Microsoft CVE Summary

This report contains detail for the following vulnerabilities:

Tag CVE ID CVE Title
.NET Core CVE-2018-8416 .NET Core Tampering Vulnerability
Active Directory CVE-2018-8547 Active Directory Federation Services XSS Vulnerability
Adobe Flash Player ADV180025 November 2018 Adobe Flash Security Update
Azure CVE-2018-8600 Azure App Service Cross-site Scripting Vulnerability
BitLocker CVE-2018-8566 BitLocker Security Feature Bypass Vulnerability
Internet Explorer CVE-2018-8570 Internet Explorer Memory Corruption Vulnerability
Microsoft Drivers CVE-2018-8471 Microsoft RemoteFX Virtual GPU miniport driver Elevation of Privilege Vulnerability
Microsoft Dynamics CVE-2018-8605 Microsoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability
Microsoft Dynamics CVE-2018-8607 Microsoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability
Microsoft Dynamics CVE-2018-8606 Microsoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability
Microsoft Dynamics CVE-2018-8609 Microsoft Dynamics 365 (on-premises) version 8 Remote Code Execution Vulnerability
Microsoft Dynamics CVE-2018-8608 Microsoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability
Microsoft Edge CVE-2018-8564 Microsoft Edge Spoofing Vulnerability
Microsoft Edge CVE-2018-8545 Microsoft Edge Information Disclosure Vulnerability
Microsoft Edge CVE-2018-8567 Microsoft Edge Elevation of Privilege Vulnerability
Microsoft Exchange Server CVE-2018-8581 Microsoft Exchange Server Elevation of Privilege Vulnerability
Microsoft Graphics Component CVE-2018-8565 Win32k Information Disclosure Vulnerability
Microsoft Graphics Component CVE-2018-8485 DirectX Elevation of Privilege Vulnerability
Microsoft Graphics Component CVE-2018-8562 Win32k Elevation of Privilege Vulnerability
Microsoft Graphics Component CVE-2018-8553 Microsoft Graphics Components Remote Code Execution Vulnerability
Microsoft Graphics Component CVE-2018-8561 DirectX Elevation of Privilege Vulnerability
Microsoft Graphics Component CVE-2018-8554 DirectX Elevation of Privilege Vulnerability
Microsoft Graphics Component CVE-2018-8563 DirectX Information Disclosure Vulnerability
Microsoft JScript CVE-2018-8417 Microsoft JScript Security Feature Bypass Vulnerability
Microsoft Office CVE-2018-8579 Microsoft Outlook Information Disclosure Vulnerability
Microsoft Office CVE-2018-8577 Microsoft Excel Remote Code Execution Vulnerability
Microsoft Office CVE-2018-8575 Microsoft Project Remote Code Execution Vulnerability
Microsoft Office CVE-2018-8576 Microsoft Outlook Remote Code Execution Vulnerability
Microsoft Office CVE-2018-8522 Microsoft Outlook Remote Code Execution Vulnerability
Microsoft Office CVE-2018-8524 Microsoft Outlook Remote Code Execution Vulnerability
Microsoft Office CVE-2018-8539 Microsoft Word Remote Code Execution Vulnerability
Microsoft Office CVE-2018-8558 Microsoft Outlook Information Disclosure Vulnerability
Microsoft Office CVE-2018-8573 Microsoft Word Remote Code Execution Vulnerability
Microsoft Office CVE-2018-8574 Microsoft Excel Remote Code Execution Vulnerability
Microsoft Office CVE-2018-8582 Microsoft Outlook Remote Code Execution Vulnerability
Microsoft Office SharePoint CVE-2018-8578 Microsoft SharePoint Information Disclosure Vulnerability
Microsoft Office SharePoint CVE-2018-8572 Microsoft SharePoint Elevation of Privilege Vulnerability
Microsoft Office SharePoint CVE-2018-8568 Microsoft SharePoint Elevation of Privilege Vulnerability
Microsoft PowerShell CVE-2018-8256 Microsoft PowerShell Remote Code Execution Vulnerability
Microsoft PowerShell CVE-2018-8415 Microsoft PowerShell Tampering Vulnerability
Microsoft RPC CVE-2018-8407 MSRPC Information Disclosure Vulnerability
Microsoft Scripting Engine CVE-2018-8557 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8552 Windows Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8551 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8556 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8555 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8541 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8542 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8588 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8544 Windows VBScript Engine Remote Code Execution Vulnerability
Microsoft Scripting Engine CVE-2018-8543 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Windows CVE-2018-8592 Windows Elevation Of Privilege Vulnerability
Microsoft Windows ADV180028 Guidance for configuring BitLocker to enforce software encryption
Microsoft Windows CVE-2018-8476 Windows Deployment Services TFTP Server Remote Code Execution Vulnerability
Microsoft Windows CVE-2018-8584 Windows ALPC Elevation of Privilege Vulnerability
Microsoft Windows CVE-2018-8550 Windows COM Elevation of Privilege Vulnerability
Microsoft Windows CVE-2018-8549 Windows Security Feature Bypass Vulnerability
Microsoft Windows Search Component CVE-2018-8450 Windows Search Remote Code Execution Vulnerability
Servicing Stack Updates ADV990001 Latest Servicing Stack Updates
Skype for Business and Microsoft Lync CVE-2018-8546 Microsoft Skype for Business Denial of Service Vulnerability
Team Foundation Server CVE-2018-8602 Team Foundation Server Cross-site Scripting Vulnerability
Windows Audio Service CVE-2018-8454 Windows Audio Service Information Disclosure Vulnerability
Windows Kernel CVE-2018-8589 Windows Win32k Elevation of Privilege Vulnerability
Windows Kernel CVE-2018-8408 Windows Kernel Information Disclosure Vulnerability

CVE-2018-8256 - Microsoft PowerShell Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8256
MITRE
NVD
CVE Title: Microsoft PowerShell Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists when PowerShell improperly handles specially crafted files. An attacker who successfully exploited this vulnerability could execute malicious code on a vulnerable system.

To exploit the vulnerability, an attacker must send a specially crafted file to a vulnerable system.

