Feature Bypass
KB’s : 4093107, 4093108, 4093109, 4093111, 4093112, 4093114, 4093115, 4093118, 4093119
More on Microsoft security bulletin summary for April 2018:
4. Product : Microsoft Office and Microsoft Office Services and Web Apps
CVE’s/Advisory : CVE-2018-0870, CVE-2018-0892, CVE-2018-0920, CVE-2018-0950, CVE-2018-0979, CVE-2018-0980, CVE-2018-0981, CVE-2018-0987, CVE-2018-0988, CVE-2018-0989, CVE-2018-0990, CVE-2018-0991, CVE-2018-0993, CVE-2018-0994, CVE-2018-0995, CVE-2018-0996, CVE-2018-0997, CVE-2018-0998, CVE-2018-1000, CVE-2018-1001, CVE-2018-1004, CVE-2018-1005, CVE-2018-1007, CVE-2018-1011, CVE-2018-1014, CVE-2018-1018, CVE-2018-1019, CVE-2018-1020, CVE-2018-1023, CVE-2018-1026, CVE-2018-1027, CVE-2018-1028, CVE-2018-1029, CVE-2018-1030, CVE-2018-1032, CVE-2018-1034
Severity : Critical
Impact : Elevation of Privilege, Impact, Information Disclosure and then Remote Code Execution
KB’s : 4011586, 4011628, 4011712, 4011717, 4011719, 4018288, 4018311, 4018319, 4018328, 4018330, 4018336, 4018337, 4018339, 4018341, 4018342, 4018343, 4018344, 4018347, 4018350, 4018353, 4018354, 4018355, 4018356, 4018357, 4018359, 4018360, 4018362, 4092946, 4093107, 4093109, 4093111, 4093112, 4093114, 4093118, 4093119, 4093123
5. Product : ChakraCore
CVE’s/Advisory : CVE-2018-0979, CVE-2018-0980, CVE-2018-0990, CVE-2018-0993, CVE-2018-0994, CVE-2018-0995, CVE-2018-1019, CVE-2018-1023
Severity : Critical
Impact : Remote Code Execution
6. Product : Adobe Flash Player
CVE’s/Advisory : ADV180007
Severity : Critical
Impact : Remote Code Execution
KB’s : 4093110
7. Product : Microsoft Visual Studio
CVE’s/Advisory : CVE-2018-1037
Severity : Important
Impact : Information Disclosure
KB’s : 4091346, 4089283, 4089501, 4087371
SecPod Saner detects these vulnerabilities and automatically fixes it by applying security updates. Download Saner now and keep your systems updated and secure.