Microsoft CVE Summary

This report contains detail for the following vulnerabilities:

Tag CVE ID CVE Title
.NET Framework CVE-2018-8284 .NET Framework Remote Code Injection Vulnerability
.NET Framework CVE-2018-8260 .NET Framework Remote Code Execution Vulnerability
.NET Framework CVE-2018-8202 .NET Framework Elevation of Privilege Vulnerability
.NET Framework CVE-2018-8356 .NET Framework Security Feature Bypass Vulnerability
Active Directory CVE-2018-8326 Open Source Customization for Active Directory Federation Services XSS Vulnerability
Adobe Flash Player ADV180017 July 2018 Adobe Flash Security Update
ASP.NET CVE-2018-8171 ASP.NET Security Feature Bypass Vulnerability
Device Guard CVE-2018-8222 Device Guard Code Integrity Policy Security Feature Bypass Vulnerability
Internet Explorer CVE-2018-0949 Internet Explorer Security Feature Bypass Vulnerability
Microsoft Devices CVE-2018-8306 Microsoft Wireless Display Adapter Command Injection Vulnerability
Microsoft Edge CVE-2018-8289 Microsoft Edge Information Disclosure Vulnerability
Microsoft Edge CVE-2018-8301 Microsoft Edge Memory Corruption Vulnerability
Microsoft Edge CVE-2018-8325 Microsoft Edge Information Disclosure Vulnerability
Microsoft Edge CVE-2018-8324 Microsoft Edge Information Disclosure Vulnerability
Microsoft Edge CVE-2018-8297 Microsoft Edge Information Disclosure Vulnerability
Microsoft Edge CVE-2018-8274 Microsoft Edge Memory Corruption Vulnerability
Microsoft Edge CVE-2018-8278 Microsoft Edge Spoofing Vulnerability
Microsoft Edge CVE-2018-8262 Microsoft Edge Memory Corruption Vulnerability
Microsoft Office CVE-2018-8281 Microsoft Office Remote Code Execution Vulnerability
Microsoft Office CVE-2018-8323 Microsoft SharePoint Elevation of Privilege Vulnerability
Microsoft Office CVE-2018-8300 Microsoft SharePoint Remote Code Execution Vulnerability
Microsoft Office CVE-2018-8312 Microsoft Access Remote Code Execution Vulnerability
Microsoft Office CVE-2018-8299 Microsoft SharePoint Elevation of Privilege Vulnerability
Microsoft Office CVE-2018-8310 Microsoft Office Tampering Vulnerability
Microsoft PowerShell CVE-2018-8327 PowerShell Editor Services Remote Code Execution Vulnerability
Microsoft Scripting Engine CVE-2018-8294 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8280 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8242 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8125 Microsoft Edge Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8298 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8287 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8288 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8290 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8279 Microsoft Edge Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8283 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8286 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8275 Microsoft Edge Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8296 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8291 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8276 Scripting Engine Security Feature Bypass Vulnerability
Microsoft Windows CVE-2018-8308 Windows Kernel Elevation of Privilege Vulnerability
Microsoft Windows CVE-2018-8309 Windows Denial of Service Vulnerability
Microsoft Windows CVE-2018-8305 Windows Mail Client Information Disclosure Vulnerability
Microsoft Windows CVE-2018-8206 Windows FTP Server Denial of Service Vulnerability
Microsoft Windows CVE-2018-8319 MSR JavaScript Cryptography Library Security Feature Bypass Vulnerability
Microsoft Windows CVE-2018-8313 Windows Elevation of Privilege Vulnerability
Microsoft Windows DNS CVE-2018-8304 Windows DNSAPI Denial of Service Vulnerability
Microsoft WordPad CVE-2018-8307 WordPad Security Feature Bypass Vulnerability
Skype for Business and Microsoft Lync CVE-2018-8238 Skype for Business and Lync Security Feature Bypass Vulnerability
Skype for Business and Microsoft Lync CVE-2018-8311 Remote Code Execution Vulnerability in Skype For Business and Lync
Visual Studio CVE-2018-8172 Visual Studio Remote Code Execution Vulnerability
Visual Studio CVE-2018-8232 Microsoft Macro Assembler Tampering Vulnerability
Windows Kernel CVE-2018-8282 Win32k Elevation of Privilege Vulnerability
Windows Shell CVE-2018-8314 Windows Elevation of Privilege Vulnerability

CVE-2018-0949 - Internet Explorer Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-0949
MITRE
NVD
CVE Title: Internet Explorer Security Feature Bypass Vulnerability
Description:

A security feature bypass vulnerability exists when Microsoft Internet Explorer improperly handles requests involving UNC resources. An attacker who successfully exploited the vulnerability could force the browser to load data that would otherwise be restricted.

In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Internet Explorer and then convince a user to view the website. The attacker could also take advantage of compromised websites, and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.

The security update addresses the vulnerability by modifying how affected Microsoft Internet Explorer handles requests involving UNC resources.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-07-10T07:00:00    

Information published.


Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely Exploitation More Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-0949
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Internet Explorer 10 on Windows Server 2012 4339093 (IE Cumulative)
4338830 (Monthly Rollup)
Low Security Feature Bypass 4230450
4284855
Base: 2.40
Temporal: 2.20
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 for 32-bit Systems 4338829 (Security Update) Important Security Feature Bypass 4284860 Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 for x64-based Systems 4338829 (Security Update) Important Security Feature Bypass 4284860 Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1607 for 32-bit Systems 4338814 (Security Update) Important Security Feature Bypass 4284880 Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1607 for x64-based Systems 4338814 (Security Update) Important Security Feature Bypass 4284880 Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1703 for 32-bit Systems 4338826 (Security Update) Important Security Feature Bypass 4284874 Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1703 for x64-based Systems 4338826 (Security Update) Important Security Feature Bypass 4284874 Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1709 for 32-bit Systems 4338825 (Security Update) Important Security Feature Bypass 4284819 Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1709 for x64-based Systems 4338825 (Security Update) Important Security Feature Bypass 4284819 Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1803 for 32-bit Systems 4338819 (Security Update) Important Security Feature Bypass 4284835 Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1803 for x64-based Systems 4338819 (Security Update) Important Security Feature Bypass 4284835 Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 7 for 32-bit Systems Service Pack 1 4339093 (IE Cumulative)
4338818 (Monthly Rollup)
Important Security Feature Bypass 4230450
4284826
Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 7 for x64-based Systems Service Pack 1 4339093 (IE Cumulative)
4338818 (Monthly Rollup)
Important Security Feature Bypass 4230450
4284826
Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 8.1 for 32-bit systems 4339093 (IE Cumulative)
4338815 (Monthly Rollup)
Important Security Feature Bypass 4230450
4284815
Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 8.1 for x64-based systems 4339093 (IE Cumulative)
4338815 (Monthly Rollup)
Important Security Feature Bypass 4230450
4284815
Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows RT 8.1 4338815 (Monthly Rollup) Important Security Feature Bypass 4284815 Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 4339093 (IE Cumulative)
4338818 (Monthly Rollup)
Low Security Feature Bypass 4230450
4284826
Base: 2.40
Temporal: 2.20
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows Server 2012 R2 4339093 (IE Cumulative)
4338815 (Monthly Rollup)
Low Security Feature Bypass 4230450
4284815
Base: 2.40
Temporal: 2.20
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows Server 2016 4338814 (Security Update) Low Security Feature Bypass 4284880 Base: 2.40
Temporal: 2.20
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
Yes
Internet Explorer 9 on Windows Server 2008 for 32-bit Systems Service Pack 2 4339093 (IE Cumulative) Important Security Feature Bypass 4230450 Base: 2.40
Temporal: 2.20
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
Yes
Internet Explorer 9 on Windows Server 2008 for x64-based Systems Service Pack 2 4339093 (IE Cumulative) Important Security Feature Bypass 4230450 Base: 2.40
Temporal: 2.20
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2018-0949 Masato Kinugawa of Cure53​
https://twitter.com/kinugawamasato,https://cure53.de/


CVE-2018-8172 - Visual Studio Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8172
MITRE
NVD
CVE Title: Visual Studio Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists in Visual Studio software when the software does not check the source markup of a file for an unbuilt project. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Exploitation of the vulnerability requires that a user open a specially crafted file with an affected version of Visual Studio. In an email attack scenario, an attacker could exploit the vulnerability by sending a specially crafted project, or resource file, to the user and convince the user to open the file.

The security update addresses the vulnerability by correcting how Visual Studio checks the source markup of a file.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-07-10T07:00:00    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8172
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Expression Blend 4 Service Pack 3 4342193 (Security Update) Important Remote Code Execution None Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Visual Studio 2010 Service Pack 1 4336919 (Security Update) Important Remote Code Execution None Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Visual Studio 2012 Update 5 4336946 (Security Update) Important Remote Code Execution None Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Visual Studio 2013 Update 5 4336986 (Security Update) Important Remote Code Execution None Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Visual Studio 2015 Update 3 4336999 (Security Update) Important Remote Code Execution None Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Visual Studio 2017 Release Notes (Security Update) Important Remote Code Execution None Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Visual Studio 2017 Version 15.7.5 Release Notes (Security Update) Important Remote Code Execution None Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Visual Studio 2017 Version 15.8 Preview Release Notes (Security Update) Important Remote Code Execution None Base: N/A
Temporal: N/A
Vector: N/A
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8172 Soroush Dalili of NCC Group
https://twitter.com/irsdl,https://www.nccgroup.trust/


CVE-2018-8202 - .NET Framework Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8202
MITRE
NVD
CVE Title: .NET Framework Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists in .NET Framework which could allow an attacker to elevate their privilege level.

To exploit the vulnerability, an attacker would first have to access the local machine, and then run a malicious program.

The update addresses the vulnerability by correcting how .NET Framework activates COM objects.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-07-10T07:00:00    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8202
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft .NET Framework 2.0 Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2 4338611 (Security Only)
4338422 (Security Update)
Important Elevation of Privilege 3142023; 4020507
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Yes
Microsoft .NET Framework 2.0 Service Pack 2 on Windows Server 2008 for Itanium-Based Systems Service Pack 2 4338611 (Security Only)
4338422 (Security Update)
Important Elevation of Privilege 3142023
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Yes
Microsoft .NET Framework 2.0 Service Pack 2 on Windows Server 2008 for x64-based Systems Service Pack 2 4338611 (Security Only)
4338422 (Security Update)
Important Elevation of Privilege 3142023; 4020507
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Yes
Microsoft .NET Framework 3.0 Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2 4338611 (Security Only)
4338422 (Security Update)
Important Elevation of Privilege 3142023; 4020507
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Yes
Microsoft .NET Framework 3.0 Service Pack 2 on Windows Server 2008 for Itanium-Based Systems Service Pack 2 4338611 (Security Only)
4338422 (Security Update)
Important Elevation of Privilege 3142023
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Yes
Microsoft .NET Framework 3.0 Service Pack 2 on Windows Server 2008 for x64-based Systems Service Pack 2 4338611 (Security Only)
4338422 (Security Update)
Important Elevation of Privilege 3142023; 4020507
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Yes
Microsoft .NET Framework 3.5 on Windows 10 for 32-bit Systems 4338829 (Security Update) Important Elevation of Privilege 4284860 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 3.5 on Windows 10 for x64-based Systems 4338829 (Security Update) Important Elevation of Privilege 4284860 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 3.5 on Windows 10 Version 1607 for 32-bit Systems 4338814 (Security Update) Important Elevation of Privilege 4284880 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 3.5 on Windows 10 Version 1607 for x64-based Systems 4338814 (Security Update) Important Elevation of Privilege 4284880 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 3.5 on Windows 10 Version 1703 for 32-bit Systems 4338826 (Security Update) Important Elevation of Privilege 4284874 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 3.5 on Windows 10 Version 1703 for x64-based Systems 4338826 (Security Update) Important Elevation of Privilege 4284874 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 3.5 on Windows 10 Version 1709 for 32-bit Systems 4338825 (Security Update) Important Elevation of Privilege 4284819 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 3.5 on Windows 10 Version 1709 for x64-based Systems 4338825 (Security Update) Important Elevation of Privilege 4284819 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 3.5 on Windows 10 Version 1803 for 32-bit Systems 4338819 (Security Update) Important Elevation of Privilege 4284835 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 3.5 on Windows 10 Version 1803 for x64-based Systems 4338819 (Security Update) Important Elevation of Privilege 4284835 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 3.5 on Windows 8.1 for 32-bit systems 4338613 (Security Only)
4338424 (Monthly Rollup)
Important Elevation of Privilege 2898868; 2898871; 4055271
4099635; 4291497
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 3.5 on Windows 8.1 for x64-based systems 4338613 (Security Only)
4338424 (Monthly Rollup)
Important Elevation of Privilege 2898868; 2898871; 4055271
4099635; 4291497
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 3.5 on Windows Server 2012 4338610 (Security Only)
4338421 (Monthly Rollup)
Important Elevation of Privilege 4020506
4099634; 4291495
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 3.5 on Windows Server 2012 (Server Core installation) 4338610 (Security Only)
4338421 (Monthly Rollup)
Important Elevation of Privilege 4020506
4099634; 4291495
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 3.5 on Windows Server 2012 R2 4338613 (Security Only)
4338424 (Monthly Rollup)
Important Elevation of Privilege 2898868; 2898871; 4055271
4099635; 4291497
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 3.5 on Windows Server 2012 R2 (Server Core installation) 4338613 (Security Only)
4338424 (Monthly Rollup)
Important Elevation of Privilege 2898868; 2898871; 4055271
4099635; 4291497
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 3.5 on Windows Server 2016 4338814 (Security Update) Important Elevation of Privilege 4284880 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 3.5 on Windows Server 2016 (Server Core installation) 4338814 (Security Update) Important Elevation of Privilege 4284880 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 3.5 on Windows Server, version 1709 (Server Core Installation) 4338825 (Security Update) Important Elevation of Privilege 4284819 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 3.5 on Windows Server, version 1803 (Server Core Installation) 4338819 (Security Update) Important Elevation of Privilege 4284835 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 3.5.1 on Windows 7 for 32-bit Systems Service Pack 1 4338612 (Security Only)
4338423 (Monthly Rollup)
Important Elevation of Privilege
4103472
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 3.5.1 on Windows 7 for x64-based Systems Service Pack 1 4338612 (Security Only)
4338423 (Monthly Rollup)
Important Elevation of Privilege
4103472
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 3.5.1 on Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 4338612 (Security Only)
4338423 (Monthly Rollup)
Important Elevation of Privilege
4103472
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 3.5.1 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4338612 (Security Only)
4338423 (Monthly Rollup)
Important Elevation of Privilege
4103472
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.5.2 on Windows 7 for 32-bit Systems Service Pack 1 4338417 (Monthly Rollup)
4338602 (Security Only)
Important Elevation of Privilege
3142023; 4020507
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.5.2 on Windows 7 for x64-based Systems Service Pack 1 4338417 (Monthly Rollup)
4338602 (Security Only)
Important Elevation of Privilege
3142023; 4020507
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.5.2 on Windows 8.1 for 32-bit systems 4338600 (Security Only)
4338415 (Monthly Rollup)
Important Elevation of Privilege 2898868; 2898871; 4055271
4099635; 4291497
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.5.2 on Windows 8.1 for x64-based systems 4338600 (Security Only)
4338415 (Monthly Rollup)
Important Elevation of Privilege 2898868; 2898871; 4055271
4099635; 4291497
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.5.2 on Windows RT 8.1 4338415 (Monthly Rollup) Important Elevation of Privilege 4099635; 4291497 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.5.2 on Windows Server 2008 for 32-bit Systems Service Pack 2 4338602 (Security Only)
4338417 (Monthly Rollup)
Important Elevation of Privilege 3142023; 4020507
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.5.2 on Windows Server 2008 for x64-based Systems Service Pack 2 4338602 (Security Only)
4338417 (Monthly Rollup)
Important Elevation of Privilege 3142023; 4020507
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.5.2 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 4338417 (Monthly Rollup)
4338602 (Security Only)
Important Elevation of Privilege
3142023; 4020507
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.5.2 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4338417 (Monthly Rollup)
4338602 (Security Only)
Important Elevation of Privilege
3142023; 4020507
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.5.2 on Windows Server 2012 4338601 (Security Only)
4338416 (Monthly Rollup)
Important Elevation of Privilege 4020506
4099634; 4291495
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.5.2 on Windows Server 2012 (Server Core installation) 4338601 (Security Only)
4338416 (Monthly Rollup)
Important Elevation of Privilege 4020506
4099634; 4291495
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.5.2 on Windows Server 2012 R2 4338600 (Security Only)
4338415 (Monthly Rollup)
Important Elevation of Privilege 2898868; 2898871; 4055271
4099635; 4291497
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.5.2 on Windows Server 2012 R2 (Server Core installation) 4338600 (Security Only)
4338415 (Monthly Rollup)
Important Elevation of Privilege 2898868; 2898871; 4055271
4099635; 4291497
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.6 on Windows Server 2008 for 32-bit Systems Service Pack 2 4338606 (Security Only)
4338420 (Monthly Rollup)
Important Elevation of Privilege 3142023; 4020507
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.6 on Windows Server 2008 for x64-based Systems Service Pack 2 4338606 (Security Only)
4338420 (Monthly Rollup)
Important Elevation of Privilege 3142023; 4020507
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows 10 Version 1607 for 32-bit Systems 4338814 (Security Update) Important Elevation of Privilege 4284880 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows 10 Version 1607 for x64-based Systems 4338814 (Security Update) Important Elevation of Privilege 4284880 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2016 4338814 (Security Update) Important Elevation of Privilege 4284880 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2016 (Server Core installation) 4338814 (Security Update) Important Elevation of Privilege 4284880 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 4.6/4.6.1/4.6.2 on Windows 10 for 32-bit Systems 4338829 (Security Update) Important Elevation of Privilege 4284860 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 4.6/4.6.1/4.6.2 on Windows 10 for x64-based Systems 4338829 (Security Update) Important Elevation of Privilege 4284860 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2 on Windows 7 for 32-bit Systems Service Pack 1 4338420 (Monthly Rollup)
4338606 (Security Only)
Important Elevation of Privilege
3142023; 4020507
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2 on Windows 7 for x64-based Systems Service Pack 1 4338420 (Monthly Rollup)
4338606 (Security Only)
Important Elevation of Privilege
3142023; 4020507
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2 on Windows 8.1 for 32-bit systems 4338605 (Security Only)
4338419 (Monthly Rollup)
Important Elevation of Privilege 2898868; 2898871; 4055271
4099635; 4291497
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2 on Windows 8.1 for x64-based systems 4338605 (Security Only)
4338419 (Monthly Rollup)
Important Elevation of Privilege 2898868; 2898871; 4055271
4099635; 4291497
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2 on Windows RT 8.1 4338419 (Monthly Rollup) Important Elevation of Privilege 4099635; 4291497 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 4338420 (Monthly Rollup)
4338606 (Security Only)
Important Elevation of Privilege
3142023; 4020507
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4338420 (Monthly Rollup)
4338606 (Security Only)
Important Elevation of Privilege
3142023; 4020507
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2 on Windows Server 2012 4338604 (Security Only)
4338418 (Monthly Rollup)
Important Elevation of Privilege 4020506
4099634; 4291495
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2 on Windows Server 2012 (Server Core installation) 4338604 (Security Only)
4338418 (Monthly Rollup)
Important Elevation of Privilege 4020506
4099634; 4291495
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2 on Windows Server 2012 R2 4338605 (Security Only)
4338419 (Monthly Rollup)
Important Elevation of Privilege 2898868; 2898871; 4055271
4099635; 4291497
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2 on Windows Server 2012 R2 (Server Core installation) 4338605 (Security Only)
4338419 (Monthly Rollup)
Important Elevation of Privilege 2898868; 2898871; 4055271
4099635; 4291497
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.7.1/4.7.2 on Windows 10 Version 1709 for 32-bit Systems 4338825 (Security Update) Important Elevation of Privilege 4284819 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 4.7.1/4.7.2 on Windows 10 Version 1709 for x64-based Systems 4338825 (Security Update) Important Elevation of Privilege 4284819 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 4.7.1/4.7.2 on Windows Server, version 1709 (Server Core Installation) 4338825 (Security Update) Important Elevation of Privilege 4284819 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 4.7.2 on Windows 10 Version 1803 for 32-bit Systems 4338819 (Security Update) Important Elevation of Privilege 4284835 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 4.7.2 on Windows 10 Version 1803 for x64-based Systems 4338819 (Security Update) Important Elevation of Privilege 4284835 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 4.7.2 on Windows Server, version 1803 (Server Core Installation) 4338819 (Security Update) Important Elevation of Privilege 4284835 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 4.7/4.7.1/4.7.2 on Windows 10 Version 1703 for 32-bit Systems 4338826 (Security Update) Important Elevation of Privilege 4284874 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 4.7/4.7.1/4.7.2 on Windows 10 Version 1703 for x64-based Systems 4338826 (Security Update) Important Elevation of Privilege 4284874 Base: N/A
Temporal: N/A
Vector: N/A
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8202 Lasse Trolle Borup of Langkjaer Cyber Defence
https://www.linkedin.com/in/lasse-trolle-borup,https://www.langkjaer.com/


CVE-2018-8206 - Windows FTP Server Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8206
MITRE
NVD
CVE Title: Windows FTP Server Denial of Service Vulnerability
Description:

A denial of service vulnerability exists when Windows improperly handles File Transfer Protocol (FTP) connections. An attacker who successfully exploited the vulnerability could cause a target system to stop responding.