The security update fixes the vulnerability by ensuring PowerShell properly handles files.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-11-13T08:00:00    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8256
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
PowerShell Core 6.0 Release Notes (Security Update) Important Remote Code Execution None Base: 6.30
Temporal: 6.30
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Yes
PowerShell Core 6.1 Release Notes (Security Update) Important Remote Code Execution None Base: 6.30
Temporal: 6.30
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Yes
Windows 10 for 32-bit Systems 4467680 (Security Update) Important Remote Code Execution 4462922 Base: 6.30
Temporal: 6.30
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Yes
Windows 10 for x64-based Systems 4467680 (Security Update) Important Remote Code Execution 4462922 Base: 6.30
Temporal: 6.30
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Yes
Windows 10 Version 1607 for 32-bit Systems 4467691 (Security Update) Important Remote Code Execution 4462917 Base: 6.30
Temporal: 6.30
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Yes
Windows 10 Version 1607 for x64-based Systems 4467691 (Security Update) Important Remote Code Execution 4462917 Base: 6.30
Temporal: 6.30
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Yes
Windows 10 Version 1703 for 32-bit Systems 4467696 (Security Update) Important Remote Code Execution 4462937 Base: 6.30
Temporal: 6.30
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Yes
Windows 10 Version 1703 for x64-based Systems 4467696 (Security Update) Important Remote Code Execution 4462937 Base: 6.30
Temporal: 6.30
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Yes
Windows 10 Version 1709 for 32-bit Systems 4467686 (Security Update) Important Remote Code Execution 4462918 Base: 6.30
Temporal: 6.30
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Yes
Windows 10 Version 1709 for ARM64-based Systems 4467686 (Security Update) Important Remote Code Execution 4462918 Base: 6.30
Temporal: 6.30
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Yes
Windows 10 Version 1709 for x64-based Systems 4467686 (Security Update) Important Remote Code Execution 4462918 Base: 6.30
Temporal: 6.30
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Yes
Windows 10 Version 1803 for 32-bit Systems 4467702 (Security Update) Important Remote Code Execution 4462919 Base: 6.30
Temporal: 6.30
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Yes
Windows 10 Version 1803 for ARM64-based Systems 4467702 (Security Update) Important Remote Code Execution 4462919 Base: 6.30
Temporal: 6.30
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Yes
Windows 10 Version 1803 for x64-based Systems 4467702 (Security Update) Important Remote Code Execution 4462919 Base: 6.30
Temporal: 6.30
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Yes
Windows 10 Version 1809 for 32-bit Systems 4467708 (Security Update) Important Remote Code Execution 4464330 Base: 6.30
Temporal: 6.30
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Yes
Windows 10 Version 1809 for ARM64-based Systems 4467708 (Security Update) Important Remote Code Execution 4464330 Base: 6.30
Temporal: 6.30
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Yes
Windows 10 Version 1809 for x64-based Systems 4467708 (Security Update) Important Remote Code Execution 4464330 Base: 6.30
Temporal: 6.30
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Yes
Windows 7 for 32-bit Systems Service Pack 1 4467106 (Security Only)
4467107 (Monthly Rollup)
Important Remote Code Execution
4462923
Base: 6.30
Temporal: 6.30
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Yes
Windows 7 for x64-based Systems Service Pack 1 4467106 (Security Only)
4467107 (Monthly Rollup)
Important Remote Code Execution
4462923
Base: 6.30
Temporal: 6.30
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Yes
Windows 8.1 for 32-bit systems 4467703 (Security Only)
4467697 (Monthly Rollup)
Important Remote Code Execution
4462926
Base: 6.30
Temporal: 6.30
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Yes
Windows 8.1 for x64-based systems 4467697 (Monthly Rollup)
4467703 (Security Only)
Important Remote Code Execution 4462926
Base: 6.30
Temporal: 6.30
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Yes
Windows RT 8.1 4467697 (Monthly Rollup) Important Remote Code Execution 4462926 Base: 6.30
Temporal: 6.30
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Yes
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 4467106 (Security Only)
4467107 (Monthly Rollup)
Important Remote Code Execution
4462923
Base: 6.30
Temporal: 6.30
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4467106 (Security Only)
4467107 (Monthly Rollup)
Important Remote Code Execution
4462923
Base: 6.30
Temporal: 6.30
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4467106 (Security Only)
4467107 (Monthly Rollup)
Important Remote Code Execution
4462923
Base: 6.30
Temporal: 6.30
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Yes
Windows Server 2012 4467678 (Security Only)
4467701 (Monthly Rollup)
Important Remote Code Execution
4462929
Base: 6.30
Temporal: 6.30
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Yes
Windows Server 2012 (Server Core installation) 4467678 (Security Only)
4467701 (Monthly Rollup)
Important Remote Code Execution
4462929
Base: 6.30
Temporal: 6.30
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Yes
Windows Server 2012 R2 4467697 (Monthly Rollup)
4467703 (Security Only)
Important Remote Code Execution 4462926
Base: 6.30
Temporal: 6.30
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Yes
Windows Server 2012 R2 (Server Core installation) 4467697 (Monthly Rollup)
4467703 (Security Only)
Important Remote Code Execution 4462926
Base: 6.30
Temporal: 6.30
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Yes
Windows Server 2016 4467691 (Security Update) Important Remote Code Execution 4462917 Base: 6.30
Temporal: 6.30
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Yes
Windows Server 2016 (Server Core installation) 4467691 (Security Update) Important Remote Code Execution 4462917 Base: 6.30
Temporal: 6.30
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Yes
Windows Server 2019 4467708 (Security Update) Important Remote Code Execution 4464330 Base: 6.30
Temporal: 6.30
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Yes
Windows Server 2019 (Server Core installation) 4467708 (Security Update) Important Remote Code Execution 4464330 Base: 6.30
Temporal: 6.30
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Yes
Windows Server, version 1709 (Server Core Installation) 4467686 (Security Update) Important Remote Code Execution 4462918 Base: 6.30
Temporal: 6.30
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Yes
Windows Server, version 1803 (Server Core Installation) 4467702 (Security Update) Important Remote Code Execution 4462919 Base: 6.30
Temporal: 6.30
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8256 Snyk Security Research Team
https://snyk.io


CVE-2018-8407 - MSRPC Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8407
MITRE
NVD
CVE Title: MSRPC Information Disclosure Vulnerability
Description:

An information disclosure vulnerability exists when "Kernel Remote Procedure Call Provider" driver improperly initializes objects in memory.

To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.

The update addresses the vulnerability by correcting how the "Kernel Remote Procedure Call Provider" driver initializes objects in memory.


FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory.



Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-11-13T08:00:00    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8407
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4467680 (Security Update) Important Information Disclosure 4462922 Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows 10 for x64-based Systems 4467680 (Security Update) Important Information Disclosure 4462922 Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows 10 Version 1607 for 32-bit Systems 4467691 (Security Update) Important Information Disclosure 4462917 Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows 10 Version 1607 for x64-based Systems 4467691 (Security Update) Important Information Disclosure 4462917 Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows 10 Version 1703 for 32-bit Systems 4467696 (Security Update) Important Information Disclosure 4462937 Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows 10 Version 1703 for x64-based Systems 4467696 (Security Update) Important Information Disclosure 4462937 Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows 10 Version 1709 for 32-bit Systems 4467686 (Security Update) Important Information Disclosure 4462918 Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows 10 Version 1709 for ARM64-based Systems 4467686 (Security Update) Important Information Disclosure 4462918 Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows 10 Version 1709 for x64-based Systems 4467686 (Security Update) Important Information Disclosure 4462918 Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows 10 Version 1803 for 32-bit Systems 4467702 (Security Update) Important Information Disclosure 4462919 Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows 10 Version 1803 for ARM64-based Systems 4467702 (Security Update) Important Information Disclosure None Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows 10 Version 1803 for x64-based Systems 4467702 (Security Update) Important Information Disclosure 4462919 Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows 10 Version 1809 for 32-bit Systems 4467708 (Security Update) Important Information Disclosure 4464330 Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows 10 Version 1809 for ARM64-based Systems 4467708 (Security Update) Important Information Disclosure 4464330 Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows 10 Version 1809 for x64-based Systems 4467708 (Security Update) Important Information Disclosure 4464330 Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows 7 for 32-bit Systems Service Pack 1 4467106 (Security Only)
4467107 (Monthly Rollup)
Important Information Disclosure
4462923
Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows 7 for x64-based Systems Service Pack 1 4467106 (Security Only)
4467107 (Monthly Rollup)
Important Information Disclosure
4462923
Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows 8.1 for 32-bit systems 4467703 (Security Only)
4467697 (Monthly Rollup)
Important Information Disclosure
4462926
Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows 8.1 for x64-based systems 4467697 (Monthly Rollup)
4467703 (Security Only)
Important Information Disclosure 4462926
Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows RT 8.1 4467697 (Monthly Rollup) Important Information Disclosure 4462926 Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4467700 (Security Only)
4467706 (Monthly Rollup)
Important Information Disclosure
4463097
Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4467700 (Security Only)
4467706 (Monthly Rollup)
Important Information Disclosure
4463097
Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows Server 2008 for Itanium-Based Systems Service Pack 2 4467706 (Monthly Rollup)
4467700 (Security Only)
Important Information Disclosure 4463097
Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4467700 (Security Only)
4467706 (Monthly Rollup)
Important Information Disclosure
4463097
Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4467700 (Security Only)
4467706 (Monthly Rollup)
Important Information Disclosure
4463097
Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 4467106 (Security Only)
4467107 (Monthly Rollup)
Important Information Disclosure
4462923
Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4467106 (Security Only)
4467107 (Monthly Rollup)
Important Information Disclosure
4462923
Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4467106 (Security Only)
4467107 (Monthly Rollup)
Important Information Disclosure
4462923
Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows Server 2012 4467678 (Security Only)
4467701 (Monthly Rollup)
Important Information Disclosure
4462929
Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows Server 2012 (Server Core installation) 4467678 (Security Only)
4467701 (Monthly Rollup)
Important Information Disclosure
4462929
Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows Server 2012 R2 4467697 (Monthly Rollup)
4467703 (Security Only)
Important Information Disclosure 4462926
Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows Server 2012 R2 (Server Core installation) 4467697 (Monthly Rollup)
4467703 (Security Only)
Important Information Disclosure 4462926
Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows Server 2016 4467691 (Security Update) Important Information Disclosure 4462917 Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows Server 2016 (Server Core installation) 4467691 (Security Update) Important Information Disclosure 4462917 Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows Server 2019 4467708 (Security Update) Important Information Disclosure 4464330 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows Server 2019 (Server Core installation) 4467708 (Security Update) Important Information Disclosure 4464330 Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows Server, version 1709 (Server Core Installation) 4467686 (Security Update) Important Information Disclosure 4462918 Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows Server, version 1803 (Server Core Installation) 4467702 (Security Update) Important Information Disclosure 4462919 Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8407 Ruibo Liu of Baidu XLab Tianya Team
http://xlab.baidu.com


CVE-2018-8415 - Microsoft PowerShell Tampering Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8415
MITRE
NVD
CVE Title: Microsoft PowerShell Tampering Vulnerability
Description:

A tampering vulnerability exists in PowerShell that could allow an attacker to execute unlogged code.

To exploit this vulnerability, an attacker would need to log on to the affected system and run a specially crafted application.

The security update addresses the vulnerability by correcting log management of special characters.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-11-13T08:00:00    

Information published.


Important Tampering

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8415
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
PowerShell Core 6.0 Release Notes (Security Update) Important Tampering None Base: N/A
Temporal: N/A
Vector: N/A
Yes
PowerShell Core 6.1 Release Notes (Security Update) Important Tampering None Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows 10 for 32-bit Systems 4467680 (Security Update) Important Tampering 4462922 Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Yes
Windows 10 for x64-based Systems 4467680 (Security Update) Important Tampering 4462922 Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Yes
Windows 10 Version 1607 for 32-bit Systems 4467691 (Security Update) Important Tampering 4462917 Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Yes
Windows 10 Version 1607 for x64-based Systems 4467691 (Security Update) Important Tampering 4462917 Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Yes
Windows 10 Version 1703 for 32-bit Systems 4467696 (Security Update) Important Tampering 4462937 Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Yes
Windows 10 Version 1703 for x64-based Systems 4467696 (Security Update) Important Tampering 4462937 Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Yes
Windows 10 Version 1709 for 32-bit Systems 4467686 (Security Update) Important Tampering 4462918 Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Yes
Windows 10 Version 1709 for ARM64-based Systems 4467686 (Security Update) Important Tampering 4462918 Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Yes
Windows 10 Version 1709 for x64-based Systems 4467686 (Security Update) Important Tampering 4462918 Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Yes
Windows 10 Version 1803 for 32-bit Systems 4467702 (Security Update) Important Tampering 4462919 Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Yes
Windows 10 Version 1803 for ARM64-based Systems 4467702 (Security Update) Important Tampering None Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Yes
Windows 10 Version 1803 for x64-based Systems 4467702 (Security Update) Important Tampering 4462919 Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Yes
Windows 10 Version 1809 for 32-bit Systems 4467708 (Security Update) Important Tampering 4464330 Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Yes
Windows 10 Version 1809 for ARM64-based Systems 4467708 (Security Update) Important Tampering 4464330 Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Yes
Windows 10 Version 1809 for x64-based Systems 4467708 (Security Update) Important Tampering 4464330 Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Yes
Windows 7 for 32-bit Systems Service Pack 1 4467106 (Security Only)
4467107 (Monthly Rollup)
Important Tampering
4462923
Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Yes
Windows 7 for x64-based Systems Service Pack 1 4467106 (Security Only)
4467107 (Monthly Rollup)
Important Tampering
4462923
Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Yes
Windows 8.1 for 32-bit systems 4467703 (Security Only)
4467697 (Monthly Rollup)
Important Tampering
4462926
Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Yes
Windows 8.1 for x64-based systems 4467697 (Monthly Rollup)
4467703 (Security Only)
Important Tampering 4462926
Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Yes
Windows RT 8.1 4467697 (Monthly Rollup) Important Tampering 4462926 Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4467106 (Security Only)
4467107 (Monthly Rollup)
Important Tampering
4462923
Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4467106 (Security Only)
4467107 (Monthly Rollup)
Important Tampering
4462923
Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Yes
Windows Server 2012 4467678 (Security Only)
4467701 (Monthly Rollup)
Important Tampering
4462929
Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Yes
Windows Server 2012 (Server Core installation) 4467678 (Security Only)
4467701 (Monthly Rollup)
Important Tampering
4462929
Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Yes
Windows Server 2012 R2 4467697 (Monthly Rollup)
4467703 (Security Only)
Important Tampering 4462926
Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Yes
Windows Server 2012 R2 (Server Core installation) 4467697 (Monthly Rollup)
4467703 (Security Only)
Important Tampering 4462926
Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Yes
Windows Server 2016 4467691 (Security Update) Important Tampering 4462917 Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Yes
Windows Server 2016 (Server Core installation) 4467691 (Security Update) Important Tampering 4462917 Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Yes
Windows Server 2019 4467708 (Security Update) Important Tampering 4464330 Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Yes
Windows Server 2019 (Server Core installation) 4467708 (Security Update) Important Tampering 4464330 Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Yes
Windows Server, version 1709 (Server Core Installation) 4467686 (Security Update) Important Tampering 4462918 Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Yes
Windows Server, version 1803 (Server Core Installation) 4467702 (Security Update) Important Tampering 4462919 Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8415 Amirreza Niakanlahiji (@DissectMalware) of University of North Carolina at Charlotte
https://www.linkedin.com/in/aniakanl/,https://twitter.com/DissectMalware,https://www.uncc.edu/


CVE-2018-8417 - Microsoft JScript Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8417
MITRE
NVD
CVE Title: Microsoft JScript Security Feature Bypass Vulnerability
Description:

A security feature bypass vulnerability exists in Microsoft JScript that could allow an attacker to bypass Device Guard.

