Microsoft Patch Tuesday – August 2018

Microsoft have releated the August patches on Tuesday 14th August 2018.  The following is a breakdown of the issues being addressed this month’s “patch tuesday” :

Cumulative Security Update for Microsoft Browsers

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8266) MS Rating: Critical

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

Scripting Engine Memory Corruption Vulnerability (CVE-2018-8371) MS Rating: Critical

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

Scripting Engine Memory Corruption Vulnerability (CVE-2018-8372) MS Rating: Critical

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

Scripting Engine Memory Corruption Vulnerability (CVE-2018-8373) MS Rating: Critical

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8355) MS Rating: Critical

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

Scripting Engine Information Disclosure Vulnerability (CVE-2018-8359) MS Rating: Critical

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8380) MS Rating: Critical

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8381) MS Rating: Critical

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8384) MS Rating: Critical

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

Scripting Engine Memory Corruption Vulnerability (CVE-2018-8385) MS Rating: Critical

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

Microsoft Edge Memory Corruption Vulnerability (CVE-2018-8387) MS Rating: Critical

A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. This vulnerability may corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

Scripting Engine Memory Corruption Vulnerability (CVE-2018-8390) MS Rating: Critical

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

Microsoft Browser Memory Corruption Vulnerability (CVE-2018-8403) MS Rating: Critical

A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

Microsoft Edge Memory Corruption Vulnerability (CVE-2018-8377) MS Rating: Critical

A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. This vulnerability may corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

Internet Explorer Remote Code Execution Vulnerability (CVE-2018-8316) MS Rating: Important

A remote code execution vulnerability exists when Internet Explorer improperly validates hyperlinks before loading executable libraries. An attacker who successfully exploited this vulnerability could take control of an affected system. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

Microsoft Edge Information Disclosure Vulnerability (CVE-2018-8351) MS Rating: Important

An information disclosure vulnerability exists when the Microsoft Edge Fetch API incorrectly handles a filtered response type. An attacker could use the vulnerability to read the URL of a cross-origin request. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

Scripting Engine Memory Corruption Vulnerability (CVE-2018-8353) MS Rating: Important

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

Internet Explorer Privilege Escalation Vulnerability (CVE-2018-8357) MS Rating: Important

A privilege escalation vulnerability exists in Microsoft browsers allowing sandbox escape. An attacker who successfully exploited the vulnerability could use the sandbox escape to elevate privileges on an affected system. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

Microsoft Edge Information Disclosure Vulnerability (CVE-2018-8358) MS Rating: Important

A security bypass vulnerability exists when Microsoft browsers improperly handle redirect requests. The vulnerability allows Microsoft browsers to bypass CORS redirect restrictions, and to follow redirect requests that should otherwise be ignored. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

Microsoft Edge Information Disclosure Vulnerability (CVE-2018-8370) MS Rating: Important

A information disclosure vulnerability exists when WebAudio Library improperly handles audio requests. An attacker who has successfully exploited this vulnerability might be able to read privileged data across trust boundaries. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

Microsoft Edge Spoofing Vulnerability (CVE-2018-8383) MS Rating: Important

A spoofing vulnerability exists when Microsoft Edge does not properly parse HTTP content. An attacker who successfully exploited this vulnerability could trick a user by redirecting the user to a specially crafted website. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

Microsoft Edge Privilege Escalation Vulnerability (CVE-2018-8388) MS Rating: Low

A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content. An attacker who successfully exploited this vulnerability could trick a user into believing that the user was on a legitimate website. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

Scripting Engine Memory Corruption Vulnerability (CVE-2018-8389) MS Rating: Important

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.

Cumulative Security Update for Microsoft Office

Microsoft Exchange Memory Corruption Vulnerability (CVE-2018-8302) MS Rating: Critical

A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the System user.

Microsoft Excel Remote Code Execution Vulnerability (CVE-2018-8375) MS Rating: Important

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.

Microsoft PowerPoint Remote Code Execution Vulnerability (CVE-2018-8376) MS Rating: Important

A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.

Microsoft Office Information Disclosure Vulnerability (CVE-2018-8378) MS Rating: Important

An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory. An attacker who successfully exploited the vulnerability could view out of bound memory.

Microsoft Excel Remote Code Execution Vulnerability (CVE-2018-8379) MS Rating: Important

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.

Microsoft Excel Information Disclosure Vulnerability (CVE-2018-8382) MS Rating: Important

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the user’s computer or data.

Microsoft Exchange Server Tampering Vulnerability (CVE-2018-8374) MS Rating: Moderate

A tampering vulnerability exists when Microsoft Exchange Server fails to properly handle profile data. An attacker who successfully exploited this vulnerability could modify a targeted user’s profile data.

Cumulative Security Update for Microsoft .NET Framework.

NET Framework Information Disclosure Vulnerability (CVE-2018-8360) MS Rating: Important

An information disclosure vulnerability exists in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments. This issue may cause when .NET Framework is used in high-load/high-density network connections where content from one stream can blend into another stream.




Cumulative Security Update for Microsoft Windows Kernel

Windows Kernel Privilege Escalation Vulnerability (CVE-2018-8347) MS Rating: Important

A privilege escalation vulnerability exists in Microsoft Windows when the Windows kernel fails to properly handle parsing of certain symbolic links. An attacker who successfully exploited this vulnerability could potentially access privileged registry keys and thereby elevate permissions.

Windows Kernel Information Disclosure Vulnerability (CVE-2018-8348) MS Rating: Important

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.