To exploit the vulnerability, an unauthenticated attacker could send specially crafted packets to a Windows computer with the FTP Server role enabled that is accepting connections on TCP port 21. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to cause a target system to stop responding.

The security update addresses the vulnerability by correcting how Windows handles FTP connections.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-07-10T07:00:00    

Information published.


Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8206
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4338829 (Security Update) Important Denial of Service 4284860 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4338829 (Security Update) Important Denial of Service 4284860 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4338814 (Security Update) Important Denial of Service 4284880 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4338814 (Security Update) Important Denial of Service 4284880 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1703 for 32-bit Systems 4338826 (Security Update) Important Denial of Service 4284874 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1703 for x64-based Systems 4338826 (Security Update) Important Denial of Service 4284874 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4338825 (Security Update) Important Denial of Service 4284819 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4338825 (Security Update) Important Denial of Service 4284819 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4338819 (Security Update) Important Denial of Service 4284835 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4338819 (Security Update) Important Denial of Service 4284835 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 4338823 (Security Only)
4338818 (Monthly Rollup)
Important Denial of Service
4284826
Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 4338818 (Monthly Rollup)
4338823 (Security Only)
Important Denial of Service 4284826
Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4338815 (Monthly Rollup)
4338824 (Security Only)
Important Denial of Service 4284815
Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4338815 (Monthly Rollup)
4338824 (Security Only)
Important Denial of Service 4284815
Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4338815 (Monthly Rollup) Important Denial of Service 4284815 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4293756 (Security Update) Important Denial of Service None Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4293756 (Security Update) Important Denial of Service None Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for Itanium-Based Systems Service Pack 2 4293756 (Security Update) Important Denial of Service None Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4293756 (Security Update) Important Denial of Service None Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4293756 (Security Update) Important Denial of Service None Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 4338818 (Monthly Rollup)
4338823 (Security Only)
Important Denial of Service 4284826
Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4338818 (Monthly Rollup)
4338823 (Security Only)
Important Denial of Service 4284826
Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4338818 (Monthly Rollup)
4338823 (Security Only)
Important Denial of Service 4284826
Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 4338820 (Security Only)
4338830 (Monthly Rollup)
Important Denial of Service
4284855
Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4338820 (Security Only)
4338830 (Monthly Rollup)
Important Denial of Service
4284855
Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4338815 (Monthly Rollup)
4338824 (Security Only)
Important Denial of Service 4284815
Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4338815 (Monthly Rollup)
4338824 (Security Only)
Important Denial of Service 4284815
Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 4338814 (Security Update) Important Denial of Service 4284880 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4338814 (Security Update) Important Denial of Service 4284880 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1709 (Server Core Installation) 4338825 (Security Update) Important Denial of Service 4284819 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1803 (Server Core Installation) 4338819 (Security Update) Important Denial of Service 4284835 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8206 Brandon Falk (@gamozolabs) of the Enterprise Team
https://twitter.com/gamozolabs


CVE-2018-8222 - Device Guard Code Integrity Policy Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8222
MITRE
NVD
CVE Title: Device Guard Code Integrity Policy Security Feature Bypass Vulnerability
Description:

A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session. An attacker who successfully exploited this vulnerability could inject code into a trusted PowerShell process to bypass the Device Guard Code Integrity policy on the local machine.

To exploit the vulnerability, an attacker would first have to access the local machine, and then inject malicious code into a script that is trusted by the Code Integrity policy. The injected code would then run with the same trust level as the script and bypass the Code Integrity policy.

The update addresses the vulnerability by correcting how PowerShell exposes functions and processes user supplied code.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-07-10T07:00:00    

Information published.


Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8222
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4338829 (Security Update) Important Security Feature Bypass 4284860 Base: 5.30
Temporal: 4.80
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4338829 (Security Update) Important Security Feature Bypass 4284860 Base: 5.30
Temporal: 4.80
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4338814 (Security Update) Important Security Feature Bypass 4284880 Base: 5.30
Temporal: 4.80
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4338814 (Security Update) Important Security Feature Bypass 4284880 Base: 5.30
Temporal: 4.80
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1703 for 32-bit Systems 4338826 (Security Update) Important Security Feature Bypass 4284874 Base: 5.30
Temporal: 4.80
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1703 for x64-based Systems 4338826 (Security Update) Important Security Feature Bypass 4284874 Base: 5.30
Temporal: 4.80
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4338825 (Security Update) Important Security Feature Bypass 4284819 Base: 5.30
Temporal: 4.80
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4338825 (Security Update) Important Security Feature Bypass 4284819 Base: 5.30
Temporal: 4.80
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4338819 (Security Update) Important Security Feature Bypass 4284835 Base: 5.30
Temporal: 4.80
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4338819 (Security Update) Important Security Feature Bypass 4284835 Base: 5.30
Temporal: 4.80
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows Server 2016 4338814 (Security Update) Important Security Feature Bypass 4284880 Base: 5.30
Temporal: 4.80
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4338814 (Security Update) Important Security Feature Bypass 4284880 Base: 5.30
Temporal: 4.80
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows Server, version 1709 (Server Core Installation) 4338825 (Security Update) Important Security Feature Bypass 4284819 Base: 5.30
Temporal: 4.80
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows Server, version 1803 (Server Core Installation) 4338819 (Security Update) Important Security Feature Bypass 4284835 Base: 5.30
Temporal: 4.80
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8222 Matt Graeber of SpecterOps
https://specterops.io/


CVE-2018-8232 - Microsoft Macro Assembler Tampering Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8232
MITRE
NVD
CVE Title: Microsoft Macro Assembler Tampering Vulnerability
Description:

A Tampering vulnerability exists when Microsoft Macro Assembler improperly validates code.

An attacker could introduce code into an application, which modifies data in an unintended manner.

The security updates addresses the vulnerability by ensuring that Microsoft Macro Assembler properly validates code logic.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-07-10T07:00:00    

Information published.


Moderate Tampering

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8232
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft Visual Studio 2017 Release Notes (Security Update) Moderate Tampering None Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Visual Studio 2017 Version 15.7.5 Release Notes (Security Update) Moderate Tampering None Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Visual Studio 2017 Version 15.8 Preview Release Notes (Security Update) Moderate Tampering None Base: N/A
Temporal: N/A
Vector: N/A
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8232 David Baptiste of ESIEA - CVO Lab
https://en.esiea.fr/information-and-systems-security/https://en.esiea.fr/information-and-systems-security/


CVE-2018-8242 - Scripting Engine Memory Corruption Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8242
MITRE
NVD
CVE Title: Scripting Engine Memory Corruption Vulnerability
Description:

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website. An attacker could also embed an ActiveX control marked "safe for initialization" in an application or Microsoft Office document that hosts the IE rendering engine. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.

The security update addresses the vulnerability by modifying how the scripting engine handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-07-10T07:00:00    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely Exploitation More Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8242
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Internet Explorer 10 on Windows Server 2012 4339093 (IE Cumulative)
4338830 (Monthly Rollup)
Moderate Remote Code Execution 4230450
4284855
Base: 6.40
Temporal: 5.80
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 for 32-bit Systems 4338829 (Security Update) Critical Remote Code Execution 4284860 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 for x64-based Systems 4338829 (Security Update) Critical Remote Code Execution 4284860 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1607 for 32-bit Systems 4338814 (Security Update) Critical Remote Code Execution 4284880 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1607 for x64-based Systems 4338814 (Security Update) Critical Remote Code Execution 4284880 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1703 for 32-bit Systems 4338826 (Security Update) Critical Remote Code Execution 4284874 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1703 for x64-based Systems 4338826 (Security Update) Critical Remote Code Execution 4284874 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1709 for 32-bit Systems 4338825 (Security Update) Critical Remote Code Execution 4284819 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1709 for x64-based Systems 4338825 (Security Update) Critical Remote Code Execution 4284819 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1803 for 32-bit Systems 4338819 (Security Update) Critical Remote Code Execution 4284835 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1803 for x64-based Systems 4338819 (Security Update) Critical Remote Code Execution 4284835 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 7 for 32-bit Systems Service Pack 1 4339093 (IE Cumulative)
4338818 (Monthly Rollup)
Critical Remote Code Execution 4230450
4284826
Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 7 for x64-based Systems Service Pack 1 4339093 (IE Cumulative)
4338818 (Monthly Rollup)
Critical Remote Code Execution 4230450
4284826
Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 8.1 for 32-bit systems 4339093 (IE Cumulative)
4338815 (Monthly Rollup)
Critical Remote Code Execution 4230450
4284815
Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 8.1 for x64-based systems 4339093 (IE Cumulative)
4338815 (Monthly Rollup)
Critical Remote Code Execution 4230450
4284815
Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows RT 8.1 4338815 (Monthly Rollup) Critical Remote Code Execution 4284815 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 4339093 (IE Cumulative)
4338818 (Monthly Rollup)
Moderate Remote Code Execution 4230450
4284826
Base: 6.40
Temporal: 5.80
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows Server 2012 R2 4339093 (IE Cumulative)
4338815 (Monthly Rollup)
Moderate Remote Code Execution 4230450
4284815
Base: 6.40
Temporal: 5.80
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows Server 2016 4338814 (Security Update) Moderate Remote Code Execution 4284880 Base: 6.40
Temporal: 5.80
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 9 on Windows Server 2008 for 32-bit Systems Service Pack 2 4339093 (IE Cumulative) Moderate Remote Code Execution 4230450 Base: 6.40
Temporal: 5.80
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 9 on Windows Server 2008 for x64-based Systems Service Pack 2 4339093 (IE Cumulative) Moderate Remote Code Execution 4230450 Base: 6.40
Temporal: 5.80
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8242 Anonymous working with Trend Micro's Zero Day Initiative
http://www.zerodayinitiative.com/


Yuki Chen of Qihoo 360 Vulcan Team
http://www.360.com/


CVE-2018-8356 - .NET Framework Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8356
MITRE
NVD
CVE Title: .NET Framework Security Feature Bypass Vulnerability
Description:

A security feature bypass vulnerability exists when Microsoft .NET Framework components do not correctly validate certificates.

An attacker could present expired certificates when challenged.

The security update addresses the vulnerability by ensuring that .NET Framework components correctly validate certificates.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-07-10T07:00:00    

Information published.


Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely Exploitation Unlikely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8356
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
.NET Core 1.0 Important Security Feature Bypass None Base: N/A
Temporal: N/A
Vector: N/A
Unknown
.NET Core 1.1 Important Security Feature Bypass None Base: N/A
Temporal: N/A
Vector: N/A
Unknown
.NET Core 2.0 Important Security Feature Bypass None Base: N/A
Temporal: N/A
Vector: N/A
Unknown
ASP.NET Core 1.0 Important Security Feature Bypass None Base: N/A
Temporal: N/A
Vector: N/A
Unknown
ASP.NET Core 1.1 Important Security Feature Bypass None Base: N/A
Temporal: N/A
Vector: N/A
Unknown
ASP.NET Core 2.0 Important Security Feature Bypass None Base: N/A
Temporal: N/A
Vector: N/A
Unknown
Microsoft .NET Framework 3.0 Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2 4338611 (Security Only)
4338422 (Security Update)
Important Security Feature Bypass 3142023; 4020507
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Yes
Microsoft .NET Framework 3.0 Service Pack 2 on Windows Server 2008 for Itanium-Based Systems Service Pack 2 4338611 (Security Only)
4338422 (Security Update)
Important Security Feature Bypass 3142023
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Yes
Microsoft .NET Framework 3.0 Service Pack 2 on Windows Server 2008 for x64-based Systems Service Pack 2 4338611 (Security Only)
4338422 (Security Update)
Important Security Feature Bypass 3142023; 4020507
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Yes
Microsoft .NET Framework 3.5 on Windows 10 for 32-bit Systems 4338829 (Security Update) Important Security Feature Bypass 4284860 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 3.5 on Windows 10 for x64-based Systems 4338829 (Security Update) Important Security Feature Bypass 4284860 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 3.5 on Windows 10 Version 1607 for 32-bit Systems 4338814 (Security Update) Important Security Feature Bypass 4284880 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 3.5 on Windows 10 Version 1607 for x64-based Systems 4338814 (Security Update) Important Security Feature Bypass 4284880 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 3.5 on Windows 10 Version 1703 for 32-bit Systems 4338826 (Security Update) Important Security Feature Bypass 4284874 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 3.5 on Windows 10 Version 1703 for x64-based Systems 4338826 (Security Update) Important Security Feature Bypass 4284874 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 3.5 on Windows 10 Version 1709 for 32-bit Systems 4338825 (Security Update) Important Security Feature Bypass 4284819 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 3.5 on Windows 10 Version 1709 for x64-based Systems 4338825 (Security Update) Important Security Feature Bypass 4284819 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 3.5 on Windows 10 Version 1803 for 32-bit Systems 4338819 (Security Update) Important Security Feature Bypass 4284835 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 3.5 on Windows 10 Version 1803 for x64-based Systems 4338819 (Security Update) Important Security Feature Bypass 4284835 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 3.5 on Windows 8.1 for 32-bit systems 4338613 (Security Only)
4338424 (Monthly Rollup)
Important Security Feature Bypass 2898868; 2898871; 4055271
4099635; 4291497
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 3.5 on Windows 8.1 for x64-based systems 4338613 (Security Only)
4338424 (Monthly Rollup)
Important Security Feature Bypass 2898868; 2898871; 4055271
4099635; 4291497
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 3.5 on Windows Server 2012 4338610 (Security Only)
4338421 (Monthly Rollup)
Important Security Feature Bypass 4020506
4099634; 4291495
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 3.5 on Windows Server 2012 (Server Core installation) 4338610 (Security Only)
4338421 (Monthly Rollup)
Important Security Feature Bypass 4020506
4099634; 4291495
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 3.5 on Windows Server 2012 R2 4338613 (Security Only)
4338424 (Monthly Rollup)
Important Security Feature Bypass 2898868; 2898871; 4055271
4099635; 4291497
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 3.5 on Windows Server 2012 R2 (Server Core installation) 4338613 (Security Only)
4338424 (Monthly Rollup)
Important Security Feature Bypass 2898868; 2898871; 4055271
4099635; 4291497
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 3.5 on Windows Server 2016 4338814 (Security Update) Important Security Feature Bypass 4284880 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 3.5 on Windows Server 2016 (Server Core installation) 4338814 (Security Update) Important Security Feature Bypass 4284880 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 3.5 on Windows Server, version 1709 (Server Core Installation) 4338825 (Security Update) Important Security Feature Bypass 4284819 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 3.5 on Windows Server, version 1803 (Server Core Installation) 4338819 (Security Update) Important Security Feature Bypass 4284835 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 3.5.1 on Windows 7 for 32-bit Systems Service Pack 1 4338612 (Security Only)
4338423 (Monthly Rollup)
Important Security Feature Bypass
4103472
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 3.5.1 on Windows 7 for x64-based Systems Service Pack 1 4338612 (Security Only)
4338423 (Monthly Rollup)
Important Security Feature Bypass
4103472
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 3.5.1 on Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 4338612 (Security Only)
4338423 (Monthly Rollup)
Important Security Feature Bypass
4103472
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 3.5.1 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 4338612 (Security Only)
4338423 (Monthly Rollup)
Important Security Feature Bypass
4103472
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 3.5.1 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4338612 (Security Only)
4338423 (Monthly Rollup)
Important Security Feature Bypass
4103472
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.5.2 on Windows 7 for 32-bit Systems Service Pack 1 4338417 (Monthly Rollup)
4338602 (Security Only)
Important Security Feature Bypass
3142023; 4020507
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.5.2 on Windows 7 for x64-based Systems Service Pack 1 4338417 (Monthly Rollup)
4338602 (Security Only)
Important Security Feature Bypass
3142023; 4020507
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.5.2 on Windows 8.1 for 32-bit systems 4338600 (Security Only)
4338415 (Monthly Rollup)
Important Security Feature Bypass 2898868; 2898871; 4055271
4099635; 4291497
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.5.2 on Windows 8.1 for x64-based systems 4338600 (Security Only)
4338415 (Monthly Rollup)
Important Security Feature Bypass 2898868; 2898871; 4055271
4099635; 4291497
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.5.2 on Windows RT 8.1 4338415 (Monthly Rollup) Important Security Feature Bypass 4099635; 4291497 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.5.2 on Windows Server 2008 for 32-bit Systems Service Pack 2 4338602 (Security Only)
4338417 (Monthly Rollup)
Important Security Feature Bypass 3142023; 4020507
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.5.2 on Windows Server 2008 for x64-based Systems Service Pack 2 4338602 (Security Only)
4338417 (Monthly Rollup)
Important Security Feature Bypass 3142023; 4020507
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.5.2 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 4338417 (Monthly Rollup)
4338602 (Security Only)
Important Security Feature Bypass
3142023; 4020507
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.5.2 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4338417 (Monthly Rollup)
4338602 (Security Only)
Important Security Feature Bypass
3142023; 4020507
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.5.2 on Windows Server 2012 4338601 (Security Only)
4338416 (Monthly Rollup)
Important Security Feature Bypass 4020506
4099634; 4291495
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.5.2 on Windows Server 2012 (Server Core installation) 4338601 (Security Only)
4338416 (Monthly Rollup)
Important Security Feature Bypass 4020506
4099634; 4291495
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.5.2 on Windows Server 2012 R2 4338600 (Security Only)
4338415 (Monthly Rollup)
Important Security Feature Bypass 2898868; 2898871; 4055271
4099635; 4291497
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.5.2 on Windows Server 2012 R2 (Server Core installation) 4338600 (Security Only)
4338415 (Monthly Rollup)
Important Security Feature Bypass 2898868; 2898871; 4055271
4099635; 4291497
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.6 on Windows Server 2008 for 32-bit Systems Service Pack 2 4338606 (Security Only)
4338420 (Monthly Rollup)
Important Security Feature Bypass 3142023; 4020507
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.6 on Windows Server 2008 for x64-based Systems Service Pack 2 4338606 (Security Only)
4338420 (Monthly Rollup)
Important Security Feature Bypass 3142023; 4020507
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows 10 Version 1607 for 32-bit Systems 4338814 (Security Update) Important Security Feature Bypass 4284880 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows 10 Version 1607 for x64-based Systems 4338814 (Security Update) Important Security Feature Bypass 4284880 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2016 4338814 (Security Update) Important Security Feature Bypass 4284880 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2016 (Server Core installation) 4338814 (Security Update) Important Security Feature Bypass 4284880 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 4.6/4.6.1/4.6.2 on Windows 10 for 32-bit Systems 4338829 (Security Update) Important Security Feature Bypass 4284860 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 4.6/4.6.1/4.6.2 on Windows 10 for x64-based Systems 4338829 (Security Update) Important Security Feature Bypass 4284860 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2 on Windows 7 for 32-bit Systems Service Pack 1 4338420 (Monthly Rollup)
4338606 (Security Only)
Important Security Feature Bypass
3142023; 4020507
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2 on Windows 7 for x64-based Systems Service Pack 1 4338420 (Monthly Rollup)
4338606 (Security Only)
Important Security Feature Bypass
3142023; 4020507
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2 on Windows 8.1 for 32-bit systems 4338605 (Security Only)
4338419 (Monthly Rollup)
Important Security Feature Bypass 2898868; 2898871; 4055271
4099635; 4291497
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2 on Windows 8.1 for x64-based systems 4338605 (Security Only)
4338419 (Monthly Rollup)
Important Security Feature Bypass 2898868; 2898871; 4055271
4099635; 4291497
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2 on Windows RT 8.1 4338419 (Monthly Rollup) Important Security Feature Bypass 4099635; 4291497 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 4338420 (Monthly Rollup)
4338606 (Security Only)
Important Security Feature Bypass
3142023; 4020507
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4338420 (Monthly Rollup)
4338606 (Security Only)
Important Security Feature Bypass
3142023; 4020507
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2 on Windows Server 2012 4338604 (Security Only)
4338418 (Monthly Rollup)
Important Security Feature Bypass 4020506
4099634; 4291495
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2 on Windows Server 2012 (Server Core installation) 4338604 (Security Only)
4338418 (Monthly Rollup)
Important Security Feature Bypass 4020506
4099634; 4291495
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2 on Windows Server 2012 R2 4338605 (Security Only)
4338419 (Monthly Rollup)
Important Security Feature Bypass 2898868; 2898871; 4055271
4099635; 4291497
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2 on Windows Server 2012 R2 (Server Core installation) 4338605 (Security Only)
4338419 (Monthly Rollup)
Important Security Feature Bypass 2898868; 2898871; 4055271
4099635; 4291497
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.7.2 on Windows 10 Version 1803 for 32-bit Systems 4338819 (Security Update) Important Security Feature Bypass 4284835 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 4.7.2 on Windows 10 Version 1803 for x64-based Systems 4338819 (Security Update) Important Security Feature Bypass 4284835 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 4.7.2 on Windows Server, version 1803 (Server Core Installation) 4338819 (Security Update) Important Security Feature Bypass 4284835 Base: N/A
Temporal: N/A
Vector: N/A
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8356 None

CVE-2018-8260 - .NET Framework Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8260
MITRE
NVD
CVE Title: .NET Framework Remote Code Execution Vulnerability
Description:

A Remote Code Execution vulnerability exists in .NET software when the software fails to check the source markup of a file. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Exploitation of the vulnerability requires that a user open a specially crafted file with an affected version of .NET. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file.