To exploit the vulnerability, an attacker would first have to access the local machine, and run a specially crafted application to create arbitrary COM objects.

The update addresses the vulnerability by correcting how Microsoft JScript manages COM object creation.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-11-13T08:00:00    

Information published.


Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely Exploitation More Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8417
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4467680 (Security Update) Important Security Feature Bypass 4462922 Base: 4.50
Temporal: 4.50
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
Yes
Windows 10 for x64-based Systems 4467680 (Security Update) Important Security Feature Bypass 4462922 Base: 4.50
Temporal: 4.50
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
Yes
Windows 10 Version 1607 for 32-bit Systems 4467691 (Security Update) Important Security Feature Bypass 4462917 Base: 4.50
Temporal: 4.50
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
Yes
Windows 10 Version 1607 for x64-based Systems 4467691 (Security Update) Important Security Feature Bypass 4462917 Base: 4.50
Temporal: 4.50
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
Yes
Windows 10 Version 1703 for 32-bit Systems 4467696 (Security Update) Important Security Feature Bypass 4462937 Base: 4.50
Temporal: 4.50
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
Yes
Windows 10 Version 1703 for x64-based Systems 4467696 (Security Update) Important Security Feature Bypass 4462937 Base: 4.50
Temporal: 4.50
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
Yes
Windows 10 Version 1709 for 32-bit Systems 4467686 (Security Update) Important Security Feature Bypass 4462918 Base: 4.50
Temporal: 4.50
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
Yes
Windows 10 Version 1709 for ARM64-based Systems 4467686 (Security Update) Important Security Feature Bypass 4462918 Base: 4.50
Temporal: 4.50
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
Yes
Windows 10 Version 1709 for x64-based Systems 4467686 (Security Update) Important Security Feature Bypass 4462918 Base: 4.50
Temporal: 4.50
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
Yes
Windows 10 Version 1803 for 32-bit Systems 4467702 (Security Update) Important Security Feature Bypass 4462919 Base: 4.50
Temporal: 4.50
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
Yes
Windows 10 Version 1803 for ARM64-based Systems 4467702 (Security Update) Important Security Feature Bypass None Base: 4.50
Temporal: 4.50
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
Yes
Windows 10 Version 1803 for x64-based Systems 4467702 (Security Update) Important Security Feature Bypass 4462919 Base: 4.50
Temporal: 4.50
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
Yes
Windows 10 Version 1809 for 32-bit Systems 4467708 (Security Update) Important Security Feature Bypass 4464330 Base: 4.50
Temporal: 4.50
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
Yes
Windows 10 Version 1809 for ARM64-based Systems 4467708 (Security Update) Important Security Feature Bypass 4464330 Base: 4.50
Temporal: 4.50
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
Yes
Windows 10 Version 1809 for x64-based Systems 4467708 (Security Update) Important Security Feature Bypass 4464330 Base: 4.50
Temporal: 4.50
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
Yes
Windows Server 2016 4467691 (Security Update) Important Security Feature Bypass 4462917 Base: 4.50
Temporal: 4.50
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
Yes
Windows Server 2016 (Server Core installation) 4467691 (Security Update) Important Security Feature Bypass 4462917 Base: 4.50
Temporal: 4.50
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
Yes
Windows Server 2019 4467708 (Security Update) Important Security Feature Bypass 4464330 Base: 4.50
Temporal: 4.50
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
Yes
Windows Server 2019 (Server Core installation) 4467708 (Security Update) Important Security Feature Bypass 4464330 Base: 4.50
Temporal: 4.50
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
Yes
Windows Server, version 1709 (Server Core Installation) 4467686 (Security Update) Important Security Feature Bypass 4462918 Base: 4.50
Temporal: 4.50
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
Yes
Windows Server, version 1803 (Server Core Installation) 4467702 (Security Update) Important Security Feature Bypass 4462919 Base: 4.50
Temporal: 4.50
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8417 Philip Tsukerman of Cybereason​
https://www.linkedin.com/in/philip-tsukerman-4aaaa0114,https://www.cybereason.com


CVE-2018-8454 - Windows Audio Service Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8454
MITRE
NVD
CVE Title: Windows Audio Service Information Disclosure Vulnerability
Description:

An Information Disclosure vulnerability exists when Windows Audio Service fails to properly handle objects in memory.

An attacker who successfully exploited the vulnerability could potentially disclose memory contents of a elevated process.

To exploit this vulnerability, an authenticated attacker could run a specially crafted application in user mode.

The update addresses the vulnerability by correcting how the browser.sys kernel-mode driver handles objects in memory.


FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory.



Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-11-13T08:00:00    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8454
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 Version 1709 for 32-bit Systems 4467686 (Security Update) Important Information Disclosure 4462918 Base: 2.50
Temporal: 2.50
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows 10 Version 1709 for ARM64-based Systems 4467686 (Security Update) Important Information Disclosure 4462918 Base: 2.50
Temporal: 2.50
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows 10 Version 1709 for x64-based Systems 4467686 (Security Update) Important Information Disclosure 4462918 Base: 2.50
Temporal: 2.50
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows 10 Version 1803 for 32-bit Systems 4467702 (Security Update) Important Information Disclosure 4462919 Base: 2.50
Temporal: 2.50
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows 10 Version 1803 for ARM64-based Systems 4467702 (Security Update) Important Information Disclosure None Base: 2.50
Temporal: 2.50
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows 10 Version 1803 for x64-based Systems 4467702 (Security Update) Important Information Disclosure 4462919 Base: 2.50
Temporal: 2.50
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows 10 Version 1809 for 32-bit Systems 4467708 (Security Update) Important Information Disclosure 4464330 Base: 2.50
Temporal: 2.50
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows 10 Version 1809 for ARM64-based Systems 4467708 (Security Update) Important Information Disclosure 4464330 Base: 2.50
Temporal: 2.50
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows 10 Version 1809 for x64-based Systems 4467708 (Security Update) Important Information Disclosure 4464330 Base: 2.50
Temporal: 2.50
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows Server 2019 4467708 (Security Update) Important Information Disclosure 4464330 Base: 2.50
Temporal: 2.50
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows Server 2019 (Server Core installation) 4467708 (Security Update) Important Information Disclosure 4464330 Base: 2.50
Temporal: 2.50
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows Server, version 1709 (Server Core Installation) 4467686 (Security Update) Important Information Disclosure 4462918 Base: 2.50
Temporal: 2.50
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows Server, version 1803 (Server Core Installation) 4467702 (Security Update) Important Information Disclosure 4462919 Base: 2.50
Temporal: 2.50
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8454 Alex Ionescu, CrowdStrike Inc.
https://www.crowdstrike.com


CVE-2018-8471 - Microsoft RemoteFX Virtual GPU miniport driver Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8471
MITRE
NVD
CVE Title: Microsoft RemoteFX Virtual GPU miniport driver Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists in the way that the Microsoft RemoteFX Virtual GPU miniport driver handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application.

