Learn Search

Search across all Learn content

← Back to Security Research
Patch Tuesday: Microsoft and Adobe Security Bulletin Summary for May 2018

Patch Tuesday: Microsoft and Adobe Security Bulletin Summary for May 2018

May 8, 2018By Rajat Mishra5 min read

Today, Microsoft and Adobe have released their monthly set of security advisories for vulnerabilities that have been identified and addressed in various products. This month’s advisory release addresses 72 new vulnerabilities and one advisory, with 22 of them rated critical, 48 are rated Important, 2 are listed as Low in severity and 3 are under active attack. These vulnerabilities impact Windows, Office, Internet Explorer, Edge, Visual Studio, Web Apps, ChakraCore, Hyper-V Server, Adobe Flash, Adobe Connect, Adobe Creative cloud and Azure IoT SDK. The major patch is for Windows 10 VBScript engine which can be triggered when a victim visits a malicious website.

In-The-Wild and Disclosed vulnerabilities

CVE-2018-8174: A vulnerability in VBScript could allow attackers to execute code in the context of the logged in user. This vulnerability could be exploited via certain web browsers or Microsoft Office documents. Microsoft has reported active exploitation of this vulnerability. According to Microsoft, the security hole exists due to the way the VBScript engine handles objects in memory. The weakness can be exploited through Internet Explorer by getting the targeted user to visit a malicious website (including via malvertising) or by embedding an ActiveX control marked “safe for initialization” in an application or an office document that hosts the Internet Explorer rendering engine. This technique, until fixed, allowed criminals to force Internet Explorer to load, no matter which browser one normally used – further increasing an already huge attack surface.

CVE-2018-8170: A privilege escalation vulnerability affecting Windows 10 versions 1703 and 1709 as well as Windows Server, version 1709 has been publicly disclosed. A malicious application could take advantage of a flaw in the way the Windows kernel image handles objects in memory in order to execute code with higher privileges.

CVE-2018-8141: According to Microsoft, this vulnerability only impacts Windows 10 Version 1709 and Windows Server, version 1709 and could lead to information disclosure. While this vulnerability alone will not allow for system compromise, it could provide useful information that would further enable compromise.

CVE-2018-8120: This privilege escalation vulnerability affecting Win32k could allow an attacker to execute code in kernel mode. According to Microsoft, the newest OS releases aren’t affected but this is being actively exploited on Windows 7, Windows Server 2008, and Windows Server 2008 R2. An attacker could then install programs; view, change or delete data; or create new accounts with full user rights.

These updates also includes Adobe Flash player, Internet Explorer 11, Microsoft Edge, ChakraCore, Windows Server 2008 R2 for x64-based Systems Service Pack 1, Windows Server 2012 R2 (Server Core installation), Windows Server 2008 for x64-based Systems Service Pack 2, Creative Cloud Desktop Application, Windows 8.1 for x64-based systems and Windows Server 2012 which deal with the critical Remote Code Execution vulnerability.

May 2018 Patch Tuesday release consists of security updates for the following softwares:

  • Internet Explorer
  • Microsoft Edge
  • Microsoft Windows
  • Microsoft Office and Microsoft Office Services and Web Apps
  • ChakraCore
  • Adobe Flash Player
  • Microsoft Exchange Server
  • Creative Cloud Desktop Application
  • Adobe Connect

Microsoft security bulletin summary for May 2018:

Product : Internet ExplorerCVE’s/Advisory : CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-1025, CVE-2018-8114, CVE-2018-8122, CVE-2018-8126, CVE-2018-8145, CVE-2018-8178Severity : CriticalImpact : Information Disclosure, Remote Code Execution, Security Feature BypassKB’s : 4103716, 4103718, 4103721, 4103723, 4103725, 4103727, 4103730, 4103731, 4103768