The security update addresses the vulnerability by correcting how .NET checks the source markup of a file.


FAQ:

Are there any other .NET updates pertaining to this CVE that I should be aware of?

Yes. To further address this vulnerability, for Windows 10 version 1709 and earlier, customers running .NET Framework 4.7.2 will receive an additional fix through Windows Update. Alternatively, you can download the additional fix via the .NET Framework 4.7.2 Web Installer by following this link: http://go.microsoft.com/fwlink/?LinkId=863262. Follow the instructions in the message box to download or save the update.



Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-07-10T07:00:00    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely Exploitation Unlikely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8260
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
.NET Framework 4.7.2 Developer Pack Release Notes (Security Update) Important Remote Code Execution None Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.7.2 on Windows 10 Version 1607 for 32-bit Systems 4338814 (Security Update) Important Remote Code Execution 4284880 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 4.7.2 on Windows 10 Version 1607 for x64-based Systems 4338814 (Security Update) Important Remote Code Execution 4284880 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 4.7.2 on Windows 10 Version 1703 for 32-bit Systems 4338826 (Security Update) Important Remote Code Execution 4284874 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 4.7.2 on Windows 10 Version 1703 for x64-based Systems 4338826 (Security Update) Important Remote Code Execution 4284874 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 4.7.2 on Windows 10 Version 1709 for 32-bit Systems 4338825 (Security Update) Important Remote Code Execution 4284819 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 4.7.2 on Windows 10 Version 1709 for x64-based Systems 4338825 (Security Update) Important Remote Code Execution 4284819 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 4.7.2 on Windows 10 Version 1803 for 32-bit Systems 4338819 (Security Update) Important Remote Code Execution 4284835 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 4.7.2 on Windows 10 Version 1803 for x64-based Systems 4338819 (Security Update) Important Remote Code Execution 4284835 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 4.7.2 on Windows 7 for 32-bit Systems Service Pack 1 4338420 (Monthly Rollup)
4338606 (Security Only)
Important Remote Code Execution
3142023; 4020507
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.7.2 on Windows 7 for x64-based Systems Service Pack 1 4338420 (Monthly Rollup)
4338606 (Security Only)
Important Remote Code Execution
3142023; 4020507
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.7.2 on Windows 8.1 for 32-bit systems 4338605 (Security Only)
4338419 (Monthly Rollup)
Important Remote Code Execution 2898868; 2898871; 4055271
4099635; 4291497
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.7.2 on Windows 8.1 for x64-based systems 4338605 (Security Only)
4338419 (Monthly Rollup)
Important Remote Code Execution 2898868; 2898871; 4055271
4099635; 4291497
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.7.2 on Windows RT 8.1 4338419 (Monthly Rollup) Important Remote Code Execution 4099635; 4291497 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.7.2 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 4338420 (Monthly Rollup)
4338606 (Security Only)
Important Remote Code Execution
3142023; 4020507
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.7.2 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4338420 (Monthly Rollup)
4338606 (Security Only)
Important Remote Code Execution
3142023; 4020507
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.7.2 on Windows Server 2012 4338604 (Security Only)
4338418 (Monthly Rollup)
Important Remote Code Execution 4020506
4099634; 4291495
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.7.2 on Windows Server 2012 (Server Core installation) 4338604 (Security Only)
4338418 (Monthly Rollup)
Important Remote Code Execution 4020506
4099634; 4291495
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.7.2 on Windows Server 2012 R2 4338605 (Security Only)
4338419 (Monthly Rollup)
Important Remote Code Execution 2898868; 2898871; 4055271
4099635; 4291497
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.7.2 on Windows Server 2012 R2 (Server Core installation) 4338605 (Security Only)
4338419 (Monthly Rollup)
Important Remote Code Execution 2898868; 2898871; 4055271
4099635; 4291497
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.7.2 on Windows Server 2016 4338814 (Security Update) Important Remote Code Execution 4284880 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 4.7.2 on Windows Server 2016 (Server Core installation) 4338814 (Security Update) Important Remote Code Execution 4284880 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 4.7.2 on Windows Server, version 1709 (Server Core Installation) 4338825 (Security Update) Important Remote Code Execution 4284819 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 4.7.2 on Windows Server, version 1803 (Server Core Installation) 4338819 (Security Update) Important Remote Code Execution 4284835 Base: N/A
Temporal: N/A
Vector: N/A
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8260 Soroush Dalili of NCC Group
https://twitter.com/irsdl,https://www.nccgroup.trust/


CVE-2018-8262 - Microsoft Edge Memory Corruption Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8262
MITRE
NVD
CVE Title: Microsoft Edge Memory Corruption Vulnerability
Description:

A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

An attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge, and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements by adding specially crafted content that could exploit the vulnerability. In all cases, however, an attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by way of enticement in an email or Instant Messenger message, or by getting them to open an attachment sent through email.

The security update addresses the vulnerability by modifying how Microsoft Edge handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-07-10T07:00:00    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely N/A Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8262
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft Edge on Windows 10 Version 1803 for 32-bit Systems 4338819 (Security Update) Critical Remote Code Execution 4284835 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1803 for x64-based Systems 4338819 (Security Update) Critical Remote Code Execution 4284835 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8262 Omair working with KrashConsulting
https://krashconsulting.com/


CVE-2018-8274 - Microsoft Edge Memory Corruption Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8274
MITRE
NVD
CVE Title: Microsoft Edge Memory Corruption Vulnerability
Description:

A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

An attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge, and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements by adding specially crafted content that could exploit the vulnerability. In all cases, however, an attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by way of enticement in an email or Instant Messenger message, or by getting them to open an attachment sent through email.

The security update addresses the vulnerability by modifying how Microsoft Edge handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-07-10T07:00:00    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely N/A Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8274
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft Edge on Windows 10 Version 1703 for 32-bit Systems 4338826 (Security Update) Critical Remote Code Execution 4284874 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1703 for x64-based Systems 4338826 (Security Update) Critical Remote Code Execution 4284874 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1709 for 32-bit Systems 4338825 (Security Update) Critical Remote Code Execution 4284819 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1709 for x64-based Systems 4338825 (Security Update) Critical Remote Code Execution 4284819 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1803 for 32-bit Systems 4338819 (Security Update) Critical Remote Code Execution 4284835 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1803 for x64-based Systems 4338819 (Security Update) Critical Remote Code Execution 4284835 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8274 Akayn working with Trend Micro's Zero Day Initiative
http://www.zerodayinitiative.com/


Aradnok


Jihui Lu of Tencent KeenLab


CVE-2018-8275 - Microsoft Edge Memory Corruption Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8275
MITRE
NVD
CVE Title: Microsoft Edge Memory Corruption Vulnerability
Description:

A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

An attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge, and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements by adding specially crafted content that could exploit the vulnerability. In all cases, however, an attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by way of enticement in an email or Instant Messenger message, or by getting them to open an attachment sent through email.

The security update addresses the vulnerability by modifying how Microsoft Edge handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-07-10T07:00:00    

Information published.


Moderate Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely N/A Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8275
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
ChakraCore Commit (Security Update) Critical Remote Code Execution None Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Maybe
Microsoft Edge on Windows 10 Version 1607 for 32-bit Systems 4338814 (Security Update) Critical Remote Code Execution 4284880 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1607 for x64-based Systems 4338814 (Security Update) Critical Remote Code Execution 4284880 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1703 for 32-bit Systems 4338826 (Security Update) Critical Remote Code Execution 4284874 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1703 for x64-based Systems 4338826 (Security Update) Critical Remote Code Execution 4284874 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1709 for 32-bit Systems 4338825 (Security Update) Critical Remote Code Execution 4284819 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1709 for x64-based Systems 4338825 (Security Update) Critical Remote Code Execution 4284819 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1803 for 32-bit Systems 4338819 (Security Update) Critical Remote Code Execution 4284835 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1803 for x64-based Systems 4338819 (Security Update) Critical Remote Code Execution 4284835 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows Server 2016 4338814 (Security Update) Moderate Remote Code Execution 4284880 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8275 Simon Zuckerbraun with Trend Micro's Zero Day Initiative
http://www.zerodayinitiative.com/


CVE-2018-8276 - Scripting Engine Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8276
MITRE
NVD
CVE Title: Scripting Engine Security Feature Bypass Vulnerability
Description:

A security feature bypass vulnerability exists in the Microsoft Chakra scripting engine that allows Control Flow Guard (CFG) to be bypassed. By itself, the CFG bypass vulnerability does not allow arbitrary code execution. However, an attacker could use the CFG bypass vulnerability in conjunction with another vulnerability, such as a remote code execution vulnerability, to run arbitrary code on a target system.

To exploit the CFG bypass vulnerability, a user must be logged on to the Microsoft Chakra scripting engine and running it. The user would then need to browse to a malicious website.

The security update addresses the CFG bypass vulnerability by helping to ensure that the Microsoft Chakra scripting engine properly handles accessing memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-07-10T07:00:00    

Information published.


Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely N/A Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8276
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
ChakraCore Commit (Security Update) Important Security Feature Bypass None Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
Maybe
Microsoft Edge on Windows 10 Version 1703 for 32-bit Systems 4338826 (Security Update) Important Security Feature Bypass 4284874 Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1703 for x64-based Systems 4338826 (Security Update) Important Security Feature Bypass 4284874 Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1709 for 32-bit Systems 4338825 (Security Update) Important Security Feature Bypass 4284819 Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1709 for x64-based Systems 4338825 (Security Update) Important Security Feature Bypass 4284819 Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1803 for 32-bit Systems 4338819 (Security Update) Important Security Feature Bypass 4284835 Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1803 for x64-based Systems 4338819 (Security Update) Important Security Feature Bypass 4284835 Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8276 Kai Kang (@4B5F5F4B)
https://twitter.com/4b5f5f4b


CVE-2018-8278 - Microsoft Edge Spoofing Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8278
MITRE
NVD
CVE Title: Microsoft Edge Spoofing Vulnerability
Description:

A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content. An attacker who successfully exploited this vulnerability could trick a user into believing that the user was on a legitimate website. The specially crafted website could either spoof content or serve as a pivot to chain an attack with other vulnerabilities in web services.

To exploit the vulnerability, the user must either browse to a malicious website or be redirected to it. In an email attack scenario, an attacker could send an email message in an attempt to convince the user to click a link to a malicious site.

In a web-based attack scenario, an attacker could host a specially crafted website designed to appear as a legitimate website to the user. However, the attacker would have no way to force the user to visit the specially crafted website. The attacker would have to convince the user to visit the specially crafted website, typically by way of enticement in an email or instant message.

The security update addresses the vulnerability by correcting how Microsoft Edge handles specific HTML content.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-07-10T07:00:00    

Information published.


Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely N/A Not Applicable Yes No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8278
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft Edge on Windows 10 Version 1803 for 32-bit Systems 4338819 (Security Update) Important Spoofing 4284835 Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1803 for x64-based Systems 4338819 (Security Update) Important Spoofing 4284835 Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8278 None

CVE-2018-8279 - Microsoft Edge Memory Corruption Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8279
MITRE
NVD
CVE Title: Microsoft Edge Memory Corruption Vulnerability
Description:

A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

An attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge, and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements by adding specially crafted content that could exploit the vulnerability. In all cases, however, an attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by way of enticement in an email or Instant Messenger message, or by getting them to open an attachment sent through email.

The security update addresses the vulnerability by modifying how Microsoft Edge handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-07-10T07:00:00    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely N/A Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8279
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
ChakraCore Commit (Security Update) Critical Remote Code Execution None Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Maybe
Microsoft Edge on Windows 10 Version 1703 for 32-bit Systems 4338826 (Security Update) Critical Remote Code Execution 4284874 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1703 for x64-based Systems 4338826 (Security Update) Critical Remote Code Execution 4284874 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1709 for 32-bit Systems 4338825 (Security Update) Critical Remote Code Execution 4284819 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1709 for x64-based Systems 4338825 (Security Update) Critical Remote Code Execution 4284819 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1803 for 32-bit Systems 4338819 (Security Update) Critical Remote Code Execution 4284835 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1803 for x64-based Systems 4338819 (Security Update) Critical Remote Code Execution 4284835 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8279 Lokihardt of Google Project Zero
https://www.google.com


CVE-2018-8280 - Chakra Scripting Engine Memory Corruption Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8280
MITRE
NVD
CVE Title: Chakra Scripting Engine Memory Corruption Vulnerability
Description:

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.

The security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-07-10T07:00:00    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely N/A Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8280
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
ChakraCore Commit (Security Update) Critical Remote Code Execution None Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Maybe
Microsoft Edge on Windows 10 for 32-bit Systems 4338829 (Security Update) Critical Remote Code Execution 4284860 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 for x64-based Systems 4338829 (Security Update) Critical Remote Code Execution 4284860 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1607 for 32-bit Systems 4338814 (Security Update) Critical Remote Code Execution 4284880 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1607 for x64-based Systems 4338814 (Security Update) Critical Remote Code Execution 4284880 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1703 for 32-bit Systems 4338826 (Security Update) Critical Remote Code Execution 4284874 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1703 for x64-based Systems 4338826 (Security Update) Critical Remote Code Execution 4284874 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1709 for 32-bit Systems 4338825 (Security Update) Critical Remote Code Execution 4284819 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1709 for x64-based Systems 4338825 (Security Update) Critical Remote Code Execution 4284819 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1803 for 32-bit Systems 4338819 (Security Update) Critical Remote Code Execution 4284835 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1803 for x64-based Systems 4338819 (Security Update) Critical Remote Code Execution 4284835 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows Server 2016 4338814 (Security Update) Moderate Remote Code Execution 4284880 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8280 Johnathan Norman - WDG OS Security Team
https://twitter.com/spoofyroot


CVE-2018-8281 - Microsoft Office Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8281
MITRE
NVD
CVE Title: Microsoft Office Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Exploitation of the vulnerability requires that a user open a specially crafted file with an affected version of Microsoft Office. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) containing a specially crafted file designed to exploit the vulnerability. An attacker would have no way to force users to visit the website. Instead, an attacker would have to convince users to click a link, typically by way of an enticement in an email or instant message, and then convince them to open the specially crafted file.

The security update addresses the vulnerability by correcting how Microsoft Office handles objects in memory.


FAQ:

I am being offered this update for software that is not specifically indicated as being affected in the Affected Software and Vulnerability Severity Ratings table. Why am I being offered this update?

When updates address vulnerable code that exists in a component that is shared between multiple Microsoft Office products or shared between multiple versions of the same Microsoft Office product, the update is considered to be applicable to all supported products and versions that contain the vulnerable component.

For example, when an update applies to Microsoft Office 2007 products, only Microsoft Office 2007 may be specifically listed in the Affected Software table. However, the update could apply to Microsoft Word 2007, Microsoft Excel 2007, Microsoft Visio 2007, Microsoft Compatibility Pack, Microsoft Excel Viewer, or any other Microsoft Office 2007 product that is not specifically listed in the Affected Software table. Furthermore, when an update applies to Microsoft Office 2010 products, only Microsoft Office 2010 may be specifically listed in the Affected Software table. However, the update could apply to Microsoft Word 2010, Microsoft Excel 2010, Microsoft Visio 2010, Microsoft Visio Viewer, or any other Microsoft Office 2010 product that is not specifically listed in the Affected Software table.

For more information on this behavior and recommended actions, see Microsoft Knowledge Base Article 830335. For a list of Microsoft Office products that an update may apply to, refer to the Microsoft Knowledge Base Article associated with the specific update.

Why are there separate updates for Office Compatibility Pack, Excel Viewer, PowerPoint Viewer, and Word Viewer?

The updates for Microsoft Office Compatibility Pack and the Office Viewer applications are only supported, and will only install from Microsoft Update, if they are being run on Windows Embedded POSReady 2009. This is because these applications ship pre-installed in Windows Embedded POSReady 2009, which is still in support. For other platforms, these applications are no longer supported.



Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-07-10T07:00:00    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8281
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft Excel Viewer 4011202 (Security Update) Important Remote Code Execution 3213641 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Office 2016 Click-to-Run (C2R) for 32-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: N/A
Temporal: N/A
Vector: N/A
No
Microsoft Office 2016 Click-to-Run (C2R) for 64-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: N/A
Temporal: N/A
Vector: N/A
No
Microsoft Office 2016 for Mac Release Notes (Security Update) Important Remote Code Execution None Base: N/A
Temporal: N/A
Vector: N/A
No
Microsoft Office Compatibility Pack Service Pack 3 4011202 (Security Update) Important Remote Code Execution 3213641 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Office Word Viewer 4032214 (Security Update) Important Remote Code Execution None Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft PowerPoint Viewer 4011202 (Security Update) Important Remote Code Execution 3213641 Base: N/A
Temporal: N/A
Vector: N/A
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8281 Lin Wang of Beihang University


CVE-2018-8282 - Win32k Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8282
MITRE
NVD
CVE Title: Win32k Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.

The update addresses this vulnerability by correcting how the Windows kernel-mode driver handles objects in memory.


FAQ:

Why are there two different impacts in the Affected Products table?

An attacker could potentially exploit this vulnerability to elevate privileges from a client-side application sandbox in earlier Microsoft operating systems. However, mitigation technologies in later Microsoft operating systems make this more difficult. For this reason, this vulnerability has two different impact ratings.



Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-07-10T07:00:00    

Information published.


Important Elevation of Privilege,
Denial of Service

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely Exploitation More Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8282
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4338829 (Security Update) Important Denial of Service 4284860 Base: 8.80
Temporal: 8.80
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Yes
Windows 10 for x64-based Systems 4338829 (Security Update) Important Denial of Service 4284860 Base: 8.80
Temporal: 8.80
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Yes
Windows 10 Version 1607 for 32-bit Systems 4338814 (Security Update) Important Denial of Service 4284880 Base: 8.80
Temporal: 8.80
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Yes
Windows 10 Version 1607 for x64-based Systems 4338814 (Security Update) Important Denial of Service 4284880 Base: 8.80
Temporal: 8.80
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Yes
Windows 10 Version 1703 for 32-bit Systems 4338826 (Security Update) Important Denial of Service 4284874 Base: 8.80
Temporal: 8.80
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Yes
Windows 10 Version 1703 for x64-based Systems 4338826 (Security Update) Important Denial of Service 4284874 Base: 8.80
Temporal: 8.80
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Yes
Windows 10 Version 1709 for 32-bit Systems 4338825 (Security Update) Important Denial of Service 4284819 Base: 8.80
Temporal: 8.80
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Yes
Windows 10 Version 1709 for x64-based Systems 4338825 (Security Update) Important Denial of Service 4284819 Base: 8.80
Temporal: 8.80
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Yes
Windows 10 Version 1803 for 32-bit Systems 4338819 (Security Update) Important Denial of Service 4284835 Base: 8.80
Temporal: 8.80
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Yes
Windows 10 Version 1803 for x64-based Systems 4338819 (Security Update) Important Denial of Service 4284835 Base: 8.80
Temporal: 8.80
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Yes
Windows 7 for 32-bit Systems Service Pack 1 4338823 (Security Only)
4338818 (Monthly Rollup)
Important Elevation of Privilege
4284826
Base: 7.80
Temporal: 7.80
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Yes
Windows 7 for x64-based Systems Service Pack 1 4338818 (Monthly Rollup)
4338823 (Security Only)
Important Denial of Service 4284826
Base: 8.80
Temporal: 8.80
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Yes
Windows 8.1 for 32-bit systems 4338815 (Monthly Rollup)
4338824 (Security Only)
Important Denial of Service 4284815
Base: 7.80
Temporal: 7.80
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Yes
Windows 8.1 for x64-based systems 4338815 (Monthly Rollup)
4338824 (Security Only)
Important Denial of Service 4284815
Base: 7.80
Temporal: 7.80
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Yes
Windows RT 8.1 4338815 (Monthly Rollup) Important Denial of Service 4284815 Base: 8.80
Temporal: 8.80
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4339854 (Security Update) Important Elevation of Privilege None Base: 7.80
Temporal: 7.80
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4339854 (Security Update) Important Elevation of Privilege None Base: 7.80
Temporal: 7.80
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Yes
Windows Server 2008 for Itanium-Based Systems Service Pack 2 4339854 (Security Update) Important Elevation of Privilege None Base: 7.80
Temporal: 7.80
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4339854 (Security Update) Important Elevation of Privilege None Base: 7.80
Temporal: 7.80
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4339854 (Security Update) Important Elevation of Privilege None Base: 7.80
Temporal: 7.80
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Yes
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 4338818 (Monthly Rollup)
4338823 (Security Only)
Important Denial of Service 4284826
Base: 8.80
Temporal: 8.80
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4338818 (Monthly Rollup)
4338823 (Security Only)
Important Denial of Service 4284826
Base: 8.80
Temporal: 8.80
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4338818 (Monthly Rollup)
4338823 (Security Only)
Important Denial of Service 4284826
Base: 8.80
Temporal: 8.80
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Yes
Windows Server 2012 4338820 (Security Only)
4338830 (Monthly Rollup)
Important Denial of Service
4284855
Base: 8.80
Temporal: 8.80
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Yes
Windows Server 2012 (Server Core installation) 4338820 (Security Only)
4338830 (Monthly Rollup)
Important Denial of Service
4284855
Base: 8.80
Temporal: 8.80
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Yes
Windows Server 2012 R2 4338815 (Monthly Rollup)
4338824 (Security Only)
Important Denial of Service 4284815
Base: 8.80
Temporal: 8.80
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Yes
Windows Server 2012 R2 (Server Core installation) 4338815 (Monthly Rollup)
4338824 (Security Only)
Important Denial of Service 4284815
Base: 8.80
Temporal: 8.80
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Yes
Windows Server 2016 4338814 (Security Update) Important Denial of Service 4284880 Base: 8.80
Temporal: 8.80
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Yes
Windows Server 2016 (Server Core installation) 4338814 (Security Update) Important Denial of Service 4284880 Base: 8.80
Temporal: 8.80
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Yes
Windows Server, version 1709 (Server Core Installation) 4338825 (Security Update) Important Denial of Service 4284819 Base: 8.80
Temporal: 8.80
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Yes
Windows Server, version 1803 (Server Core Installation) 4338819 (Security Update) Important Denial of Service 4284835 Base: 8.80
Temporal: 8.80
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8282 hungtt28 of Viettel Cyber Security working with Trend Micro's Zero Day Initiative
http://www.zerodayinitiative.com/


CVE-2018-8283 - Scripting Engine Memory Corruption Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8283
MITRE
NVD
CVE Title: Scripting Engine Memory Corruption Vulnerability
Description:

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.

If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

The security update addresses the vulnerability by modifying how the ChakraCore scripting engine handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-07-10T07:00:00    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely N/A Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8283
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
ChakraCore Commit (Security Update) Critical Remote Code Execution None Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8283 Yu Zhou of Ant-financial Light-Year Security Lab


CVE-2018-8284 - .NET Framework Remote Code Injection Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8284
MITRE
NVD
CVE Title: .NET Framework Remote Code Injection Vulnerability
Description:

A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly. An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

To exploit the vulnerability, an attacker would need to pass specific input to an application utilizing susceptible .Net methods.

The security update addresses the vulnerability by correcting how the Microsoft .NET Framework validates input.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-07-10T07:00:00    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8284
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft .NET Framework 2.0 Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2 4338611 (Security Only)
4338422 (Security Update)
Important Remote Code Execution 3142023; 4020507
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Yes
Microsoft .NET Framework 2.0 Service Pack 2 on Windows Server 2008 for Itanium-Based Systems Service Pack 2 4338611 (Security Only)
4338422 (Security Update)
Important Remote Code Execution 3142023
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Yes
Microsoft .NET Framework 2.0 Service Pack 2 on Windows Server 2008 for x64-based Systems Service Pack 2 4338611 (Security Only)
4338422 (Security Update)
Important Remote Code Execution 3142023; 4020507
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Yes
Microsoft .NET Framework 3.0 Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2 4338611 (Security Only)
4338422 (Security Update)
Important Remote Code Execution 3142023; 4020507
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Yes
Microsoft .NET Framework 3.0 Service Pack 2 on Windows Server 2008 for Itanium-Based Systems Service Pack 2 4338611 (Security Only)
4338422 (Security Update)
Important Remote Code Execution 3142023
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Yes
Microsoft .NET Framework 3.0 Service Pack 2 on Windows Server 2008 for x64-based Systems Service Pack 2 4338611 (Security Only)
4338422 (Security Update)
Important Remote Code Execution 3142023; 4020507
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Yes
Microsoft .NET Framework 3.5 on Windows 10 for 32-bit Systems 4338829 (Security Update) Important Remote Code Execution 4284860 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 3.5 on Windows 10 for x64-based Systems 4338829 (Security Update) Important Remote Code Execution 4284860 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 3.5 on Windows 10 Version 1607 for 32-bit Systems 4338814 (Security Update) Important Remote Code Execution 4284880 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 3.5 on Windows 10 Version 1607 for x64-based Systems 4338814 (Security Update) Important Remote Code Execution 4284880 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 3.5 on Windows 10 Version 1703 for 32-bit Systems 4338826 (Security Update) Important Remote Code Execution 4284874 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 3.5 on Windows 10 Version 1703 for x64-based Systems 4338826 (Security Update) Important Remote Code Execution 4284874 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 3.5 on Windows 10 Version 1709 for 32-bit Systems 4338825 (Security Update) Important Remote Code Execution 4284819 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 3.5 on Windows 10 Version 1709 for x64-based Systems 4338825 (Security Update) Important Remote Code Execution 4284819 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 3.5 on Windows 10 Version 1803 for 32-bit Systems 4338819 (Security Update) Important Remote Code Execution 4284835 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 3.5 on Windows 10 Version 1803 for x64-based Systems 4338819 (Security Update) Important Remote Code Execution 4284835 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 3.5 on Windows 8.1 for 32-bit systems 4338613 (Security Only)
4338424 (Monthly Rollup)
Important Remote Code Execution 2898868; 2898871; 4055271
4099635; 4291497
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 3.5 on Windows 8.1 for x64-based systems 4338613 (Security Only)
4338424 (Monthly Rollup)
Important Remote Code Execution 2898868; 2898871; 4055271
4099635; 4291497
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 3.5 on Windows Server 2012 4338610 (Security Only)
4338421 (Monthly Rollup)
Important Remote Code Execution 4020506
4099634; 4291495
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 3.5 on Windows Server 2012 (Server Core installation) 4338610 (Security Only)
4338421 (Monthly Rollup)
Important Remote Code Execution 4020506
4099634; 4291495
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 3.5 on Windows Server 2012 R2 4338613 (Security Only)
4338424 (Monthly Rollup)
Important Remote Code Execution 2898868; 2898871; 4055271
4099635; 4291497
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 3.5 on Windows Server 2012 R2 (Server Core installation) 4338613 (Security Only)
4338424 (Monthly Rollup)
Important Remote Code Execution 2898868; 2898871; 4055271
4099635; 4291497
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 3.5 on Windows Server 2016 4338814 (Security Update) Important Remote Code Execution 4284880 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 3.5 on Windows Server 2016 (Server Core installation) 4338814 (Security Update) Important Remote Code Execution 4284880 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 3.5 on Windows Server, version 1709 (Server Core Installation) 4338825 (Security Update) Important Remote Code Execution 4284819 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 3.5 on Windows Server, version 1803 (Server Core Installation) 4338819 (Security Update) Important Remote Code Execution 4284835 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 3.5.1 on Windows 7 for 32-bit Systems Service Pack 1 4338612 (Security Only)
4338423 (Monthly Rollup)
Important Remote Code Execution
4103472
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 3.5.1 on Windows 7 for x64-based Systems Service Pack 1 4338612 (Security Only)
4338423 (Monthly Rollup)
Important Remote Code Execution
4103472
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 3.5.1 on Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 4338612 (Security Only)
4338423 (Monthly Rollup)
Important Remote Code Execution
4103472
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 3.5.1 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 4338612 (Security Only)
4338423 (Monthly Rollup)
Important Remote Code Execution
4103472
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 3.5.1 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4338612 (Security Only)
4338423 (Monthly Rollup)
Important Remote Code Execution
4103472
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.5.2 on Windows 7 for 32-bit Systems Service Pack 1 4338417 (Monthly Rollup)
4338602 (Security Only)
Important Remote Code Execution
3142023; 4020507
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.5.2 on Windows 7 for x64-based Systems Service Pack 1 4338417 (Monthly Rollup)
4338602 (Security Only)
Important Remote Code Execution
3142023; 4020507
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.5.2 on Windows 8.1 for 32-bit systems 4338600 (Security Only)
4338415 (Monthly Rollup)
Important Remote Code Execution 2898868; 2898871; 4055271
4099635; 4291497
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.5.2 on Windows 8.1 for x64-based systems 4338600 (Security Only)
4338415 (Monthly Rollup)
Important Remote Code Execution 2898868; 2898871; 4055271
4099635; 4291497
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.5.2 on Windows RT 8.1 4338415 (Monthly Rollup) Important Remote Code Execution 4099635; 4291497 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.5.2 on Windows Server 2008 for 32-bit Systems Service Pack 2 4338602 (Security Only)
4338417 (Monthly Rollup)
Important Remote Code Execution 3142023; 4020507
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.5.2 on Windows Server 2008 for x64-based Systems Service Pack 2 4338602 (Security Only)
4338417 (Monthly Rollup)
Important Remote Code Execution 3142023; 4020507
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.5.2 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 4338417 (Monthly Rollup)
4338602 (Security Only)
Important Remote Code Execution
3142023; 4020507
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.5.2 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4338417 (Monthly Rollup)
4338602 (Security Only)
Important Remote Code Execution
3142023; 4020507
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.5.2 on Windows Server 2012 4338601 (Security Only)
4338416 (Monthly Rollup)
Important Remote Code Execution 4020506
4099634; 4291495
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.5.2 on Windows Server 2012 (Server Core installation) 4338601 (Security Only)
4338416 (Monthly Rollup)
Important Remote Code Execution 4020506
4099634; 4291495
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.5.2 on Windows Server 2012 R2 4338600 (Security Only)
4338415 (Monthly Rollup)
Important Remote Code Execution 2898868; 2898871; 4055271
4099635; 4291497
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.5.2 on Windows Server 2012 R2 (Server Core installation) 4338600 (Security Only)
4338415 (Monthly Rollup)
Important Remote Code Execution 2898868; 2898871; 4055271
4099635; 4291497
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.6 on Windows Server 2008 for 32-bit Systems Service Pack 2 4338606 (Security Only)
4338420 (Monthly Rollup)
Important Remote Code Execution 3142023; 4020507
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.6 on Windows Server 2008 for x64-based Systems Service Pack 2 4338606 (Security Only)
4338420 (Monthly Rollup)
Important Remote Code Execution 3142023; 4020507
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows 10 Version 1607 for 32-bit Systems 4338814 (Security Update) Important Remote Code Execution 4284880 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows 10 Version 1607 for x64-based Systems 4338814 (Security Update) Important Remote Code Execution 4284880 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2016 4338814 (Security Update) Important Remote Code Execution 4284880 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2016 (Server Core installation) 4338814 (Security Update) Important Remote Code Execution 4284880 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 4.6/4.6.1/4.6.2 on Windows 10 for 32-bit Systems 4338829 (Security Update) Important Remote Code Execution 4284860 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 4.6/4.6.1/4.6.2 on Windows 10 for x64-based Systems 4338829 (Security Update) Important Remote Code Execution 4284860 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2 on Windows 7 for 32-bit Systems Service Pack 1 4338420 (Monthly Rollup)
4338606 (Security Only)
Important Remote Code Execution
3142023; 4020507
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2 on Windows 7 for x64-based Systems Service Pack 1 4338420 (Monthly Rollup)
4338606 (Security Only)
Important Remote Code Execution
3142023; 4020507
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2 on Windows 8.1 for 32-bit systems 4338605 (Security Only)
4338419 (Monthly Rollup)
Important Remote Code Execution 2898868; 2898871; 4055271
4099635; 4291497
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2 on Windows 8.1 for x64-based systems 4338605 (Security Only)
4338419 (Monthly Rollup)
Important Remote Code Execution 2898868; 2898871; 4055271
4099635; 4291497
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2 on Windows RT 8.1 4338419 (Monthly Rollup) Important Remote Code Execution 4099635; 4291497 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 4338420 (Monthly Rollup)
4338606 (Security Only)
Important Remote Code Execution
3142023; 4020507
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4338420 (Monthly Rollup)
4338606 (Security Only)
Important Remote Code Execution
3142023; 4020507
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2 on Windows Server 2012 4338604 (Security Only)
4338418 (Monthly Rollup)
Important Remote Code Execution 4020506
4099634; 4291495
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2 on Windows Server 2012 (Server Core installation) 4338604 (Security Only)
4338418 (Monthly Rollup)
Important Remote Code Execution 4020506
4099634; 4291495
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2 on Windows Server 2012 R2 4338605 (Security Only)
4338419 (Monthly Rollup)
Important Remote Code Execution 2898868; 2898871; 4055271
4099635; 4291497
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2 on Windows Server 2012 R2 (Server Core installation) 4338605 (Security Only)
4338419 (Monthly Rollup)
Important Remote Code Execution 2898868; 2898871; 4055271
4099635; 4291497
Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft .NET Framework 4.7.1/4.7.2 on Windows 10 Version 1709 for 32-bit Systems 4338825 (Security Update) Important Remote Code Execution 4284819 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 4.7.1/4.7.2 on Windows 10 Version 1709 for x64-based Systems 4338825 (Security Update) Important Remote Code Execution 4284819 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 4.7.1/4.7.2 on Windows Server, version 1709 (Server Core Installation) 4338825 (Security Update) Important Remote Code Execution 4284819 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 4.7.2 on Windows 10 Version 1803 for 32-bit Systems 4338819 (Security Update) Important Remote Code Execution 4284835 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 4.7.2 on Windows 10 Version 1803 for x64-based Systems 4338819 (Security Update) Important Remote Code Execution 4284835 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 4.7.2 on Windows Server, version 1803 (Server Core Installation) 4338819 (Security Update) Important Remote Code Execution 4284835 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 4.7/4.7.1/4.7.2 on Windows 10 Version 1703 for 32-bit Systems 4338826 (Security Update) Important Remote Code Execution 4284874 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Microsoft .NET Framework 4.7/4.7.1/4.7.2 on Windows 10 Version 1703 for x64-based Systems 4338826 (Security Update) Important Remote Code Execution 4284874 Base: N/A
Temporal: N/A
Vector: N/A
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8284 Soroush Dalili of NCC Group
https://twitter.com/irsdl,https://www.nccgroup.trust/


CVE-2018-8286 - Chakra Scripting Engine Memory Corruption Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8286
MITRE
NVD
CVE Title: Chakra Scripting Engine Memory Corruption Vulnerability
Description:

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.

The security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-07-10T07:00:00    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely N/A Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8286
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
ChakraCore Commit (Security Update) Critical Remote Code Execution None Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Maybe
Microsoft Edge on Windows 10 Version 1703 for 32-bit Systems 4338826 (Security Update) Critical Remote Code Execution 4284874 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1703 for x64-based Systems 4338826 (Security Update) Critical Remote Code Execution 4284874 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1709 for 32-bit Systems 4338825 (Security Update) Critical Remote Code Execution 4284819 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1709 for x64-based Systems 4338825 (Security Update) Critical Remote Code Execution 4284819 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1803 for 32-bit Systems 4338819 (Security Update) Critical Remote Code Execution 4284835 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1803 for x64-based Systems 4338819 (Security Update) Critical Remote Code Execution 4284835 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8286 None

CVE-2018-8287 - Scripting Engine Memory Corruption Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8287
MITRE
NVD
CVE Title: Scripting Engine Memory Corruption Vulnerability
Description:

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

In a web-based attack scenario, an attacker could host a specially crafted website designed to exploit the vulnerability through a Microsoft browser and then convince a user to view the website. An attacker could also embed an ActiveX control marked "safe for initialization" in an application or Microsoft Office document that hosts the browser rendering engine. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.