The security update addresses the vulnerability by ensuring the Microsoft RemoteFX Virtual GPU miniport driver properly handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-11-13T08:00:00    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8471
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4467680 (Security Update) Important Elevation of Privilege 4462922 Base: 7.00
Temporal: 7.00
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Yes
Windows 10 for x64-based Systems 4467680 (Security Update) Important Elevation of Privilege 4462922 Base: 7.00
Temporal: 7.00
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Yes
Windows 10 Version 1607 for 32-bit Systems 4467691 (Security Update) Important Elevation of Privilege 4462917 Base: 7.00
Temporal: 7.00
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Yes
Windows 10 Version 1607 for x64-based Systems 4467691 (Security Update) Important Elevation of Privilege 4462917 Base: 7.00
Temporal: 7.00
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Yes
Windows 10 Version 1703 for 32-bit Systems 4467696 (Security Update) Important Elevation of Privilege 4462937 Base: 7.00
Temporal: 7.00
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Yes
Windows 10 Version 1703 for x64-based Systems 4467696 (Security Update) Important Elevation of Privilege 4462937 Base: 7.00
Temporal: 7.00
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Yes
Windows 10 Version 1709 for 32-bit Systems 4467686 (Security Update) Important Elevation of Privilege 4462918 Base: 7.00
Temporal: 7.00
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Yes
Windows 10 Version 1709 for x64-based Systems 4467686 (Security Update) Important Elevation of Privilege 4462918 Base: 7.00
Temporal: 7.00
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Yes
Windows 10 Version 1803 for 32-bit Systems 4467702 (Security Update) Important Elevation of Privilege 4462919 Base: 7.00
Temporal: 7.00
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Yes
Windows 10 Version 1803 for x64-based Systems 4467702 (Security Update) Important Elevation of Privilege 4462919 Base: 7.00
Temporal: 7.00
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Yes
Windows 10 Version 1809 for 32-bit Systems 4467708 (Security Update) Important Elevation of Privilege 4464330 Base: 7.00
Temporal: 7.00
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Yes
Windows 10 Version 1809 for x64-based Systems 4467708 (Security Update) Important Elevation of Privilege 4464330 Base: 7.00
Temporal: 7.00
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Yes
Windows 7 for 32-bit Systems Service Pack 1 4467106 (Security Only)
4467107 (Monthly Rollup)
Important Elevation of Privilege
4462923
Base: 7.00
Temporal: 7.00
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Yes
Windows 7 for x64-based Systems Service Pack 1 4467106 (Security Only)
4467107 (Monthly Rollup)
Important Elevation of Privilege
4462923
Base: 7.00
Temporal: 7.00
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Yes
Windows 8.1 for 32-bit systems 4467703 (Security Only)
4467697 (Monthly Rollup)
Important Elevation of Privilege
4462926
Base: 7.00
Temporal: 7.00
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Yes
Windows 8.1 for x64-based systems 4467697 (Monthly Rollup)
4467703 (Security Only)
Important Elevation of Privilege 4462926
Base: 7.00
Temporal: 7.00
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Yes
Windows Server 2016 4467691 (Security Update) Important Elevation of Privilege 4462917 Base: 7.00
Temporal: 7.00
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Yes
Windows Server 2019 4467708 (Security Update) Important Elevation of Privilege 4464330 Base: 7.00
Temporal: 7.00
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8471 RanchoIce of Tencent ZhanluLab Chen Nan of Tencent ZhanluLab
https://twitter.com/zhanlulab/,https://twitter.com/zhanlulab/


CVE-2018-8476 - Windows Deployment Services TFTP Server Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8476
MITRE
NVD
CVE Title: Windows Deployment Services TFTP Server Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists in the way that Windows Deployment Services TFTP Server handles objects in memory.

An attacker who successfully exploited the vulnerability could execute arbitrary code with elevated permissions on a target system.

To exploit the vulnerability, an attacker could create a specially crafted request, causing Windows to execute arbitrary code with elevated permissions.

The security update addresses the vulnerability by correcting how Windows Deployment Services TFTP Server handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-11-13T08:00:00    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely Exploitation More Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8476
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows Server 2008 for 32-bit Systems Service Pack 2 4467700 (Security Only)
4467706 (Monthly Rollup)
Critical Remote Code Execution
4463097
Base: 8.10
Temporal: 8.10
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4467700 (Security Only)
4467706 (Monthly Rollup)
Critical Remote Code Execution
4463097
Base: 8.10
Temporal: 8.10
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Yes
Windows Server 2008 for Itanium-Based Systems Service Pack 2 4467706 (Monthly Rollup)
4467700 (Security Only)
Critical Remote Code Execution 4463097
Base: 8.10
Temporal: 8.10
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4467700 (Security Only)
4467706 (Monthly Rollup)
Critical Remote Code Execution
4463097
Base: 8.10
Temporal: 8.10
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4467700 (Security Only)
4467706 (Monthly Rollup)
Critical Remote Code Execution
4463097
Base: 8.10
Temporal: 8.10
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Yes
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 4467106 (Security Only)
4467107 (Monthly Rollup)
Critical Remote Code Execution
4462923
Base: 8.10
Temporal: 8.10
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4467106 (Security Only)
4467107 (Monthly Rollup)
Critical Remote Code Execution
4462923
Base: 8.10
Temporal: 8.10
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4467106 (Security Only)
4467107 (Monthly Rollup)
Critical Remote Code Execution
4462923
Base: 8.10
Temporal: 8.10
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Yes
Windows Server 2012 4467678 (Security Only)
4467701 (Monthly Rollup)
Critical Remote Code Execution
4462929
Base: 8.10
Temporal: 8.10
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Yes
Windows Server 2012 (Server Core installation) 4467678 (Security Only)
4467701 (Monthly Rollup)
Critical Remote Code Execution
4462929
Base: 8.10
Temporal: 8.10
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Yes
Windows Server 2012 R2 4467697 (Monthly Rollup)
4467703 (Security Only)
Critical Remote Code Execution 4462926
Base: 8.10
Temporal: 8.10
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Yes
Windows Server 2012 R2 (Server Core installation) 4467697 (Monthly Rollup)
4467703 (Security Only)
Critical Remote Code Execution 4462926
Base: 8.10
Temporal: 8.10
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Yes
Windows Server 2016 4467691 (Security Update) Critical Remote Code Execution 4462917 Base: 8.10
Temporal: 8.10
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Yes
Windows Server 2016 (Server Core installation) 4467691 (Security Update) Critical Remote Code Execution 4462917 Base: 8.10
Temporal: 8.10
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Yes
Windows Server 2019 4467708 (Security Update) Critical Remote Code Execution 4464330 Base: 8.10
Temporal: 8.10
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Yes
Windows Server 2019 (Server Core installation) 4467708 (Security Update) Critical Remote Code Execution 4464330 Base: 8.10
Temporal: 8.10
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Yes
Windows Server, version 1803 (Server Core Installation) 4467702 (Security Update) Critical Remote Code Execution 4462919 Base: 8.10
Temporal: 8.10
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8476 Omer Gull of Checkpoint Software Technologies
https://www.checkpoint.com


CVE-2018-8485 - DirectX Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8485
MITRE
NVD
CVE Title: DirectX Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.