Product : Microsoft EdgeCVE’s/Advisory : CVE-2018-0943, CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-1021, CVE-2018-1022, CVE-2018-1025, CVE-2018-8112, CVE-2018-8123, CVE-2018-8128, CVE-2018-8130, CVE-2018-8133, CVE-2018-8137, CVE-2018-8139, CVE-2018-8145, CVE-2018-8178, CVE-2018-8179Severity : CriticalImpact : Information Disclosure, Remote Code Execution, Security Feature BypassKB’s : 4103716, 4103721, 4103723, 4103727, 4103731

Product : Microsoft WindowsCVE’s/Advisory : CVE-2018-0824, CVE-2018-0854, CVE-2018-0958, CVE-2018-0959, CVE-2018-0961, CVE-2018-1035, CVE-2018-8120, CVE-2018-8124, CVE-2018-8127, CVE-2018-8129, CVE-2018-8132, CVE-2018-8134, CVE-2018-8136, CVE-2018-8141, CVE-2018-8142, CVE-2018-8164, CVE-2018-8165, CVE-2018-8166, CVE-2018-8167, CVE-2018-8170, CVE-2018-8174, CVE-2018-8897Severity : CriticalImpact : Elevation of Privilege, Information Disclosure, Remote Code Execution, Security Feature BypassKB’s : 4093107, 4093112, 4093119, 4094079, 4101477, 4103712, 4103715, 4103716, 4103718, 4103721, 4103723, 4103725, 4103726, 4103727, 4103730, 4103731, 4130944, 4131188, 4134651

Product : Microsoft Office and Microsoft Office Services and Web AppsCVE’s/Advisory : CVE-2018-8147, CVE-2018-8148, CVE-2018-8149, CVE-2018-8150, CVE-2018-8155, CVE-2018-8156, CVE-2018-8157, CVE-2018-8158, CVE-2018-8160, CVE-2018-8161, CVE-2018-8162, CVE-2018-8163, CVE-2018-8168, CVE-2018-8173Severity : ImportantImpact : Elevation of Privilege, Information Disclosure, Remote Code Execution, Security Feature BypassKB’s : 2899590, 3114889, 3162075, 3172436, 4018308, 4018327, 4018381, 4018382, 4018383, 4018388, 4018390, 4018393, 4018396, 4018398, 4018399, 4022130, 4022135, 4022137, 4022139, 4022141, 4022142, 4022145, 4022146, 4022150

Product : ChakraCoreCVE’s/Advisory : CVE-2018-0943, CVE-2018-0945, CVE-2018-0946, CVE-2018-0953, CVE-2018-0954, CVE-2018-1022, CVE-2018-8128, CVE-2018-8130, CVE-2018-8133, CVE-2018-8137, CVE-2018-8139, CVE-2018-8145, CVE-2018-8177, CVE-2018-8178Severity : CriticalImpact : Information Disclosure, Remote Code Execution

Product : Adobe Flash PlayerCVE’s/Advisory : ADV180008Severity : CriticalImpact : Remote Code ExecutionKB’s : 4103729

Product : Microsoft Exchange ServerCVE’s/Advisory : CVE-2018-8151, CVE-2018-8152, CVE-2018-8153, CVE-2018-8154, CVE-2018-8159Severity : CriticalImpact : Elevation of Privilege, Information Disclosure, Remote Code Execution, SpoofingKB’s : 4091243, 4092041

Product : Creative Cloud Desktop ApplicationCVE’s/Advisory : CVE-2018-4992, CVE-2018-4991, CVE-2018-4873Severity : CriticalImpact : Privilege Escalation, Security bypass, Privilege Escalation

Product : Adobe ConnectCVE’s/Advisory : CVE-2018-4994Severity : ImportantImpact : Sensitive Information disclosure

SecPod Saner detects these vulnerabilities and automatically fixes it by applying security updates. Download Saner now and keep your systems updated and secure.

Patch Tuesday: Microsoft and Adobe Security Bulletin Summary for May 2 | SecPod