The security update addresses the vulnerability by modifying how the scripting engine handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-07-10T07:00:00    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely Exploitation More Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8287
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
ChakraCore Commit (Security Update) Important Remote Code Execution None Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Internet Explorer 10 on Windows Server 2012 4339093 (IE Cumulative)
4338830 (Monthly Rollup)
Low Remote Code Execution 4230450
4284855
Base: 6.40
Temporal: 5.80
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 for 32-bit Systems 4338829 (Security Update) Important Remote Code Execution 4284860 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 for x64-based Systems 4338829 (Security Update) Important Remote Code Execution 4284860 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1607 for 32-bit Systems 4338814 (Security Update) Important Remote Code Execution 4284880 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1607 for x64-based Systems 4338814 (Security Update) Important Remote Code Execution 4284880 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1703 for 32-bit Systems 4338826 (Security Update) Important Remote Code Execution 4284874 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1703 for x64-based Systems 4338826 (Security Update) Important Remote Code Execution 4284874 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1709 for 32-bit Systems 4338825 (Security Update) Important Remote Code Execution 4284819 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1709 for x64-based Systems 4338825 (Security Update) Important Remote Code Execution 4284819 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1803 for 32-bit Systems 4338819 (Security Update) Important Remote Code Execution 4284835 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1803 for x64-based Systems 4338819 (Security Update) Important Remote Code Execution 4284835 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 7 for 32-bit Systems Service Pack 1 4339093 (IE Cumulative)
4338818 (Monthly Rollup)
Important Remote Code Execution 4230450
4284826
Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 7 for x64-based Systems Service Pack 1 4339093 (IE Cumulative)
4338818 (Monthly Rollup)
Important Remote Code Execution 4230450
4284826
Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 8.1 for 32-bit systems 4339093 (IE Cumulative)
4338815 (Monthly Rollup)
Important Remote Code Execution 4230450
4284815
Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 8.1 for x64-based systems 4339093 (IE Cumulative)
4338815 (Monthly Rollup)
Important Remote Code Execution 4230450
4284815
Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows RT 8.1 4338815 (Monthly Rollup) Important Remote Code Execution 4284815 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 4339093 (IE Cumulative)
4338818 (Monthly Rollup)
Low Remote Code Execution 4230450
4284826
Base: 6.40
Temporal: 5.80
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows Server 2012 R2 4339093 (IE Cumulative)
4338815 (Monthly Rollup)
Low Remote Code Execution 4230450
4284815
Base: 6.40
Temporal: 5.80
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows Server 2016 4338814 (Security Update) Low Remote Code Execution 4284880 Base: 6.40
Temporal: 5.80
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 for 32-bit Systems 4338829 (Security Update) Important Remote Code Execution 4284860 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 for x64-based Systems 4338829 (Security Update) Important Remote Code Execution 4284860 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1607 for 32-bit Systems 4338814 (Security Update) Important Remote Code Execution 4284880 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1607 for x64-based Systems 4338814 (Security Update) Important Remote Code Execution 4284880 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1703 for 32-bit Systems 4338826 (Security Update) Important Remote Code Execution 4284874 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1703 for x64-based Systems 4338826 (Security Update) Important Remote Code Execution 4284874 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1709 for 32-bit Systems 4338825 (Security Update) Important Remote Code Execution 4284819 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1709 for x64-based Systems 4338825 (Security Update) Important Remote Code Execution 4284819 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1803 for 32-bit Systems 4338819 (Security Update) Important Remote Code Execution 4284835 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1803 for x64-based Systems 4338819 (Security Update) Important Remote Code Execution 4284835 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows Server 2016 4338814 (Security Update) Low Remote Code Execution 4284880 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8287 None

CVE-2018-8288 - Scripting Engine Memory Corruption Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8288
MITRE
NVD
CVE Title: Scripting Engine Memory Corruption Vulnerability
Description:

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

In a web-based attack scenario, an attacker could host a specially crafted website designed to exploit the vulnerability through a Microsoft browser and then convince a user to view the website. An attacker could also embed an ActiveX control marked "safe for initialization" in an application or Microsoft Office document that hosts the browser rendering engine. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.

The security update addresses the vulnerability by modifying how the scripting engine handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-07-10T07:00:00    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely N/A Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8288
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
ChakraCore Commit (Security Update) Critical Remote Code Execution None Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Maybe
Internet Explorer 11 on Windows 10 for 32-bit Systems 4338829 (Security Update) Critical Remote Code Execution 4284860 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 for x64-based Systems 4338829 (Security Update) Critical Remote Code Execution 4284860 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1607 for 32-bit Systems 4338814 (Security Update) Critical Remote Code Execution 4284880 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1607 for x64-based Systems 4338814 (Security Update) Critical Remote Code Execution 4284880 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1703 for 32-bit Systems 4338826 (Security Update) Critical Remote Code Execution 4284874 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1703 for x64-based Systems 4338826 (Security Update) Critical Remote Code Execution 4284874 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1709 for 32-bit Systems 4338825 (Security Update) Critical Remote Code Execution 4284819 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1709 for x64-based Systems 4338825 (Security Update) Critical Remote Code Execution 4284819 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1803 for 32-bit Systems 4338819 (Security Update) Critical Remote Code Execution 4284835 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1803 for x64-based Systems 4338819 (Security Update) Critical Remote Code Execution 4284835 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 7 for 32-bit Systems Service Pack 1 4339093 (IE Cumulative)
4338818 (Monthly Rollup)
Critical Remote Code Execution 4230450
4284826
Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 7 for x64-based Systems Service Pack 1 4339093 (IE Cumulative)
4338818 (Monthly Rollup)
Critical Remote Code Execution 4230450
4284826
Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 8.1 for 32-bit systems 4339093 (IE Cumulative)
4338815 (Monthly Rollup)
Critical Remote Code Execution 4230450
4284815
Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 8.1 for x64-based systems 4339093 (IE Cumulative)
4338815 (Monthly Rollup)
Critical Remote Code Execution 4230450
4284815
Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows RT 8.1 4338815 (Monthly Rollup) Critical Remote Code Execution 4284815 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 4339093 (IE Cumulative)
4338818 (Monthly Rollup)
Moderate Remote Code Execution 4230450
4284826
Base: 6.40
Temporal: 5.80
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows Server 2012 R2 4339093 (IE Cumulative)
4338815 (Monthly Rollup)
Moderate Remote Code Execution 4230450
4284815
Base: 6.40
Temporal: 5.80
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows Server 2016 4338814 (Security Update) Moderate Remote Code Execution 4284880 Base: 6.40
Temporal: 5.80
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 for 32-bit Systems 4338829 (Security Update) Critical Remote Code Execution 4284860 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 for x64-based Systems 4338829 (Security Update) Critical Remote Code Execution 4284860 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1607 for 32-bit Systems 4338814 (Security Update) Critical Remote Code Execution 4284880 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1607 for x64-based Systems 4338814 (Security Update) Critical Remote Code Execution 4284880 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1703 for 32-bit Systems 4338826 (Security Update) Critical Remote Code Execution 4284874 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1703 for x64-based Systems 4338826 (Security Update) Critical Remote Code Execution 4284874 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1709 for 32-bit Systems 4338825 (Security Update) Critical Remote Code Execution 4284819 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1709 for x64-based Systems 4338825 (Security Update) Critical Remote Code Execution 4284819 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1803 for 32-bit Systems 4338819 (Security Update) Critical Remote Code Execution 4284835 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1803 for x64-based Systems 4338819 (Security Update) Critical Remote Code Execution 4284835 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows Server 2016 4338814 (Security Update) Moderate Remote Code Execution 4284880 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8288 Lokihardt of Google Project Zero
https://www.google.com


CVE-2018-8289 - Microsoft Edge Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8289
MITRE
NVD
CVE Title: Microsoft Edge Information Disclosure Vulnerability
Description:

An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.

To exploit the vulnerability, in a web-based attack scenario, an attacker could host a website in an attempt to exploit the vulnerability. In addition, compromised websites and websites that accept or host user-provided content could contain specially crafted content that could exploit the vulnerability. However, in all cases an attacker would have no way to force a user to view the attacker-controlled content. Instead, an attacker would have to convince a user to take action. For example, an attacker could trick a user into clicking a link that takes the user to the attacker's site.

The update addresses the vulnerability by modifying how Microsoft Edge handles objects in memory.


FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory.



Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-07-10T07:00:00    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely N/A Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8289
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft Edge on Windows 10 Version 1803 for 32-bit Systems 4338819 (Security Update) Important Information Disclosure 4284835 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1803 for x64-based Systems 4338819 (Security Update) Important Information Disclosure 4284835 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8289 Jihui Lu of Tencent KeenLab


Marcin Towalski (@mtowalski1)
https://twitter.com/mtowalski1


CVE-2018-8290 - Chakra Scripting Engine Memory Corruption Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8290
MITRE
NVD
CVE Title: Chakra Scripting Engine Memory Corruption Vulnerability
Description:

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.

The security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-07-10T07:00:00    

Information published.


Moderate Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely N/A Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8290
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
ChakraCore Commit (Security Update) Critical Remote Code Execution None Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Maybe
Microsoft Edge on Windows 10 for 32-bit Systems 4338829 (Security Update) Critical Remote Code Execution 4284860 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 for x64-based Systems 4338829 (Security Update) Critical Remote Code Execution 4284860 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1607 for 32-bit Systems 4338814 (Security Update) Critical Remote Code Execution 4284880 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1607 for x64-based Systems 4338814 (Security Update) Critical Remote Code Execution 4284880 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1703 for 32-bit Systems 4338826 (Security Update) Critical Remote Code Execution 4284874 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1703 for x64-based Systems 4338826 (Security Update) Critical Remote Code Execution 4284874 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1709 for 32-bit Systems 4338825 (Security Update) Critical Remote Code Execution 4284819 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1709 for x64-based Systems 4338825 (Security Update) Critical Remote Code Execution 4284819 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1803 for 32-bit Systems 4338819 (Security Update) Critical Remote Code Execution 4284835 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1803 for x64-based Systems 4338819 (Security Update) Critical Remote Code Execution 4284835 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows Server 2016 4338814 (Security Update) Moderate Remote Code Execution 4284880 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8290 None

CVE-2018-8291 - Scripting Engine Memory Corruption Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8291
MITRE
NVD
CVE Title: Scripting Engine Memory Corruption Vulnerability
Description:

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

In a web-based attack scenario, an attacker could host a specially crafted website designed to exploit the vulnerability through a Microsoft browser and then convince a user to view the website. An attacker could also embed an ActiveX control marked "safe for initialization" in an application or Microsoft Office document that hosts the browser rendering engine. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.

The security update addresses the vulnerability by modifying how the scripting engine handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-07-10T07:00:00    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely N/A Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8291
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
ChakraCore Commit (Security Update) Critical Remote Code Execution None Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Maybe
Internet Explorer 11 on Windows 10 for 32-bit Systems 4338829 (Security Update) Critical Remote Code Execution 4284860 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 for x64-based Systems 4338829 (Security Update) Critical Remote Code Execution 4284860 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1607 for 32-bit Systems 4338814 (Security Update) Critical Remote Code Execution 4284880 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1607 for x64-based Systems 4338814 (Security Update) Critical Remote Code Execution 4284880 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1703 for 32-bit Systems 4338826 (Security Update) Critical Remote Code Execution 4284874 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1703 for x64-based Systems 4338826 (Security Update) Critical Remote Code Execution 4284874 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1709 for 32-bit Systems 4338825 (Security Update) Critical Remote Code Execution 4284819 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1709 for x64-based Systems 4338825 (Security Update) Critical Remote Code Execution 4284819 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1803 for 32-bit Systems 4338819 (Security Update) Critical Remote Code Execution 4284835 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1803 for x64-based Systems 4338819 (Security Update) Critical Remote Code Execution 4284835 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 7 for 32-bit Systems Service Pack 1 4339093 (IE Cumulative)
4338818 (Monthly Rollup)
Critical Remote Code Execution 4230450
4284826
Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 7 for x64-based Systems Service Pack 1 4339093 (IE Cumulative)
4338818 (Monthly Rollup)
Critical Remote Code Execution 4230450
4284826
Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 8.1 for 32-bit systems 4339093 (IE Cumulative)
4338815 (Monthly Rollup)
Critical Remote Code Execution 4230450
4284815
Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 8.1 for x64-based systems 4339093 (IE Cumulative)
4338815 (Monthly Rollup)
Critical Remote Code Execution 4230450
4284815
Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows RT 8.1 4338815 (Monthly Rollup) Critical Remote Code Execution 4284815 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 4339093 (IE Cumulative)
4338818 (Monthly Rollup)
Moderate Remote Code Execution 4230450
4284826
Base: 6.40
Temporal: 5.80
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows Server 2012 R2 4339093 (IE Cumulative)
4338815 (Monthly Rollup)
Moderate Remote Code Execution 4230450
4284815
Base: 6.40
Temporal: 5.80
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows Server 2016 4338814 (Security Update) Moderate Remote Code Execution 4284880 Base: 6.40
Temporal: 5.80
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 for 32-bit Systems 4338829 (Security Update) Critical Remote Code Execution 4284860 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 for x64-based Systems 4338829 (Security Update) Critical Remote Code Execution 4284860 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1607 for 32-bit Systems 4338814 (Security Update) Critical Remote Code Execution 4284880 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1607 for x64-based Systems 4338814 (Security Update) Critical Remote Code Execution 4284880 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1703 for 32-bit Systems 4338826 (Security Update) Critical Remote Code Execution 4284874 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1703 for x64-based Systems 4338826 (Security Update) Critical Remote Code Execution 4284874 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1709 for 32-bit Systems 4338825 (Security Update) Critical Remote Code Execution 4284819 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1709 for x64-based Systems 4338825 (Security Update) Critical Remote Code Execution 4284819 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1803 for 32-bit Systems 4338819 (Security Update) Critical Remote Code Execution 4284835 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1803 for x64-based Systems 4338819 (Security Update) Critical Remote Code Execution 4284835 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows Server 2016 4338814 (Security Update) Moderate Remote Code Execution 4284880 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8291 Lokihardt of Google Project Zero
https://www.google.com


CVE-2018-8294 - Chakra Scripting Engine Memory Corruption Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8294
MITRE
NVD
CVE Title: Chakra Scripting Engine Memory Corruption Vulnerability
Description:

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.

The security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-07-10T07:00:00    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely N/A Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8294
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
ChakraCore Commit (Security Update) Critical Remote Code Execution None Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Maybe
Microsoft Edge on Windows 10 Version 1803 for 32-bit Systems 4338819 (Security Update) Critical Remote Code Execution 4284835 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1803 for x64-based Systems 4338819 (Security Update) Critical Remote Code Execution 4284835 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8294 None

CVE-2018-8296 - Scripting Engine Memory Corruption Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8296
MITRE
NVD
CVE Title: Scripting Engine Memory Corruption Vulnerability
Description:

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website. An attacker could also embed an ActiveX control marked "safe for initialization" in an application or Microsoft Office document that hosts the IE rendering engine. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.

The security update addresses the vulnerability by modifying how the scripting engine handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-07-10T07:00:00    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely Exploitation More Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8296
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Internet Explorer 11 on Windows 10 for 32-bit Systems 4338829 (Security Update) Critical Remote Code Execution 4284860 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 for x64-based Systems 4338829 (Security Update) Critical Remote Code Execution 4284860 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1607 for 32-bit Systems 4338814 (Security Update) Critical Remote Code Execution 4284880 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1607 for x64-based Systems 4338814 (Security Update) Critical Remote Code Execution 4284880 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1703 for 32-bit Systems 4338826 (Security Update) Critical Remote Code Execution 4284874 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1703 for x64-based Systems 4338826 (Security Update) Critical Remote Code Execution 4284874 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1709 for 32-bit Systems 4338825 (Security Update) Critical Remote Code Execution 4284819 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1709 for x64-based Systems 4338825 (Security Update) Critical Remote Code Execution 4284819 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1803 for 32-bit Systems 4338819 (Security Update) Critical Remote Code Execution 4284835 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1803 for x64-based Systems 4338819 (Security Update) Critical Remote Code Execution 4284835 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 7 for 32-bit Systems Service Pack 1 4339093 (IE Cumulative)
4338818 (Monthly Rollup)
Critical Remote Code Execution 4230450
4284826
Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 7 for x64-based Systems Service Pack 1 4339093 (IE Cumulative)
4338818 (Monthly Rollup)
Critical Remote Code Execution 4230450
4284826
Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 8.1 for 32-bit systems 4339093 (IE Cumulative)
4338815 (Monthly Rollup)
Critical Remote Code Execution 4230450
4284815
Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 8.1 for x64-based systems 4339093 (IE Cumulative)
4338815 (Monthly Rollup)
Critical Remote Code Execution 4230450
4284815
Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows RT 8.1 4338815 (Monthly Rollup) Critical Remote Code Execution 4284815 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 4339093 (IE Cumulative)
4338818 (Monthly Rollup)
Moderate Remote Code Execution 4230450
4284826
Base: 6.40
Temporal: 5.80
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows Server 2012 R2 4339093 (IE Cumulative)
4338815 (Monthly Rollup)
Moderate Remote Code Execution 4230450
4284815
Base: 6.40
Temporal: 5.80
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows Server 2016 4338814 (Security Update) Moderate Remote Code Execution 4284880 Base: 6.40
Temporal: 5.80
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8296 Anonymous working with iDefense Labs


CVE-2018-8297 - Microsoft Edge Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8297
MITRE
NVD
CVE Title: Microsoft Edge Information Disclosure Vulnerability
Description:

An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.

To exploit the vulnerability, in a web-based attack scenario, an attacker could host a website in an attempt to exploit the vulnerability. In addition, compromised websites and websites that accept or host user-provided content could contain specially crafted content that could exploit the vulnerability. However, in all cases an attacker would have no way to force a user to view the attacker-controlled content. Instead, an attacker would have to convince a user to take action. For example, an attacker could trick a user into clicking a link that takes the user to the attacker's site.

The update addresses the vulnerability by modifying how Microsoft Edge handles objects in memory.


FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory.



Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-07-10T07:00:00    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely N/A Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8297
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft Edge on Windows 10 Version 1709 for 32-bit Systems 4338825 (Security Update) Important Information Disclosure 4284819 Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1709 for x64-based Systems 4338825 (Security Update) Important Information Disclosure 4284819 Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1803 for 32-bit Systems 4338819 (Security Update) Important Information Disclosure 4284835 Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1803 for x64-based Systems 4338819 (Security Update) Important Information Disclosure 4284835 Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8297 Liu Long of Qihoo 360 Vulcan Team
http://www.360.com/


Marcin Towalski (@mtowalski1)
https://twitter.com/mtowalski1


CVE-2018-8298 - Scripting Engine Memory Corruption Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8298
MITRE
NVD
CVE Title: Scripting Engine Memory Corruption Vulnerability
Description:

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.

If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

The security update addresses the vulnerability by modifying how the ChakraCore scripting engine handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-07-10T07:00:00    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely N/A Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8298
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
ChakraCore Commit (Security Update) Critical Remote Code Execution None Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8298 Lokihardt of Google Project Zero
https://www.google.com


CVE-2018-8301 - Microsoft Edge Memory Corruption Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8301
MITRE
NVD
CVE Title: Microsoft Edge Memory Corruption Vulnerability
Description:

A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

An attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge, and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements by adding specially crafted content that could exploit the vulnerability. In all cases, however, an attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by way of enticement in an email or Instant Messenger message, or by getting them to open an attachment sent through email.

The security update addresses the vulnerability by modifying how Microsoft Edge handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-07-10T07:00:00    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely N/A Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8301
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft Edge on Windows 10 Version 1709 for 32-bit Systems 4338825 (Security Update) Critical Remote Code Execution 4284819 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1709 for x64-based Systems 4338825 (Security Update) Critical Remote Code Execution 4284819 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1803 for 32-bit Systems 4338819 (Security Update) Critical Remote Code Execution 4284835 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1803 for x64-based Systems 4338819 (Security Update) Critical Remote Code Execution 4284835 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8301 Alexandru Pitis of Microsoft Corporation


CVE-2018-8313 - Windows Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8313
MITRE
NVD
CVE Title: Windows Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists in the way that the Windows Kernel API enforces permissions. An attacker who successfully exploited the vulnerability could impersonate processes, interject cross-process communication, or interrupt system functionality.

To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application.