The update addresses the vulnerability by correcting how DirectX handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-11-13T08:00:00    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8485
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4467680 (Security Update) Important Elevation of Privilege 4462922 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4467680 (Security Update) Important Elevation of Privilege 4462922 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4467691 (Security Update) Important Elevation of Privilege 4462917 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4467691 (Security Update) Important Elevation of Privilege 4462917 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1703 for 32-bit Systems 4467696 (Security Update) Important Elevation of Privilege 4462937 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1703 for x64-based Systems 4467696 (Security Update) Important Elevation of Privilege 4462937 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4467686 (Security Update) Important Elevation of Privilege 4462918 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4467686 (Security Update) Important Elevation of Privilege 4462918 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4467686 (Security Update) Important Elevation of Privilege 4462918 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4467702 (Security Update) Important Elevation of Privilege 4462919 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4467702 (Security Update) Important Elevation of Privilege None Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4467702 (Security Update) Important Elevation of Privilege 4462919 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4467708 (Security Update) Important Elevation of Privilege 4464330 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4467708 (Security Update) Important Elevation of Privilege 4464330 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4467708 (Security Update) Important Elevation of Privilege 4464330 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4467703 (Security Only)
4467697 (Monthly Rollup)
Important Elevation of Privilege
4462926
Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4467697 (Monthly Rollup)
4467703 (Security Only)
Important Elevation of Privilege 4462926
Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4467697 (Monthly Rollup) Important Elevation of Privilege 4462926 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 4467678 (Security Only)
4467701 (Monthly Rollup)
Important Elevation of Privilege
4462929
Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4467678 (Security Only)
4467701 (Monthly Rollup)
Important Elevation of Privilege
4462929
Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4467697 (Monthly Rollup)
4467703 (Security Only)
Important Elevation of Privilege 4462926
Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4467697 (Monthly Rollup)
4467703 (Security Only)
Important Elevation of Privilege 4462926
Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 4467691 (Security Update) Important Elevation of Privilege 4462917 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4467691 (Security Update) Important Elevation of Privilege 4462917 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 4467708 (Security Update) Important Elevation of Privilege 4464330 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4467708 (Security Update) Important Elevation of Privilege 4464330 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1709 (Server Core Installation) 4467686 (Security Update) Important Elevation of Privilege 4462918 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1803 (Server Core Installation) 4467702 (Security Update) Important Elevation of Privilege 4462919 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8485 Communications Security Establishment
https://www.cse-cst.gc.ca/


CVE-2018-8522 - Microsoft Outlook Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8522
MITRE
NVD
CVE Title: Microsoft Outlook Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the file could then take actions on behalf of the logged-on user with the same permissions as the current user.

To exploit the vulnerability, a user must open a specially crafted file with an affected version of Microsoft Outlook software. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerability. However, an attacker would have no way to force the user to visit the website. Instead, an attacker would have to convince the user to click a link, typically by way of an enticement in an email or Instant Messenger message, and then convince the user to open the specially crafted file.

Note that the Preview Pane is not an attack vector for this vulnerability.

The security update addresses the vulnerability by correcting how Microsoft Outlook handles files in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-11-13T08:00:00    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely Exploitation More Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8522
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: N/A
Temporal: N/A
Vector: N/A
No
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: N/A
Temporal: N/A
Vector: N/A
No
Microsoft Outlook 2010 Service Pack 2 (32-bit editions) 4461529 (Security Update) Important Remote Code Execution 4227170 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Outlook 2010 Service Pack 2 (64-bit editions) 4461529 (Security Update) Important Remote Code Execution 4227170 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Outlook 2013 RT Service Pack 1 4461486 (Security Update) Important Remote Code Execution 4092477 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Outlook 2013 Service Pack 1 (32-bit editions) 4461486 (Security Update) Important Remote Code Execution 4092477 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Outlook 2013 Service Pack 1 (64-bit editions) 4461486 (Security Update) Important Remote Code Execution 4092477 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Outlook 2016 (32-bit edition) 4461506 (Security Update) Important Remote Code Execution 4461440 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Outlook 2016 (64-bit edition) 4461506 (Security Update) Important Remote Code Execution 4461440 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Office 365 ProPlus for 32-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: N/A
Temporal: N/A
Vector: N/A
No
Office 365 ProPlus for 64-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: N/A
Temporal: N/A
Vector: N/A
No

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8522 Yonghui Han of Fortinet’s FortiGuard Labs


CVE-2018-8576 - Microsoft Outlook Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8576
MITRE
NVD
CVE Title: Microsoft Outlook Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the file could then take actions on behalf of the logged-on user with the same permissions as the current user.

To exploit the vulnerability, a user must open a specially crafted file with an affected version of Microsoft Outlook software. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerability. However, an attacker would have no way to force the user to visit the website. Instead, an attacker would have to convince the user to click a link, typically by way of an enticement in an email or Instant Messenger message, and then convince the user to open the specially crafted file.

Note that the Preview Pane is not an attack vector for this vulnerability.

The security update addresses the vulnerability by correcting how Microsoft Outlook handles files in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-11-13T08:00:00    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely Exploitation More Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8576
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: N/A
Temporal: N/A
Vector: N/A
No
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: N/A
Temporal: N/A
Vector: N/A
No
Microsoft Outlook 2010 Service Pack 2 (32-bit editions) 4461529 (Security Update) Important Remote Code Execution 4227170 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Outlook 2010 Service Pack 2 (64-bit editions) 4461529 (Security Update) Important Remote Code Execution 4227170 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Outlook 2013 RT Service Pack 1 4461486 (Security Update) Important Remote Code Execution 4092477 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Outlook 2013 Service Pack 1 (32-bit editions) 4461486 (Security Update) Important Remote Code Execution 4092477 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Outlook 2013 Service Pack 1 (64-bit editions) 4461486 (Security Update) Important Remote Code Execution 4092477 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Outlook 2016 (32-bit edition) 4461506 (Security Update) Important Remote Code Execution 4461440 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Outlook 2016 (64-bit edition) 4461506 (Security Update) Important Remote Code Execution 4461440 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Office 365 ProPlus for 32-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: N/A
Temporal: N/A
Vector: N/A
No
Office 365 ProPlus for 64-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: N/A
Temporal: N/A
Vector: N/A
No

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8576 Yonghui Han of Fortinet’s FortiGuard Labs


ADV180025 - November 2018 Adobe Flash Security Update

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
ADV180025
MITRE
NVD
CVE Title: November 2018 Adobe Flash Security Update
Description:

This security update addresses the following vulnerability, which is described in Adobe Security Bulletin APSB18-39: CVE-2018-15978.


FAQ:

How could an attacker exploit these vulnerabilities? In a web-based attack scenario where the user is using Internet Explorer for the desktop, an attacker could host a specially crafted website that is designed to exploit any of these vulnerabilities through Internet Explorer and then convince a user to view the website. An attacker could also embed an ActiveX control marked "safe for initialization" in an application or Microsoft Office document that hosts the IE rendering engine. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit any of these vulnerabilities. In all cases, however, an attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by clicking a link in an email message or in an Instant Messenger message that takes users to the attacker's website, or by opening an attachment sent through email.

In a web-based attack scenario where the user is using Internet Explorer in the Windows 8-style UI, an attacker would first need to compromise a website already listed in the Compatibility View (CV) list. An attacker could then host a website that contains specially crafted Flash content designed to exploit any of these vulnerabilities through Internet Explorer and then convince a user to view the website. An attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by clicking a link in an email message or in an Instant Messenger message that takes users to the attacker's website, or by opening an attachment sent through email. For more information about Internet Explorer and the CV List, please see the MSDN Article, Developer Guidance for websites with content for Adobe Flash Player in Windows 8.