Win32k Privilege Escalation Vulnerability (CVE-2018-8399) MS Rating: Important

A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

Win32k Privilege Escalation Vulnerability (CVE-2018-8404) MS Rating: Important

A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

Cumulative Security Update for Microsoft Windows

Microsoft SQL Server Remote Code Execution Vulnerability (CVE-2018-8273) MS Rating: Critical

A buffer overflow vulnerability exists in the Microsoft SQL Server that could allow remote code execution on an affected system. An attacker who successfully exploited this vulnerability could execute code in the context of the SQL Server Database Engine service account.

Microsoft Graphics Remote Code Execution Vulnerability (CVE-2018-8344) MS Rating: Critical

A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system.

LNK Remote Code Execution Vulnerability (CVE-2018-8345) MS Rating: Critical

A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a ‘.LNK’ file is processed. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user.

Windows PDF Remote Code Execution Vulnerability (CVE-2018-8350) MS Rating: Critical

A remote code execution vulnerability exists when Microsoft Windows PDF Library improperly handles objects in memory. The vulnerability could corrupt memory in a way that enables an attacker to execute arbitrary code in the context of the current user.

GDI+ Remote Code Execution Vulnerability (CVE-2018-8397) MS Rating: Critical

A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system.

Diagnostic Hub Standard Collector Privilege Escalation Vulnerability (CVE-2018-0952) MS Rating: Important

A privilege escalation vulnerability exists when Diagnostics Hub Standard Collector allows file creation in arbitrary locations. To exploit the vulnerability, an attacker would first have to log on to the system.

Cortana Privilege Escalation Vulnerability (CVE-2018-8253) MS Rating: Important

A privilege escalation vulnerability exists when Cortana allows arbitrary website browsing on the lockscreen. An attacker who successfully exploited the vulnerability could steal browser stored passwords or log on to websites as another user.

Windows Installer Privilege Escalation Vulnerability (CVE-2018-8339) MS Rating: Important

A privilege escalation vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior. A locally authenticated attacker could run arbitrary code with elevated system privileges.

ADFS Security Bypass Vulnerability (CVE-2018-8340) MS Rating: Important

A security bypass vulnerability exists when Active Directory Federation Services (AD FS) improperly handles multi-factor authentication requests. To exploit this vulnerability, an attacker could send a specially crafted authentication request.

Windows Kernel Information Disclosure Vulnerability (CVE-2018-8341) MS Rating: Important

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.

Windows NDIS Privilege Escalation Vulnerability (CVE-2018-8342) MS Rating: Important

A privilege escalation vulnerability exists in the Network Driver Interface Specification (NDIS) when ‘ndis.sys’ fails to check the length of a buffer prior to copying memory to it.

Windows NDIS Privilege Escalation Vulnerability (CVE-2018-8343) MS Rating: Important

A privilege escalation vulnerability exists in the Network Driver Interface Specification (NDIS) when ‘ndis.sys’ fails to check the length of a buffer prior to copying memory to it.

LNK Remote Code Execution Vulnerability (CVE-2018-8346) MS Rating: Important

A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a ‘.LNK’ file is processed. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user.

Microsoft COM for Windows Remote Code Execution Vulnerability (CVE-2018-8349) MS Rating: Important

A remote code execution vulnerability exists in Microsoft COM for Windows when it fails to properly handle serialized objects. An attacker who successfully exploited the vulnerability could use a specially crafted file or script to perform actions.

Windows GDI Information Disclosure Vulnerability (CVE-2018-8394) MS Rating: Important

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.

Windows GDI Information Disclosure Vulnerability (CVE-2018-8396) MS Rating: Important

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.

Windows GDI Information Disclosure Vulnerability (CVE-2018-8398) MS Rating: Important

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.

DirectX Graphics Kernel Privilege Escalation Vulnerability (CVE-2018-8400) MS Rating: Important

A privilege escalation vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

DirectX Graphics Kernel Privilege Escalation Vulnerability (CVE-2018-8401) MS Rating: Important

A privilege escalation vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

DirectX Graphics Kernel Privilege Escalation Vulnerability (CVE-2018-8405) MS Rating: Important

A privilege escalation vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

DirectX Graphics Kernel Privilege Escalation Vulnerability (CVE-2018-8406) MS Rating: Important

A privilege escalation vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

Microsoft (MAU) Office Privilege Escalation Vulnerability (CVE-2018-8412) MS Rating: Important

A privilege escalation vulnerability exists when the Microsoft AutoUpdate (MAU) application for Mac improperly validates updates before executing them. An attacker who successfully exploited the vulnerability who already has the ability to execute code on a system could elevate privileges.

Windows Shell Remote Code Execution Vulnerability (CVE-2018-8414) MS Rating: Important

A remote code execution vulnerability exists when the Windows Shell does not properly validate file paths. An attacker who successfully exploited this vulnerability could run arbitrary code in the context of the current user.

Cumulative Security Update for Microsoft Device Guard Code

Device Guard Code Integrity Policy Security Bypass Vulnerability (CVE-2018-8200) MS Rating: Important

A security bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session. An attacker who successfully exploited this vulnerability could inject code into a trusted PowerShell process to bypass the Device Guard Code Integrity policy on the local machine.

Device Guard Code Integrity Policy Security Bypass Vulnerability (CVE-2018-8204) MS Rating: Important

A security bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session. An attacker who successfully exploited this vulnerability could inject code into a trusted PowerShell process to bypass the Device Guard Code Integrity policy on the local machine.

patch tuesday august 2018