The security update addresses the vulnerability by helping to ensure that the Windows Kernel API properly enforces permissions.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-07-10T07:00:00    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely Exploitation More Likely Not Applicable Yes No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8313
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4338829 (Security Update) Important Elevation of Privilege 4284860 Base: 7.80
Temporal: 7.10
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:T/RC:C
Yes
Windows 10 for x64-based Systems 4338829 (Security Update) Important Elevation of Privilege 4284860 Base: 7.80
Temporal: 7.10
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:T/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4338814 (Security Update) Important Elevation of Privilege 4284880 Base: 7.80
Temporal: 7.10
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:T/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4338814 (Security Update) Important Elevation of Privilege 4284880 Base: 7.80
Temporal: 7.10
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:T/RC:C
Yes
Windows 10 Version 1703 for 32-bit Systems 4338826 (Security Update) Important Elevation of Privilege 4284874 Base: 7.80
Temporal: 7.10
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:T/RC:C
Yes
Windows 10 Version 1703 for x64-based Systems 4338826 (Security Update) Important Elevation of Privilege 4284874 Base: 7.80
Temporal: 7.10
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:T/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4338825 (Security Update) Important Elevation of Privilege 4284819 Base: 7.80
Temporal: 7.10
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:T/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4338825 (Security Update) Important Elevation of Privilege 4284819 Base: 7.80
Temporal: 7.10
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:T/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4338819 (Security Update) Important Elevation of Privilege 4284835 Base: 7.80
Temporal: 7.10
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:T/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4338819 (Security Update) Important Elevation of Privilege 4284835 Base: 7.80
Temporal: 7.10
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:T/RC:C
Yes
Windows 8.1 for 32-bit systems 4338815 (Monthly Rollup)
4338824 (Security Only)
Important Elevation of Privilege 4284815
Base: 7.80
Temporal: 7.10
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:T/RC:C
Yes
Windows 8.1 for x64-based systems 4338815 (Monthly Rollup)
4338824 (Security Only)
Important Elevation of Privilege 4284815
Base: 7.80
Temporal: 7.10
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:T/RC:C
Yes
Windows RT 8.1 4338815 (Monthly Rollup) Important Elevation of Privilege 4284815 Base: 7.80
Temporal: 7.10
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:T/RC:C
Yes
Windows Server 2012 4338820 (Security Only)
4338830 (Monthly Rollup)
Important Elevation of Privilege
4284855
Base: 7.80
Temporal: 7.10
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:T/RC:C
Yes
Windows Server 2012 (Server Core installation) 4338820 (Security Only)
4338830 (Monthly Rollup)
Important Elevation of Privilege
4284855
Base: 7.80
Temporal: 7.10
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:T/RC:C
Yes
Windows Server 2012 R2 4338815 (Monthly Rollup)
4338824 (Security Only)
Important Elevation of Privilege 4284815
Base: 7.80
Temporal: 7.10
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:T/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4338815 (Monthly Rollup)
4338824 (Security Only)
Important Elevation of Privilege 4284815
Base: 7.80
Temporal: 7.10
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:T/RC:C
Yes
Windows Server 2016 4338814 (Security Update) Important Elevation of Privilege 4284880 Base: 7.80
Temporal: 7.10
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:T/RC:C
Yes
Windows Server 2016 (Server Core installation) 4338814 (Security Update) Important Elevation of Privilege 4284880 Base: 7.80
Temporal: 7.10
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:T/RC:C
Yes
Windows Server, version 1709 (Server Core Installation) 4338825 (Security Update) Important Elevation of Privilege 4284819 Base: 7.80
Temporal: 7.10
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:T/RC:C
Yes
Windows Server, version 1803 (Server Core Installation) 4338819 (Security Update) Important Elevation of Privilege 4284835 Base: 7.80
Temporal: 7.10
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:T/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8313 None

CVE-2018-8319 - MSR JavaScript Cryptography Library Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8319
MITRE
NVD
CVE Title: MSR JavaScript Cryptography Library Security Feature Bypass Vulnerability
Description:

A Security Feature Bypass vulnerability exists in MSR JavaScript Cryptography Library that is caused by incorrect arithmetic computations.

An attacker could craft a signature, without the need of the corresponding key, and mimic the entity associated with the public/private key pair.

The security update addresses the vulnerability by correcting the arithmetic computations.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-07-10T07:00:00    

Information published.


Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8319
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft Research JavaScript Cryptography Library Release Notes (Security Update) Important Security Feature Bypass None Base: N/A
Temporal: N/A
Vector: N/A
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8319 Jonathan Burns of Ionic Security​ Colin McRae of Ionic Security​ Ryan Speers of Ionic Security​
https://www.linkedin.com/in/jonathan-burns-a92139167,https://www.ionic.com,https://www.linkedin.com/in/colin-mcrae-12920017,https://www.ionic.com,https://www.linkedin.com/in/rmspeers,https://www.ionic.com


CVE-2018-8323 - Microsoft SharePoint Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8323
MITRE
NVD
CVE Title: Microsoft SharePoint Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.

The attacker who successfully exploited the vulnerability could then perform cross-site scripting attacks on affected systems and run script in the security context of the current user. These attacks could allow the attacker to read content that the attacker is not authorized to read, use the victim's identity to take actions on the SharePoint site on behalf of the user, such as change permissions and delete content, and inject malicious content in the browser of the user.

The security update addresses the vulnerability by helping to ensure that SharePoint Server properly sanitizes web requests.


FAQ:

After installing the updates for Microsoft SharePoint, are there any further steps I need to take?

Yes. After installing the updates for any version of SharePoint, customers need to run psconfig.exe. See Why we recommend / require to run the Configuration Wizard also for Security fixes.



Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-07-10T07:00:00    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8323
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft SharePoint Enterprise Server 2013 Service Pack 1 4022235 (Security Update) Important Elevation of Privilege 4018390 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft SharePoint Enterprise Server 2016 4022228 (Security Update) Important Elevation of Privilege 4022173 Base: N/A
Temporal: N/A
Vector: N/A
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8323 Adrian Ivascu


CVE-2018-8326 - Open Source Customization for Active Directory Federation Services XSS Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8326
MITRE
NVD
CVE Title: Open Source Customization for Active Directory Federation Services XSS Vulnerability
Description:

A cross-site-scripting (XSS) vulnerability exists when an open source customization for Microsoft Active Directory Federation Services (AD FS) does not properly sanitize a specially crafted web request to an affected AD FS server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected AD FS server.

The attacker who successfully exploited the vulnerability could then perform cross-site scripting attacks on affected systems and run scripts in the security context of the current user. The attacks could allow the attacker to read content that the attacker is not authorized to read, use the victim's identity to take actions on the AD FS site on behalf of the user, such as change permissions and delete content, and inject malicious content in the browser of the user.

The security update addresses the vulnerability by helping to ensure that the open source customization for AD FS properly sanitizes web requests.


FAQ:

How do I know if I am affected?

Only customers utilizing the Web Customization package on this GitHub repository need to install this update. Microsoft Active Directory Federation Services are not vulnerable.



Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-07-10T07:00:00    

Information published.


Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8326
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Web Customizations for Active Directory Federation Services Release Notes (Security Update) Important Spoofing None Base: N/A
Temporal: N/A
Vector: N/A
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8326 None

CVE-2018-8327 - PowerShell Editor Services Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8327
MITRE
NVD
CVE Title: PowerShell Editor Services Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists in PowerShell Editor Services. An attacker who successfully exploited this vulnerability could execute malicious code on a vulnerable system.

In an attack scenario, an attacker could execute malicious code in a PowerShell Editor Services process.

The update addresses the vulnerability by correcting how PowerShell Editor Services secures local connections.


FAQ:

How do I know if I am affected by this vulnerability?

Please follow the steps documented in the Release Notes.



Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-07-10T07:00:00    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8327
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
PowerShell Editor Services Release Notes (Security Update) Critical Remote Code Execution None Base: N/A
Temporal: N/A
Vector: N/A
Maybe
PowerShell Extension for Visual Studio Code Release Notes (Security Update) Critical Remote Code Execution None Base: N/A
Temporal: N/A
Vector: N/A
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8327 Ryan Cumbee (Casaba Security, LLC) & Cory Carson (Casaba Security, LLC) under contract for Microsoft at the time.


CVE-2018-8125 - Microsoft Edge Memory Corruption Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8125
MITRE
NVD
CVE Title: Microsoft Edge Memory Corruption Vulnerability
Description:

A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

An attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge, and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements by adding specially crafted content that could exploit the vulnerability. In all cases, however, an attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by way of enticement in an email or Instant Messenger message, or by getting them to open an attachment sent through email.

The security update addresses the vulnerability by modifying how Microsoft Edge handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-07-10T07:00:00    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely N/A Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8125
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft Edge on Windows 10 for 32-bit Systems 4338829 (Security Update) Important Remote Code Execution 4284860 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O
Yes
Microsoft Edge on Windows 10 for x64-based Systems 4338829 (Security Update) Important Remote Code Execution 4284860 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O
Yes
Microsoft Edge on Windows 10 Version 1607 for 32-bit Systems 4338814 (Security Update) Important Remote Code Execution 4284880 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O
Yes
Microsoft Edge on Windows 10 Version 1607 for x64-based Systems 4338814 (Security Update) Important Remote Code Execution 4284880 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O
Yes
Microsoft Edge on Windows 10 Version 1703 for 32-bit Systems 4338826 (Security Update) Important Remote Code Execution 4284874 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O
Yes
Microsoft Edge on Windows 10 Version 1703 for x64-based Systems 4338826 (Security Update) Important Remote Code Execution 4284874 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O
Yes
Microsoft Edge on Windows 10 Version 1709 for 32-bit Systems 4338825 (Security Update) Important Remote Code Execution 4284819 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O
Yes
Microsoft Edge on Windows 10 Version 1709 for x64-based Systems 4338825 (Security Update) Important Remote Code Execution 4284819 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O
Yes
Microsoft Edge on Windows 10 Version 1803 for 32-bit Systems 4338819 (Security Update) Important Remote Code Execution 4284835 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O
Yes
Microsoft Edge on Windows 10 Version 1803 for x64-based Systems 4338819 (Security Update) Important Remote Code Execution 4284835 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O
Yes
Microsoft Edge on Windows Server 2016 4338814 (Security Update) Low Remote Code Execution 4284880 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8125 Debasish Mandal of the McAfee Labs HIPS R&D
https://twitter.com/debasishm89


CVE-2018-8171 - ASP.NET Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8171
MITRE
NVD
CVE Title: ASP.NET Security Feature Bypass Vulnerability
Description:

A Security Feature Bypass vulnerability exists in ASP.NET when the number of incorrect login attempts is not validated.

An attacker who successfully exploited this vulnerability could try an infinite number of authentication attempts.

The update addresses the vulnerability by validating the number of incorrect login attempts.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-07-10T07:00:00    

Information published.


Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely Exploitation Unlikely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8171
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
ASP.NET Core 1.0 Commit (Security Update) Important Security Feature Bypass None Base: N/A
Temporal: N/A
Vector: N/A
Unknown
ASP.NET Core 1.1 Commit (Security Update) Important Security Feature Bypass None Base: N/A
Temporal: N/A
Vector: N/A
Unknown
ASP.NET Core 2.0 Commit (Security Update) Important Security Feature Bypass None Base: N/A
Temporal: N/A
Vector: N/A
Unknown
ASP.NET MVC 5.2 on Microsoft Visual Studio 2013 Update 5 4339279 (Security Update) Important Security Feature Bypass None Base: N/A
Temporal: N/A
Vector: N/A
Maybe
ASP.NET MVC 5.2 on Microsoft Visual Studio 2015 Update 3 4339279 (Security Update) Important Security Feature Bypass None Base: N/A
Temporal: N/A
Vector: N/A
Maybe
ASP.NET Web Pages 3.2.3 on Microsoft Visual Studio 2013 Update 5 4339279 (Security Update) Important Security Feature Bypass None Base: N/A
Temporal: N/A
Vector: N/A
Maybe
ASP.NET Web Pages 3.2.3 on Microsoft Visual Studio 2015 Update 3 4339279 (Security Update) Important Security Feature Bypass None Base: N/A
Temporal: N/A
Vector: N/A
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8171 Martin Knafve
https://www.linkedin.com/in/martin-knafve-99187a2/


CVE-2018-8238 - Skype for Business and Lync Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8238
MITRE
NVD
CVE Title: Skype for Business and Lync Security Feature Bypass Vulnerability
Description:

A security feature bypass vulnerability exists when Skype for Business or Lync do not properly parse UNC path links shared via messages. An attacker who successfully exploited the vulnerability could execute arbitrary commands in the context of the logged-in user. The security feature bypass by itself does not allow arbitrary code execution. Instead, an attacker would have to convince users to click a link to a file.

In a file-sharing attack scenario, an attacker could provide a specially-crafted file designed to exploit the vulnerability, and then convince a user to click the link to the file.

The update addresses the vulnerability by correcting how Skype for Business and Lync handle links to UNC paths.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-07-10T07:00:00    

Information published.


Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8238
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft Lync 2013 Service Pack 1 (32-bit) 4022225 (Security Update) Important Security Feature Bypass 4011179 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Lync 2013 Service Pack 1 (64-bit) 4022225 (Security Update) Important Security Feature Bypass 4011179 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Skype for Business 2016 (32-bit) 4022221 (Security Update) Important Security Feature Bypass 4011159 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Skype for Business 2016 (64-bit) 4022221 (Security Update) Important Security Feature Bypass 4011159 Base: N/A
Temporal: N/A
Vector: N/A
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8238 Steven Thompson
https://www.linkedin.com/in/steven-thompson-917444102/


CVE-2018-8299 - Microsoft SharePoint Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8299
MITRE
NVD
CVE Title: Microsoft SharePoint Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.

The attacker who successfully exploited the vulnerability could then perform cross-site scripting attacks on affected systems and run script in the security context of the current user. These attacks could allow the attacker to read content that the attacker is not authorized to read, use the victim's identity to take actions on the SharePoint site on behalf of the user, such as change permissions and delete content, and inject malicious content in the browser of the user.

The security update addresses the vulnerability by helping to ensure that SharePoint Server properly sanitizes web requests.


FAQ:

After installing the updates for Microsoft SharePoint, are there any further steps I need to take?

Yes. After installing the updates for any version of SharePoint, customers need to run psconfig.exe. See Why we recommend / require to run the Configuration Wizard also for Security fixes.



Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-07-10T07:00:00    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8299
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft SharePoint Enterprise Server 2013 Service Pack 1 4022235 (Security Update) Important Elevation of Privilege 4018390 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft SharePoint Enterprise Server 2016 4022228 (Security Update) Important Elevation of Privilege 4022173 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft SharePoint Foundation 2013 Service Pack 1 4022243 (Security Update) Important Elevation of Privilege 4022190 Base: N/A
Temporal: N/A
Vector: N/A
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8299 None

CVE-2018-8300 - Microsoft SharePoint Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8300
MITRE
NVD
CVE Title: Microsoft SharePoint Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint server farm account.

Exploitation of this vulnerability requires that a user uploads a specially crafted SharePoint application package to an affected versions of SharePoint.

The security update addresses the vulnerability by correcting how SharePoint checks the source markup of application packages.


FAQ:

After installing the updates for Microsoft SharePoint, are there any further steps I need to take?

Yes. After installing the updates for any version of SharePoint, customers need to run psconfig.exe. See Why we recommend / require to run the Configuration Wizard also for Security fixes.



Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-07-10T07:00:00    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8300
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft SharePoint Enterprise Server 2016 4022228 (Security Update) Important Remote Code Execution 4022173 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft SharePoint Foundation 2013 Service Pack 1 4022243 (Security Update) Important Remote Code Execution 4022190 Base: N/A
Temporal: N/A
Vector: N/A
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8300 Soroush Dalili of NCC Group
https://twitter.com/irsdl,https://www.nccgroup.trust/


CVE-2018-8304 - Windows DNSAPI Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8304
MITRE
NVD
CVE Title: Windows DNSAPI Denial of Service Vulnerability
Description:

A denial of service vulnerability exists in Windows Domain Name System (DNS) DNSAPI.dll when it fails to properly handle DNS responses. An attacker who successfully exploited the vulnerability could cause a system to stop responding. Note that the denial of service condition would not allow an attacker to execute code or to elevate user privileges. However, the denial of service condition could prevent authorized users from using system resources.

To exploit the vulnerability, the attacker would use a malicious DNS server to send corrupted DNS responses to the target.

The update addresses the vulnerability by modifying how Windows DNSAPI.dll handles DNS responses.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-07-10T07:00:00    

Information published.


Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
N/A Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8304
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4338829 (Security Update) Important Denial of Service 4284860 Base: 5.90
Temporal: 5.30
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4338829 (Security Update) Important Denial of Service 4284860 Base: 5.90
Temporal: 5.30
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4338814 (Security Update) Important Denial of Service 4284880 Base: 5.90
Temporal: 5.30
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4338814 (Security Update) Important Denial of Service 4284880 Base: 5.90
Temporal: 5.30
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1703 for 32-bit Systems 4338826 (Security Update) Important Denial of Service 4284874 Base: 5.90
Temporal: 5.30
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1703 for x64-based Systems 4338826 (Security Update) Important Denial of Service 4284874 Base: 5.90
Temporal: 5.30
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4338825 (Security Update) Important Denial of Service 4284819 Base: 5.90
Temporal: 5.30
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4338825 (Security Update) Important Denial of Service 4284819 Base: 5.90
Temporal: 5.30
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 4338823 (Security Only)
4338818 (Monthly Rollup)
Important Denial of Service
4284826
Base: 5.90
Temporal: 5.30
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 4338818 (Monthly Rollup)
4338823 (Security Only)
Important Denial of Service 4284826
Base: 5.90
Temporal: 5.30
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4338815 (Monthly Rollup)
4338824 (Security Only)
Important Denial of Service 4284815
Base: 5.90
Temporal: 5.30
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4338815 (Monthly Rollup)
4338824 (Security Only)
Important Denial of Service 4284815
Base: 5.90
Temporal: 5.30
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4338815 (Monthly Rollup) Important Denial of Service 4284815 Base: 5.90
Temporal: 5.30
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4291391 (Security Update) Important Denial of Service None Base: 5.90
Temporal: 5.30
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4291391 (Security Update) Important Denial of Service None Base: 5.90
Temporal: 5.30
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for Itanium-Based Systems Service Pack 2 4291391 (Security Update) Important Denial of Service None Base: 5.90
Temporal: 5.30
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4291391 (Security Update) Important Denial of Service None Base: 5.90
Temporal: 5.30
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4291391 (Security Update) Important Denial of Service None Base: 5.90
Temporal: 5.30
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 4338818 (Monthly Rollup)
4338823 (Security Only)
Important Denial of Service 4284826
Base: 5.90
Temporal: 5.30
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4338818 (Monthly Rollup)
4338823 (Security Only)
Important Denial of Service 4284826
Base: 5.90
Temporal: 5.30
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4338818 (Monthly Rollup)
4338823 (Security Only)
Important Denial of Service 4284826
Base: 5.90
Temporal: 5.30
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 4338820 (Security Only)
4338830 (Monthly Rollup)
Important Denial of Service
4284855
Base: 5.90
Temporal: 5.30
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4338820 (Security Only)
4338830 (Monthly Rollup)
Important Denial of Service
4284855
Base: 5.90
Temporal: 5.30
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4338815 (Monthly Rollup)
4338824 (Security Only)
Important Denial of Service 4284815
Base: 5.90
Temporal: 5.30
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4338815 (Monthly Rollup)
4338824 (Security Only)
Important Denial of Service 4284815
Base: 5.90
Temporal: 5.30
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 4338814 (Security Update) Important Denial of Service 4284880 Base: 5.90
Temporal: 5.30
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4338814 (Security Update) Important Denial of Service 4284880 Base: 5.90
Temporal: 5.30
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1709 (Server Core Installation) 4338825 (Security Update) Important Denial of Service 4284819 Base: 5.90
Temporal: 5.30
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8304 Nick Freeman


CVE-2018-8305 - Windows Mail Client Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8305
MITRE
NVD
CVE Title: Windows Mail Client Information Disclosure Vulnerability
Description:

An information disclosure vulnerability exists in Windows Mail Client when a message is opened. This vulnerability could potentially result in the disclosure of sensitive information to a malicious site.

To exploit the vulnerability, an attacker would have to send a malicious email to a user and convince the user to open the email. A connection to a remote server could then be automatically initiated, depending on the URL contained in the malicious email, Windows Mail Client could fall back to initiating a web request to a remote server, disclosing the external IP of the user's system.

The security update addresses the vulnerability by correcting how Windows Mail Client processes embedded URLs.