Mitigations:

Workarounds:

Workaround refers to a setting or configuration change that would help block known attack vectors before you apply the update.

Prevent Adobe Flash Player from running You can disable attempts to instantiate Adobe Flash Player in Internet Explorer and other applications that honor the kill bit feature, such as Office 2007 and Office 2010, by setting the kill bit for the control in the registry.

Warning If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. Use Registry Editor at your own risk. To set the kill bit for the control in the registry, perform the following steps:

  1. Paste the following into a text file and save it with the .reg file extension.

     Windows Registry Editor Version 5.00
     [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{D27CDB6E-AE6D-11CF-96B8-444553540000}]
     "Compatibility Flags"=dword:00000400
    
     [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{D27CDB6E-AE6D-11CF-96B8-444553540000}]
     "Compatibility Flags"=dword:00000400
    
  2. Double-click the .reg file to apply it to an individual system.

    You can also apply this workaround across domains by using Group Policy. For more information about Group Policy, see the TechNet article, Group Policy collection.

Note You must restart Internet Explorer for your changes to take effect. Impact of workaround. There is no impact as long as the object is not intended to be used in Internet Explorer. How to undo the workaround. Delete the registry keys that were added in implementing this workaround. Prevent Adobe Flash Player from running in Internet Explorer through Group Policy Note The Group Policy MMC snap-in can be used to set policy for a machine, for an organizational unit, or for an entire domain. For more information about Group Policy, visit the following Microsoft Web sites:

Group Policy Overview What is Group Policy Object Editor? Core Group Policy tools and settings

To disable Adobe Flash Player in Internet Explorer through Group Policy, perform the following steps: Note This workaround does not prevent Flash from being invoked from other applications, such as Microsoft Office 2007 or Microsoft Office 2010.

  1. Open the Group Policy Management Console and configure the console to work with the appropriate Group Policy object, such as local machine, OU, or domain GPO.
  2. Navigate to the following node: Administrative Templates -> Windows Components -> Internet Explorer -> Security Features -> Add-on Management
  3. Double-click Turn off Adobe Flash in Internet Explorer and prevent applications from using Internet Explorer technology to instantiate Flash objects.
  4. Change the setting to Enabled.
  5. Click Apply and then click OK to return to the Group Policy Management Console.
  6. Refresh Group Policy on all systems or wait for the next scheduled Group Policy refresh interval for the settings to take effect. Prevent Adobe Flash Player from running in Office 2010 on affected systems Note This workaround does not prevent Adobe Flash Player from running in Internet Explorer. Warning If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. Use Registry Editor at your own risk. For detailed steps that you can use to prevent a control from running in Internet Explorer, see Microsoft Knowledge Base Article 240797. Follow the steps in the article to create a Compatibility Flags value in the registry to prevent a COM object from being instantiated in Internet Explorer.

To disable Adobe Flash Player in Office 2010 only, set the kill bit for the ActiveX control for Adobe Flash Player in the registry using the following steps:

  1. Create a text file named Disable_Flash.reg with the following contents:
		[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Common\COM\Compatibility\{D27CDB6E-AE6D-11CF-96B8-444553540000}]
	"Compatibility Flags"=dword:00000400
  1. Double-click the .reg file to apply it to an individual system.
  2. Note You must restart Internet Explorer for your changes to take effect. You can also apply this workaround across domains by using Group Policy. For more information about Group Policy, see the TechNet article, Group Policy collection. Prevent ActiveX controls from running in Office 2007 and Office 2010

To disable all ActiveX controls in Microsoft Office 2007 and Microsoft Office 2010, including Adobe Flash Player in Internet Explorer, perform the following steps:

  1. Click File, click Options, click Trust Center, and then click Trust Center Settings.
  2. Click ActiveX Settings in the left-hand pane, and then select Disable all controls without notifications.
  3. Click OK to save your settings. Impact of workaround. Office documents that use embedded ActiveX controls may not display as intended. How to undo the workaround.

To re-enable ActiveX controls in Microsoft Office 2007 and Microsoft Office 2010, perform the following steps:

  1. Click File, click Options, click Trust Center, and then click Trust Center Settings.
  2. Click ActiveX Settings in the left-hand pane, and then deselect Disable all controls without notifications.
  3. Click OK to save your settings. Set Internet and Local intranet security zone settings to "High" to block ActiveX Controls and Active Scripting in these zones You can help protect against exploitation of these vulnerabilities by changing your settings for the Internet security zone to block ActiveX controls and Active Scripting. You can do this by setting your browser security to High.

To raise the browsing security level in Internet Explorer, perform the following steps:

  1. On the Internet Explorer Tools menu, click** Internet Option**s.
  2. In the Internet Options dialog box, click the Security tab, and then click Internet.
  3. Under Security level for this zone, move the slider to High. This sets the security level for all websites you visit to High.
  4. Click Local intranet.
  5. Under Security level for this zone, move the slider to High. This sets the security level for all websites you visit to High.
  6. Click OK to accept the changes and return to Internet Explorer. Note If no slider is visible, click Default Level, and then move the slider to High. Note Setting the level to High may cause some websites to work incorrectly. If you have difficulty using a website after you change this setting, and you are sure the site is safe to use, you can add that site to your list of trusted sites. This will allow the site to work correctly even with the security setting set to High. Impact of workaround. There are side effects to blocking ActiveX Controls and Active Scripting. Many websites on the Internet or an intranet use ActiveX or Active Scripting to provide additional functionality. For example, an online e-commerce site or banking site may use ActiveX Controls to provide menus, ordering forms, or even account statements. Blocking ActiveX Controls or Active Scripting is a global setting that affects all Internet and intranet sites. If you do not want to block ActiveX Controls or Active Scripting for such sites, use the steps outlined in "Add sites that you trust to the Internet Explorer Trusted sites zone". Configure Internet Explorer to prompt before running Active Scripting or to disable Active Scripting in the Internet and Local intranet security zone

You can help protect against exploitation of these vulnerabilities by changing your settings to prompt before running Active Scripting or to disable Active Scripting in the Internet and Local intranet security zone. To do this, perform the following steps:

  1. In Internet Explorer, click Internet Options on the Tools menu.
  2. Click the Security tab.
  3. Click Internet, and then click Custom Level.
  4. Under Settings, in the Scripting section, under Active Scripting, click Prompt or Disable, and then click OK.
  5. Click Local intranet, and then click Custom Level.
  6. Under Settings, in the Scripting section, under Active Scripting, click Prompt or Disable, and then click OK.
  7. Click OK to return to Internet Explorer, and then click OK again. Note Disabling Active Scripting in the Internet and Local intranet security zones may cause some websites to work incorrectly. If you have difficulty using a website after you change this setting, and you are sure the site is safe to use, you can add that site to your list of trusted sites. This will allow the site to work correctly. Impact of workaround. There are side effects to prompting before running Active Scripting. Many websites that are on the Internet or on an intranet use Active Scripting to provide additional functionality. For example, an online e-commerce site or banking site may use Active Scripting to provide menus, ordering forms, or even account statements. Prompting before running Active Scripting is a global setting that affects all Internet and intranet sites. You will be prompted frequently when you enable this workaround. For each prompt, if you feel you trust the site that you are visiting, click Yes to run Active Scripting. If you do not want to be prompted for all these sites, use the steps outlined in "Add sites that you trust to the Internet Explorer Trusted sites zone". Add sites that you trust to the Internet Explorer Trusted sites zone After you set Internet Explorer to require a prompt before it runs ActiveX controls and Active Scripting in the Internet zone and in the Local intranet zone, you can add sites that you trust to the Internet Explorer Trusted sites zone. This will allow you to continue to use trusted websites exactly as you do today, while helping to protect you from this attack on untrusted sites. We recommend that you add only sites that you trust to the Trusted sites zone.