FAQ:

How do I get the update for Mail, Calendar and People for Windows 8.1?

  1. From the Start Screen bring up the Microsoft Store.
  2. Click on the Updates (nn) link.
  3. Look for the Mail, Calendar, and People app icon.
  4. Right click to select and deselect updates to install – selected items are outlined in green with a check mark.
  5. Ensure the Mail, Calendar, and People is selected - highlighted in green with a check mark.
  6. Click the Install button.
  7. The update will then be installed on your device.

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is Personally Identifiable Information (PII).



Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-07-10T07:00:00    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
N/A Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8305
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Mail, Calendar, and People in Windows 8.1 App Store Important Information Disclosure None Base: N/A
Temporal: N/A
Vector: N/A
Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8305 Jens Müller


CVE-2018-8306 - Microsoft Wireless Display Adapter Command Injection Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8306
MITRE
NVD
CVE Title: Microsoft Wireless Display Adapter Command Injection Vulnerability
Description:

A command injection vulnerability exists in the Microsoft Wireless Display Adapter (MWDA) when the Microsoft Wireless Display Adapter does not properly manage user input. For this vulnerability to be exploited, the attacker must be authenticated (logged on) to the target display.

To exploit the vulnerability, an attacker who is connected to the MWDA could send administrative commands to the MWDA, including commands with illegal characters which could cause the MWDA to stop functioning correctly.

The update addresses the vulnerability by modifying how the Microsoft Wireless Display Adapter manages administrative input.


FAQ:

How do I download the firmware for my Microsoft Wireless Display Adapter?

The firmware is downloadable from the Wireless Display Adapter App which is available in the Microsoft App Store. The links in the Affected Products table will take you to the App Store. If the App is already installed, you can launch it from this window. Click on the Firmware tab and click the Download button.



Mitigations:

Workarounds:
None
Revision:
1.0    2018-07-10T07:00:00    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8306
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft Wireless Display Adapter V2 Software Version 2.0.8350 Firmware (Security Update) Important Remote Code Execution None Base: 5.50
Temporal: 5.00
Vector: CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Microsoft Wireless Display Adapter V2 Software Version 2.0.8365 Firmware (Security Update) Important Remote Code Execution None Base: 5.50
Temporal: 5.00
Vector: CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Microsoft Wireless Display Adapter V2 Software Version 2.0.8372 Firmware (Security Update) Important Remote Code Execution None Base: 5.50
Temporal: 5.00
Vector: CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8306 Simon Winter of Aalen University
https://www.xing.com/profile/Simon_Winter17/,https://www.hs-aalen.de/en


Tobias Glemser of secuvera GmbH
https://www.secuvera.de


CVE-2018-8307 - WordPad Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8307
MITRE
NVD
CVE Title: WordPad Security Feature Bypass Vulnerability
Description:

A security feature bypass vulnerability exists when Microsoft WordPad improperly handles embedded OLE objects. An attacker who successfully exploited the vulnerability could bypass content blocking.

In a file-sharing attack scenario, an attacker could provide a specially crafted document file designed to exploit the vulnerability, and then convince a user to open the document file.

The security update addresses the vulnerability by correcting how Microsoft WordPad handles input.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-07-10T07:00:00    

Information published.


Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8307
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4338829 (Security Update) Important Security Feature Bypass 4284860 Base: 5.30
Temporal: 4.80
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4338829 (Security Update) Important Security Feature Bypass 4284860 Base: 5.30
Temporal: 4.80
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4338814 (Security Update) Important Security Feature Bypass 4284880 Base: 5.30
Temporal: 4.80
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4338814 (Security Update) Important Security Feature Bypass 4284880 Base: 5.30
Temporal: 4.80
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1703 for 32-bit Systems 4338826 (Security Update) Important Security Feature Bypass 4284874 Base: 5.30
Temporal: 4.80
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1703 for x64-based Systems 4338826 (Security Update) Important Security Feature Bypass 4284874 Base: 5.30
Temporal: 4.80
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4338825 (Security Update) Important Security Feature Bypass 4284819 Base: 5.30
Temporal: 4.80
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4338825 (Security Update) Important Security Feature Bypass 4284819 Base: 5.30
Temporal: 4.80
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4338819 (Security Update) Important Security Feature Bypass 4284835 Base: 5.30
Temporal: 4.80
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4338819 (Security Update) Important Security Feature Bypass 4284835 Base: 5.30
Temporal: 4.80
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 4338823 (Security Only)
4338818 (Monthly Rollup)
Important Security Feature Bypass
4284826
Base: 5.30
Temporal: 4.80
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 4338818 (Monthly Rollup)
4338823 (Security Only)
Important Security Feature Bypass 4284826
Base: 5.30
Temporal: 4.80
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4338815 (Monthly Rollup)
4338824 (Security Only)
Important Security Feature Bypass 4284815
Base: 5.30
Temporal: 4.80
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4338815 (Monthly Rollup)
4338824 (Security Only)
Important Security Feature Bypass 4284815
Base: 5.30
Temporal: 4.80
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4338815 (Monthly Rollup) Important Security Feature Bypass 4284815 Base: 5.30
Temporal: 4.80
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4339291 (Security Update) Important Security Feature Bypass None Base: 5.30
Temporal: 4.80
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4339291 (Security Update) Important Security Feature Bypass None Base: 5.30
Temporal: 4.80
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows Server 2008 for Itanium-Based Systems Service Pack 2 4339291 (Security Update) Important Security Feature Bypass None Base: 5.30
Temporal: 4.80
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4339291 (Security Update) Important Security Feature Bypass None Base: 5.30
Temporal: 4.80
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4339291 (Security Update) Important Security Feature Bypass None Base: 5.30
Temporal: 4.80
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 4338818 (Monthly Rollup)
4338823 (Security Only)
Important Security Feature Bypass 4284826
Base: 5.30
Temporal: 4.80
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4338818 (Monthly Rollup)
4338823 (Security Only)
Important Security Feature Bypass 4284826
Base: 5.30
Temporal: 4.80
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4338818 (Monthly Rollup)
4338823 (Security Only)
Important Security Feature Bypass 4284826
Base: 5.30
Temporal: 4.80
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows Server 2012 4338820 (Security Only)
4338830 (Monthly Rollup)
Important Security Feature Bypass
4284855
Base: 5.30
Temporal: 4.80
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4338820 (Security Only)
4338830 (Monthly Rollup)
Important Security Feature Bypass
4284855
Base: 5.30
Temporal: 4.80
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4338815 (Monthly Rollup)
4338824 (Security Only)
Important Security Feature Bypass 4284815
Base: 5.30
Temporal: 4.80
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4338815 (Monthly Rollup)
4338824 (Security Only)
Important Security Feature Bypass 4284815
Base: 5.30
Temporal: 4.80
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows Server 2016 4338814 (Security Update) Important Security Feature Bypass 4284880 Base: 5.30
Temporal: 4.80
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4338814 (Security Update) Important Security Feature Bypass 4284880 Base: 5.30
Temporal: 4.80
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows Server, version 1709 (Server Core Installation) 4338825 (Security Update) Important Security Feature Bypass 4284819 Base: 5.30
Temporal: 4.80
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes
Windows Server, version 1803 (Server Core Installation) 4338819 (Security Update) Important Security Feature Bypass 4284835 Base: 5.30
Temporal: 4.80
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8307 Eduardo Braun Prado working with Trend Micro's Zero Day Initiative
http://www.zerodayinitiative.com/


CVE-2018-8308 - Windows Kernel Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8308
MITRE
NVD
CVE Title: Windows Kernel Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application to take control of an affected system.

The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-07-10T07:00:00    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8308
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4338829 (Security Update) Important Elevation of Privilege 4284860 Base: 6.60
Temporal: 5.90
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4338829 (Security Update) Important Elevation of Privilege 4284860 Base: 6.60
Temporal: 5.90
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4338814 (Security Update) Important Elevation of Privilege 4284880 Base: 6.60
Temporal: 5.90
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4338814 (Security Update) Important Elevation of Privilege 4284880 Base: 6.60
Temporal: 5.90
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1703 for 32-bit Systems 4338826 (Security Update) Important Elevation of Privilege 4284874 Base: 6.60
Temporal: 5.90
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1703 for x64-based Systems 4338826 (Security Update) Important Elevation of Privilege 4284874 Base: 6.60
Temporal: 5.90
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4338825 (Security Update) Important Elevation of Privilege 4284819 Base: 6.60
Temporal: 5.90
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4338825 (Security Update) Important Elevation of Privilege 4284819 Base: 6.60
Temporal: 5.90
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4338819 (Security Update) Important Elevation of Privilege 4284835 Base: 6.60
Temporal: 5.90
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4338819 (Security Update) Important Elevation of Privilege 4284835 Base: 6.60
Temporal: 5.90
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 4338823 (Security Only)
4338818 (Monthly Rollup)
Important Elevation of Privilege
4284826
Base: 6.60
Temporal: 5.90
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 4338818 (Monthly Rollup)
4338823 (Security Only)
Important Elevation of Privilege 4284826
Base: 6.60
Temporal: 5.90
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4338815 (Monthly Rollup)
4338824 (Security Only)
Important Elevation of Privilege 4284815
Base: 6.60
Temporal: 5.90
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4338815 (Monthly Rollup)
4338824 (Security Only)
Important Elevation of Privilege 4284815
Base: 6.60
Temporal: 5.90
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4338815 (Monthly Rollup) Important Elevation of Privilege 4284815 Base: 6.60
Temporal: 5.90
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4295656 (Security Update) Important Elevation of Privilege None Base: 6.60
Temporal: 5.90
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4295656 (Security Update) Important Elevation of Privilege None Base: 6.60
Temporal: 5.90
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for Itanium-Based Systems Service Pack 2 4295656 (Security Update) Important Elevation of Privilege None Base: 6.60
Temporal: 5.90
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4295656 (Security Update) Important Elevation of Privilege None Base: 6.60
Temporal: 5.90
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4295656 (Security Update) Important Elevation of Privilege None Base: 6.60
Temporal: 5.90
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 4338818 (Monthly Rollup)
4338823 (Security Only)
Important Elevation of Privilege 4284826
Base: 6.60
Temporal: 5.90
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4338818 (Monthly Rollup)
4338823 (Security Only)
Important Elevation of Privilege 4284826
Base: 6.60
Temporal: 5.90
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4338818 (Monthly Rollup)
4338823 (Security Only)
Important Elevation of Privilege 4284826
Base: 6.60
Temporal: 5.90
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 4338820 (Security Only)
4338830 (Monthly Rollup)
Important Elevation of Privilege
4284855
Base: 6.60
Temporal: 5.90
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4338820 (Security Only)
4338830 (Monthly Rollup)
Important Elevation of Privilege
4284855
Base: 6.60
Temporal: 5.90
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4338815 (Monthly Rollup)
4338824 (Security Only)
Important Elevation of Privilege 4284815
Base: 6.60
Temporal: 5.90
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4338815 (Monthly Rollup)
4338824 (Security Only)
Important Elevation of Privilege 4284815
Base: 6.60
Temporal: 5.90
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 4338814 (Security Update) Important Elevation of Privilege 4284880 Base: 6.60
Temporal: 5.90
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4338814 (Security Update) Important Elevation of Privilege 4284880 Base: 6.60
Temporal: 5.90
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1709 (Server Core Installation) 4338825 (Security Update) Important Elevation of Privilege 4284819 Base: 6.60
Temporal: 5.90
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1803 (Server Core Installation) 4338819 (Security Update) Important Elevation of Privilege 4284835 Base: 6.60
Temporal: 5.90
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8308 None

CVE-2018-8309 - Windows Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8309
MITRE
NVD
CVE Title: Windows Denial of Service Vulnerability
Description:

A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding.

To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to cause a target system to stop responding.

The update addresses the vulnerability by correcting how Windows handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-07-10T07:00:00    

Information published.


Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8309
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4338829 (Security Update) Important Denial of Service 4284860 Base: 5.50
Temporal: 5.00
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4338829 (Security Update) Important Denial of Service 4284860 Base: 5.50
Temporal: 5.00
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4338814 (Security Update) Important Denial of Service 4284880 Base: 5.50
Temporal: 5.00
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4338814 (Security Update) Important Denial of Service 4284880 Base: 5.50
Temporal: 5.00
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1703 for 32-bit Systems 4338826 (Security Update) Important Denial of Service 4284874 Base: 5.50
Temporal: 5.00
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1703 for x64-based Systems 4338826 (Security Update) Important Denial of Service 4284874 Base: 5.50
Temporal: 5.00
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4338825 (Security Update) Important Denial of Service 4284819 Base: 5.50
Temporal: 5.00
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4338825 (Security Update) Important Denial of Service 4284819 Base: 5.50
Temporal: 5.00
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4338819 (Security Update) Important Denial of Service 4284835 Base: 5.50
Temporal: 5.00
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4338819 (Security Update) Important Denial of Service 4284835 Base: 5.50
Temporal: 5.00
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 4338823 (Security Only)
4338818 (Monthly Rollup)
Important Denial of Service
4284826
Base: 5.50
Temporal: 5.00
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 4338818 (Monthly Rollup)
4338823 (Security Only)
Important Denial of Service 4284826
Base: 5.50
Temporal: 5.00
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4338815 (Monthly Rollup)
4338824 (Security Only)
Important Denial of Service 4284815
Base: 5.50
Temporal: 5.00
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4338815 (Monthly Rollup)
4338824 (Security Only)
Important Denial of Service 4284815
Base: 5.50
Temporal: 5.00
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4338815 (Monthly Rollup) Important Denial of Service 4284815 Base: 5.50
Temporal: 5.00
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4340583 (Security Update) Important Denial of Service 4093478 Base: 5.50
Temporal: 5.00
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4340583 (Security Update) Important Denial of Service 4093478 Base: 5.50
Temporal: 5.00
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for Itanium-Based Systems Service Pack 2 4340583 (Security Update) Important Denial of Service 4093478 Base: 5.50
Temporal: 5.00
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4340583 (Security Update) Important Denial of Service 4093478 Base: 5.50
Temporal: 5.00
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4340583 (Security Update) Important Denial of Service 4093478 Base: 5.50
Temporal: 5.00
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 4338818 (Monthly Rollup)
4338823 (Security Only)
Important Denial of Service 4284826
Base: 5.50
Temporal: 5.00
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4338818 (Monthly Rollup)
4338823 (Security Only)
Important Denial of Service 4284826
Base: 5.50
Temporal: 5.00
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4338818 (Monthly Rollup)
4338823 (Security Only)
Important Denial of Service 4284826
Base: 5.50
Temporal: 5.00
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 4338820 (Security Only)
4338830 (Monthly Rollup)
Important Denial of Service
4284855
Base: 5.50
Temporal: 5.00
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4338820 (Security Only)
4338830 (Monthly Rollup)
Important Denial of Service
4284855
Base: 5.50
Temporal: 5.00
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4338815 (Monthly Rollup)
4338824 (Security Only)
Important Denial of Service 4284815
Base: 5.50
Temporal: 5.00
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4338815 (Monthly Rollup)
4338824 (Security Only)
Important Denial of Service 4284815
Base: 5.50
Temporal: 5.00
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 4338814 (Security Update) Important Denial of Service 4284880 Base: 5.50
Temporal: 5.00
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4338814 (Security Update) Important Denial of Service 4284880 Base: 5.50
Temporal: 5.00
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1709 (Server Core Installation) 4338825 (Security Update) Important Denial of Service 4284819 Base: 5.50
Temporal: 5.00
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1803 (Server Core Installation) 4338819 (Security Update) Important Denial of Service 4284835 Base: 5.50
Temporal: 5.00
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8309 Axel Souchet (@0vercl0k) of MSRC Vulnerabilities and Mitigations Team
https://twitter.com/0vercl0k


CVE-2018-8310 - Microsoft Office Tampering Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8310
MITRE
NVD
CVE Title: Microsoft Office Tampering Vulnerability
Description:

A tampering vulnerability exists when Microsoft Outlook does not properly handle specific attachment types when rendering HTML emails. An attacker could exploit the vulnerability by sending a specially crafted email and attachment to a victim, or by hosting a malicious .eml file on a web server.

The attacker who successfully exploited the vulnerability could then embed untrusted TrueType fonts in the body of an email. This behavior could be combined with other exploits to further compromise a user's system.

The security update addresses the vulnerability by correcting how Microsoft Outlook handles attachments.


FAQ:

I have Microsoft Word 2010 installed. Why am I not being offered the 4022200 update?

The 4022200 update only applies to systems running specific configurations of Microsoft Office 2010. Some configurations will not be offered the update.

I am being offered this update for software that is not specifically indicated as being affected in the Affected Software and Vulnerability Severity Ratings table. Why am I being offered this update?

When updates address vulnerable code that exists in a component that is shared between multiple Microsoft Office products or shared between multiple versions of the same Microsoft Office product, the update is considered to be applicable to all supported products and versions that contain the vulnerable component.

For example, when an update applies to Microsoft Office 2007 products, only Microsoft Office 2007 may be specifically listed in the Affected Software table. However, the update could apply to Microsoft Word 2007, Microsoft Excel 2007, Microsoft Visio 2007, Microsoft Compatibility Pack, Microsoft Excel Viewer, or any other Microsoft Office 2007 product that is not specifically listed in the Affected Software table. Furthermore, when an update applies to Microsoft Office 2010 products, only Microsoft Office 2010 may be specifically listed in the Affected Software table. However, the update could apply to Microsoft Word 2010, Microsoft Excel 2010, Microsoft Visio 2010, Microsoft Visio Viewer, or any other Microsoft Office 2010 product that is not specifically listed in the Affected Software table.

For more information on this behavior and recommended actions, see Microsoft Knowledge Base Article 830335. For a list of Microsoft Office products that an update may apply to, refer to the Microsoft Knowledge Base Article associated with the specific update.



Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-07-10T07:00:00    

Information published.


Low Tampering

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8310
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft Office 2010 Service Pack 2 (32-bit editions) 4022200 (Security Update) Low Tampering 4022139 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Office 2010 Service Pack 2 (64-bit editions) 4022200 (Security Update) Low Tampering 4022139 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Office 2016 Click-to-Run (C2R) for 32-bit editions Click to Run (Security Update) Low Tampering None Base: N/A
Temporal: N/A
Vector: N/A
No
Microsoft Office 2016 Click-to-Run (C2R) for 64-bit editions Click to Run (Security Update) Low Tampering None Base: N/A
Temporal: N/A
Vector: N/A
No
Microsoft Word 2010 Service Pack 2 (32-bit editions) 4022202 (Security Update) Low Tampering 4022141 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Word 2010 Service Pack 2 (64-bit editions) 4022202 (Security Update) Low Tampering 4022141 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Word 2013 RT Service Pack 1 4022224 (Security Update) Low Tampering 4018396 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Word 2013 Service Pack 1 (32-bit editions) 4022224 (Security Update) Low Tampering 4018396 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Word 2013 Service Pack 1 (64-bit editions) 4022224 (Security Update) Low Tampering 4018396 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Word 2016 (32-bit edition) 4022218 (Security Update) Low Tampering 4018383 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Word 2016 (64-bit edition) 4022218 (Security Update) Low Tampering 4018383 Base: N/A
Temporal: N/A
Vector: N/A
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8310 Jonathan Birch of Microsoft Corporation
https://www.linkedin.com/in/jonathan-birch-ab27681/


CVE-2018-8311 - Remote Code Execution Vulnerability in Skype For Business and Lync

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8311
MITRE
NVD
CVE Title: Remote Code Execution Vulnerability in Skype For Business and Lync
Description:

A remote code execution vulnerability exists when Skype for Business and Microsoft Lync clients fail to properly sanitize specially crafted content. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, the attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

An attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge, and then convince a user to view the website. The attacker could also take advantage of compromised websites, or websites that accept or host user-provided content or advertisements, by adding specially crafted content that could exploit the vulnerability. In all cases, however, an attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically via an enticement in email or instant message, or by getting them to open an email attachment.

The security update addresses the vulnerability by modifying how Skype for Business and Lync clients sanitize content.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-07-10T07:00:00    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8311
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft Lync 2013 Service Pack 1 (32-bit) 4022225 (Security Update) Important Remote Code Execution 4011179 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Lync 2013 Service Pack 1 (64-bit) 4022225 (Security Update) Important Remote Code Execution 4011179 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Skype for Business 2016 (32-bit) 4022221 (Security Update) Important Remote Code Execution 4011159 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Skype for Business 2016 (64-bit) 4022221 (Security Update) Important Remote Code Execution 4011159 Base: N/A
Temporal: N/A
Vector: N/A
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8311 Ping Fan (Zetta) Ke of Valkyrie-X Security Research Group (VXRL)
https://www.vxrl.hk


CVE-2018-8312 - Microsoft Access Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8312
MITRE
NVD
CVE Title: Microsoft Access Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists when Microsoft Access fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

To exploit the vulnerability, an attacker could provide a specially crafted document file designed to exploit the vulnerability and then convince a user to open the document file.

The security update addresses the vulnerability by correcting how Microsoft Access handles objects in the memory.


FAQ:

I am being offered this update for software that is not specifically indicated as being affected in the Affected Software and Vulnerability Severity Ratings table. Why am I being offered this update?

When updates address vulnerable code that exists in a component that is shared between multiple Microsoft Office products or shared between multiple versions of the same Microsoft Office product, the update is considered to be applicable to all supported products and versions that contain the vulnerable component.

For example, when an update applies to Microsoft Office 2007 products, only Microsoft Office 2007 may be specifically listed in the Affected Software table. However, the update could apply to Microsoft Word 2007, Microsoft Excel 2007, Microsoft Visio 2007, Microsoft Compatibility Pack, Microsoft Excel Viewer, or any other Microsoft Office 2007 product that is not specifically listed in the Affected Software table. Furthermore, when an update applies to Microsoft Office 2010 products, only Microsoft Office 2010 may be specifically listed in the Affected Software table. However, the update could apply to Microsoft Word 2010, Microsoft Excel 2010, Microsoft Visio 2010, Microsoft Visio Viewer, or any other Microsoft Office 2010 product that is not specifically listed in the Affected Software table.

For more information on this behavior and recommended actions, see Microsoft Knowledge Base Article 830335. For a list of Microsoft Office products that an update may apply to, refer to the Microsoft Knowledge Base Article associated with the specific update.



Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-07-10T07:00:00    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8312
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft Access 2013 Service Pack 1 (32-bit editions) 4018351 (Security Update) Important Remote Code Execution 4011234 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Access 2013 Service Pack 1 (64-bit editions) 4018351 (Security Update) Important Remote Code Execution 4011234 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Access 2016 (32-bit edition) 4018338 (Security Update) Important Remote Code Execution 4011665 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Access 2016 (64-bit edition) 4018338 (Security Update) Important Remote Code Execution 4011665 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Office 2016 Click-to-Run (C2R) for 32-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: N/A
Temporal: N/A
Vector: N/A
No
Microsoft Office 2016 Click-to-Run (C2R) for 64-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: N/A
Temporal: N/A
Vector: N/A
No

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8312 Vladislav Stolyarov of Kaspersky Lab
https://www.kaspersky.com/


ADV180017 - July 2018 Adobe Flash Security Update

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
ADV180017
MITRE
NVD
CVE Title: July 2018 Adobe Flash Security Update
Description:

This security update addresses the following vulnerabilities, which are described in Adobe Security Bulletin APSB18-24: CVE-2018-5007, CVE-2018-5008.


FAQ:

How could an attacker exploit these vulnerabilities? In a web-based attack scenario where the user is using Internet Explorer for the desktop, an attacker could host a specially crafted website that is designed to exploit any of these vulnerabilities through Internet Explorer and then convince a user to view the website. An attacker could also embed an ActiveX control marked "safe for initialization" in an application or Microsoft Office document that hosts the IE rendering engine. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit any of these vulnerabilities. In all cases, however, an attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by clicking a link in an email message or in an Instant Messenger message that takes users to the attacker's website, or by opening an attachment sent through email.

In a web-based attack scenario where the user is using Internet Explorer in the Windows 8-style UI, an attacker would first need to compromise a website already listed in the Compatibility View (CV) list. An attacker could then host a website that contains specially crafted Flash content designed to exploit any of these vulnerabilities through Internet Explorer and then convince a user to view the website. An attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by clicking a link in an email message or in an Instant Messenger message that takes users to the attacker's website, or by opening an attachment sent through email. For more information about Internet Explorer and the CV List, please see the MSDN Article, Developer Guidance for websites with content for Adobe Flash Player in Windows 8.



Mitigations:

Workarounds:

Workaround refers to a setting or configuration change that would help block known attack vectors before you apply the update.

Prevent Adobe Flash Player from running You can disable attempts to instantiate Adobe Flash Player in Internet Explorer and other applications that honor the kill bit feature, such as Office 2007 and Office 2010, by setting the kill bit for the control in the registry.

Warning If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. Use Registry Editor at your own risk. To set the kill bit for the control in the registry, perform the following steps:

  1. Paste the following into a text file and save it with the .reg file extension.

     Windows Registry Editor Version 5.00
     [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{D27CDB6E-AE6D-11CF-96B8-444553540000}]
     "Compatibility Flags"=dword:00000400
    
     [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{D27CDB6E-AE6D-11CF-96B8-444553540000}]
     "Compatibility Flags"=dword:00000400
    
  2. Double-click the .reg file to apply it to an individual system.

    You can also apply this workaround across domains by using Group Policy. For more information about Group Policy, see the TechNet article, Group Policy collection.

Note You must restart Internet Explorer for your changes to take effect. Impact of workaround. There is no impact as long as the object is not intended to be used in Internet Explorer. How to undo the workaround. Delete the registry keys that were added in implementing this workaround. Prevent Adobe Flash Player from running in Internet Explorer through Group Policy Note The Group Policy MMC snap-in can be used to set policy for a machine, for an organizational unit, or for an entire domain. For more information about Group Policy, visit the following Microsoft Web sites:

Group Policy Overview What is Group Policy Object Editor? Core Group Policy tools and settings

To disable Adobe Flash Player in Internet Explorer through Group Policy, perform the following steps: Note This workaround does not prevent Flash from being invoked from other applications, such as Microsoft Office 2007 or Microsoft Office 2010.

  1. Open the Group Policy Management Console and configure the console to work with the appropriate Group Policy object, such as local machine, OU, or domain GPO.
  2. Navigate to the following node: Administrative Templates -> Windows Components -> Internet Explorer -> Security Features -> Add-on Management
  3. Double-click Turn off Adobe Flash in Internet Explorer and prevent applications from using Internet Explorer technology to instantiate Flash objects.
  4. Change the setting to Enabled.
  5. Click Apply and then click OK to return to the Group Policy Management Console.
  6. Refresh Group Policy on all systems or wait for the next scheduled Group Policy refresh interval for the settings to take effect. Prevent Adobe Flash Player from running in Office 2010 on affected systems Note This workaround does not prevent Adobe Flash Player from running in Internet Explorer. Warning If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. Use Registry Editor at your own risk. For detailed steps that you can use to prevent a control from running in Internet Explorer, see Microsoft Knowledge Base Article 240797. Follow the steps in the article to create a Compatibility Flags value in the registry to prevent a COM object from being instantiated in Internet Explorer.

To disable Adobe Flash Player in Office 2010 only, set the kill bit for the ActiveX control for Adobe Flash Player in the registry using the following steps:

  1. Create a text file named Disable_Flash.reg with the following contents:
		[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Common\COM\Compatibility\{D27CDB6E-AE6D-11CF-96B8-444553540000}]
	"Compatibility Flags"=dword:00000400
  1. Double-click the .reg file to apply it to an individual system.
  2. Note You must restart Internet Explorer for your changes to take effect. You can also apply this workaround across domains by using Group Policy. For more information about Group Policy, see the TechNet article, Group Policy collection. Prevent ActiveX controls from running in Office 2007 and Office 2010

To disable all ActiveX controls in Microsoft Office 2007 and Microsoft Office 2010, including Adobe Flash Player in Internet Explorer, perform the following steps:

  1. Click File, click Options, click Trust Center, and then click Trust Center Settings.
  2. Click ActiveX Settings in the left-hand pane, and then select Disable all controls without notifications.
  3. Click OK to save your settings. Impact of workaround. Office documents that use embedded ActiveX controls may not display as intended. How to undo the workaround.

To re-enable ActiveX controls in Microsoft Office 2007 and Microsoft Office 2010, perform the following steps:

  1. Click File, click Options, click Trust Center, and then click Trust Center Settings.
  2. Click ActiveX Settings in the left-hand pane, and then deselect Disable all controls without notifications.
  3. Click OK to save your settings. Set Internet and Local intranet security zone settings to "High" to block ActiveX Controls and Active Scripting in these zones You can help protect against exploitation of these vulnerabilities by changing your settings for the Internet security zone to block ActiveX controls and Active Scripting. You can do this by setting your browser security to High.

To raise the browsing security level in Internet Explorer, perform the following steps:

  1. On the Internet Explorer Tools menu, click** Internet Option**s.
  2. In the Internet Options dialog box, click the Security tab, and then click Internet.
  3. Under Security level for this zone, move the slider to High. This sets the security level for all websites you visit to High.
  4. Click Local intranet.
  5. Under Security level for this zone, move the slider to High. This sets the security level for all websites you visit to High.
  6. Click OK to accept the changes and return to Internet Explorer. Note If no slider is visible, click Default Level, and then move the slider to High. Note Setting the level to High may cause some websites to work incorrectly. If you have difficulty using a website after you change this setting, and you are sure the site is safe to use, you can add that site to your list of trusted sites. This will allow the site to work correctly even with the security setting set to High. Impact of workaround. There are side effects to blocking ActiveX Controls and Active Scripting. Many websites on the Internet or an intranet use ActiveX or Active Scripting to provide additional functionality. For example, an online e-commerce site or banking site may use ActiveX Controls to provide menus, ordering forms, or even account statements. Blocking ActiveX Controls or Active Scripting is a global setting that affects all Internet and intranet sites. If you do not want to block ActiveX Controls or Active Scripting for such sites, use the steps outlined in "Add sites that you trust to the Internet Explorer Trusted sites zone". Configure Internet Explorer to prompt before running Active Scripting or to disable Active Scripting in the Internet and Local intranet security zone

You can help protect against exploitation of these vulnerabilities by changing your settings to prompt before running Active Scripting or to disable Active Scripting in the Internet and Local intranet security zone. To do this, perform the following steps:

  1. In Internet Explorer, click Internet Options on the Tools menu.
  2. Click the Security tab.
  3. Click Internet, and then click Custom Level.
  4. Under Settings, in the Scripting section, under Active Scripting, click Prompt or Disable, and then click OK.
  5. Click Local intranet, and then click Custom Level.
  6. Under Settings, in the Scripting section, under Active Scripting, click Prompt or Disable, and then click OK.
  7. Click OK to return to Internet Explorer, and then click OK again. Note Disabling Active Scripting in the Internet and Local intranet security zones may cause some websites to work incorrectly. If you have difficulty using a website after you change this setting, and you are sure the site is safe to use, you can add that site to your list of trusted sites. This will allow the site to work correctly. Impact of workaround. There are side effects to prompting before running Active Scripting. Many websites that are on the Internet or on an intranet use Active Scripting to provide additional functionality. For example, an online e-commerce site or banking site may use Active Scripting to provide menus, ordering forms, or even account statements. Prompting before running Active Scripting is a global setting that affects all Internet and intranet sites. You will be prompted frequently when you enable this workaround. For each prompt, if you feel you trust the site that you are visiting, click Yes to run Active Scripting. If you do not want to be prompted for all these sites, use the steps outlined in "Add sites that you trust to the Internet Explorer Trusted sites zone". Add sites that you trust to the Internet Explorer Trusted sites zone After you set Internet Explorer to require a prompt before it runs ActiveX controls and Active Scripting in the Internet zone and in the Local intranet zone, you can add sites that you trust to the Internet Explorer Trusted sites zone. This will allow you to continue to use trusted websites exactly as you do today, while helping to protect you from this attack on untrusted sites. We recommend that you add only sites that you trust to the Trusted sites zone.

To do this, perform the following steps:

  1. In Internet Explorer, click Tools, click Internet Options, and then click the Security tab.
  2. In the Select a web content zone to specify its current security settings box, click Trusted Sites, and then click Sites.
  3. If you want to add sites that do not require an encrypted channel, click to clear the Require server verification (https:) for all sites in this zone check box.
  4. In the Add this website to the zone box, type the URL of a site that you trust, and then click Add.
  5. Repeat these steps for each site that you want to add to the zone.
  6. Click OK two times to accept the changes and return to Internet Explorer. Note Add any sites that you trust not to take malicious action on your system. Two sites in particular that you may want to add are *.windowsupdate.microsoft.com and *.update.microsoft.com. These are the sites that will host the update, and they require an ActiveX control to install the update.

Revision:
1.0    2018-07-10T07:00:00    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

ADV180017
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Adobe Flash Player on Windows 10 for 32-bit Systems 4338832 (Security Update) Important Remote Code Execution 4103729 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Adobe Flash Player on Windows 10 for x64-based Systems 4338832 (Security Update) Important Remote Code Execution 4103729 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Adobe Flash Player on Windows 10 Version 1607 for 32-bit Systems 4338832 (Security Update) Important Remote Code Execution 4103729 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Adobe Flash Player on Windows 10 Version 1607 for x64-based Systems 4338832 (Security Update) Important Remote Code Execution 4103729 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Adobe Flash Player on Windows 10 Version 1703 for 32-bit Systems 4338832 (Security Update) Important Remote Code Execution 4103729 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Adobe Flash Player on Windows 10 Version 1703 for x64-based Systems 4338832 (Security Update) Important Remote Code Execution 4103729 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Adobe Flash Player on Windows 10 Version 1709 for 32-bit Systems 4338832 (Security Update) Important Remote Code Execution 4103729 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Adobe Flash Player on Windows 10 Version 1709 for x64-based Systems 4338832 (Security Update) Important Remote Code Execution 4103729 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Adobe Flash Player on Windows 10 Version 1803 for 32-bit Systems 4338832 (Security Update) Important Remote Code Execution 4103729 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Adobe Flash Player on Windows 10 Version 1803 for x64-based Systems 4338832 (Security Update) Important Remote Code Execution 4103729 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Adobe Flash Player on Windows 8.1 for 32-bit systems 4338832 (Security Update) Important Remote Code Execution 4103729 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Adobe Flash Player on Windows 8.1 for x64-based systems 4338832 (Security Update) Important Remote Code Execution 4103729 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Adobe Flash Player on Windows RT 8.1 4338832 (Security Update) Important Remote Code Execution 4103729 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Adobe Flash Player on Windows Server 2012 4338832 (Security Update) Important Remote Code Execution 4103729 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Adobe Flash Player on Windows Server 2012 R2 4338832 (Security Update) Important Remote Code Execution 4103729 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Adobe Flash Player on Windows Server 2016 4338832 (Security Update) Important Remote Code Execution 4103729 Base: N/A
Temporal: N/A
Vector: N/A
Yes

Acknowledgements

CVE ID Acknowledgements
ADV180017 None

CVE-2018-8314 - Windows Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8314
MITRE
NVD
CVE Title: Windows Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists when Windows fails a check, allowing a sandbox escape. An attacker who successfully exploited the vulnerability could use the sandbox escape to elevate privileges on an affected system.

This vulnerability by itself does not allow arbitrary code execution. However, the vulnerability could allow arbitrary code to run if an attacker uses it in combination with another vulnerability, such as a remote code execution vulnerability or another elevation of privilege vulnerability, that can leverage the elevated privileges when code execution is attempted.

The security update addresses the vulnerability by correcting how Windows file picker handles paths.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-07-10T07:00:00    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
N/A Exploitation More Likely Not Applicable Yes No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8314
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4338829 (Security Update) Important Elevation of Privilege 4284860 Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4338829 (Security Update) Important Elevation of Privilege 4284860 Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 4338823 (Security Only)
4338818 (Monthly Rollup)
Important Elevation of Privilege
4284826
Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 4338818 (Monthly Rollup)
4338823 (Security Only)
Important Elevation of Privilege 4284826
Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4338815 (Monthly Rollup)
4338824 (Security Only)
Important Elevation of Privilege 4284815
Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4338815 (Monthly Rollup)
4338824 (Security Only)
Important Elevation of Privilege 4284815
Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4338815 (Monthly Rollup) Important Elevation of Privilege 4284815 Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4339503 (Security Update) Important Elevation of Privilege None Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4339503 (Security Update) Important Elevation of Privilege None Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for Itanium-Based Systems Service Pack 2 4339503 (Security Update) Important Elevation of Privilege None Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4339503 (Security Update) Important Elevation of Privilege None Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4339503 (Security Update) Important Elevation of Privilege None Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 4338818 (Monthly Rollup)
4338823 (Security Only)
Important Elevation of Privilege 4284826
Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4338818 (Monthly Rollup)
4338823 (Security Only)
Important Elevation of Privilege 4284826
Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4338818 (Monthly Rollup)
4338823 (Security Only)
Important Elevation of Privilege 4284826
Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 4338830 (Monthly Rollup) Important Elevation of Privilege 4284855 Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4338830 (Monthly Rollup) Important Elevation of Privilege 4284855 Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4338815 (Monthly Rollup)
4338824 (Security Only)
Important Elevation of Privilege 4284815
Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4338815 (Monthly Rollup)
4338824 (Security Only)
Important Elevation of Privilege 4284815
Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8314 None

CVE-2018-8324 - Microsoft Edge Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8324
MITRE
NVD
CVE Title: Microsoft Edge Information Disclosure Vulnerability
Description:

An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.

To exploit the vulnerability, in a web-based attack scenario, an attacker could host a website in an attempt to exploit the vulnerability. In addition, compromised websites and websites that accept or host user-provided content could contain specially crafted content that could exploit the vulnerability. However, in all cases an attacker would have no way to force a user to view the attacker-controlled content. Instead, an attacker would have to convince a user to take action. For example, an attacker could trick a user into clicking a link that takes the user to the attacker's site.

The update addresses the vulnerability by modifying how Microsoft Edge handles objects in memory.


FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory.



Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-07-10T07:00:00    

Information published.


Critical Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely N/A Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8324
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft Edge on Windows 10 Version 1703 for 32-bit Systems 4338826 (Security Update) Critical Information Disclosure 4284874 Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1703 for x64-based Systems 4338826 (Security Update) Critical Information Disclosure 4284874 Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1709 for 32-bit Systems 4338825 (Security Update) Critical Information Disclosure 4284819 Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1709 for x64-based Systems 4338825 (Security Update) Critical Information Disclosure 4284819 Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1803 for 32-bit Systems 4338819 (Security Update) Critical Information Disclosure 4284835 Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1803 for x64-based Systems 4338819 (Security Update) Critical Information Disclosure 4284835 Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8324 Jihui Lu of Tencent KeenLab


CVE-2018-8325 - Microsoft Edge Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8325
MITRE
NVD
CVE Title: Microsoft Edge Information Disclosure Vulnerability
Description:

An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.

To exploit the vulnerability, in a web-based attack scenario, an attacker could host a website in an attempt to exploit the vulnerability. In addition, compromised websites and websites that accept or host user-provided content could contain specially crafted content that could exploit the vulnerability. However, in all cases an attacker would have no way to force a user to view the attacker-controlled content. Instead, an attacker would have to convince a user to take action. For example, an attacker could trick a user into clicking a link that takes the user to the attacker's site.

The update addresses the vulnerability by modifying how Microsoft Edge handles objects in memory.


FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory.



Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-07-10T07:00:00    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely N/A Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8325
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft Edge on Windows 10 Version 1803 for 32-bit Systems 4338819 (Security Update) Important Information Disclosure 4284835 Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1803 for x64-based Systems 4338819 (Security Update) Important Information Disclosure 4284835 Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8325 Masato Kinugawa of Cure53​
https://twitter.com/kinugawamasato,https://cure53.de/