To do this, perform the following steps:

  1. In Internet Explorer, click Tools, click Internet Options, and then click the Security tab.
  2. In the Select a web content zone to specify its current security settings box, click Trusted Sites, and then click Sites.
  3. If you want to add sites that do not require an encrypted channel, click to clear the Require server verification (https:) for all sites in this zone check box.
  4. In the Add this website to the zone box, type the URL of a site that you trust, and then click Add.
  5. Repeat these steps for each site that you want to add to the zone.
  6. Click OK two times to accept the changes and return to Internet Explorer. Note Add any sites that you trust not to take malicious action on your system. Two sites in particular that you may want to add are *.windowsupdate.microsoft.com and *.update.microsoft.com. These are the sites that will host the update, and they require an ActiveX control to install the update.

Revision:
1.0    2018-11-13T08:00:00    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

ADV180025
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Adobe Flash Player on Windows 10 for 32-bit Systems 4467694 (Security Update) Important Remote Code Execution 4457146 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Adobe Flash Player on Windows 10 for x64-based Systems 4467694 (Security Update) Important Remote Code Execution 4457146 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Adobe Flash Player on Windows 10 Version 1607 for 32-bit Systems 4467694 (Security Update) Important Remote Code Execution 4457146 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Adobe Flash Player on Windows 10 Version 1607 for x64-based Systems 4467694 (Security Update) Important Remote Code Execution 4457146 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Adobe Flash Player on Windows 10 Version 1703 for 32-bit Systems 4467694 (Security Update) Important Remote Code Execution 4457146 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Adobe Flash Player on Windows 10 Version 1703 for x64-based Systems 4467694 (Security Update) Important Remote Code Execution 4457146 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Adobe Flash Player on Windows 10 Version 1709 for 32-bit Systems 4467694 (Security Update) Important Remote Code Execution 4457146 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Adobe Flash Player on Windows 10 Version 1709 for ARM64-based Systems 4467694 (Security Update) Important Remote Code Execution 4457146 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Adobe Flash Player on Windows 10 Version 1709 for x64-based Systems 4467694 (Security Update) Important Remote Code Execution 4457146 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Adobe Flash Player on Windows 10 Version 1803 for 32-bit Systems 4467694 (Security Update) Important Remote Code Execution 4457146 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Adobe Flash Player on Windows 10 Version 1803 for ARM64-based Systems 4467694 (Security Update) Important Remote Code Execution 4457146 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Adobe Flash Player on Windows 10 Version 1803 for x64-based Systems 4467694 (Security Update) Important Remote Code Execution 4457146 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Adobe Flash Player on Windows 10 Version 1809 for 32-bit Systems 4467694 (Security Update) Important Remote Code Execution 4457146 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Adobe Flash Player on Windows 10 Version 1809 for ARM64-based Systems 4467694 (Security Update) Important Remote Code Execution 4457146 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Adobe Flash Player on Windows 10 Version 1809 for x64-based Systems 4467694 (Security Update) Important Remote Code Execution 4457146 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Adobe Flash Player on Windows 8.1 for 32-bit systems 4467694 (Security Update) Important Remote Code Execution 4457146 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Adobe Flash Player on Windows 8.1 for x64-based systems 4467694 (Security Update) Important Remote Code Execution 4457146 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Adobe Flash Player on Windows RT 8.1 4467694 (Security Update) Important Remote Code Execution 4457146 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Adobe Flash Player on Windows Server 2012 4467694 (Security Update) Important Remote Code Execution 4457146 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Adobe Flash Player on Windows Server 2012 R2 4467694 (Security Update) Important Remote Code Execution 4457146 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Adobe Flash Player on Windows Server 2016 4467694 (Security Update) Important Remote Code Execution 4457146 Base: N/A
Temporal: N/A
Vector: N/A
Yes

Acknowledgements

CVE ID Acknowledgements
ADV180025 None

CVE-2018-8524 - Microsoft Outlook Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8524
MITRE
NVD
CVE Title: Microsoft Outlook Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the file could then take actions on behalf of the logged-on user with the same permissions as the current user.

To exploit the vulnerability, a user must open a specially crafted file with an affected version of Microsoft Outlook software. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerability. However, an attacker would have no way to force the user to visit the website. Instead, an attacker would have to convince the user to click a link, typically by way of an enticement in an email or Instant Messenger message, and then convince the user to open the specially crafted file.

Note that the Preview Pane is not an attack vector for this vulnerability.

The security update addresses the vulnerability by correcting how Microsoft Outlook handles files in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-11-13T08:00:00    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8524
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: N/A
Temporal: N/A
Vector: N/A
No
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: N/A
Temporal: N/A
Vector: N/A
No
Microsoft Outlook 2010 Service Pack 2 (32-bit editions) 4461529 (Security Update) Important Remote Code Execution 4227170 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Outlook 2010 Service Pack 2 (64-bit editions) 4461529 (Security Update) Important Remote Code Execution 4227170 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Outlook 2013 RT Service Pack 1 4461486 (Security Update) Important Remote Code Execution 4092477 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Outlook 2013 Service Pack 1 (32-bit editions) 4461486 (Security Update) Important Remote Code Execution 4092477 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Outlook 2013 Service Pack 1 (64-bit editions) 4461486 (Security Update) Important Remote Code Execution 4092477 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Outlook 2016 (32-bit edition) 4461506 (Security Update) Important Remote Code Execution 4461440 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Outlook 2016 (64-bit edition) 4461506 (Security Update) Important Remote Code Execution 4461440 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Office 365 ProPlus for 32-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: N/A
Temporal: N/A
Vector: N/A
No
Office 365 ProPlus for 64-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: N/A
Temporal: N/A
Vector: N/A
No

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8524 Yonghui Han of Fortinet’s FortiGuard Labs


CVE-2018-8539 - Microsoft Word Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8539
MITRE
NVD
CVE Title: Microsoft Word Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the file could then take actions on behalf of the logged-on user with the same permissions as the current user.

To exploit the vulnerability, a user must open a specially crafted file with an affected version of Microsoft Word software. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerability. However, an attacker would have no way to force the user to visit the website. Instead, an attacker would have to convince the user to click a link, typically by way of an enticement in an email or Instant Messenger message, and then convince the user to open the specially crafted file.

The security update addresses the vulnerability by correcting how Microsoft Word handles files in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-11-13T08:00:00    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
N/A Exploitation More Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8539
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft Office 2010 Service Pack 2 (32-bit editions) 3114565 (Security Update) Important Remote Code Execution 3085528 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Office 2010 Service Pack 2 (64-bit editions) 3114565 (Security Update) Important Remote Code Execution 3085528 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Office Web Apps 2010 Service Pack 2 4461527 (Security Update) Important Remote Code Execution 4227167 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft SharePoint Server 2010 Service Pack 2 4461520 (Security Update) Important Remote Code Execution 4092481 Base: N/A
Temporal: N/A
Vector: N/A
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8539 Yangkang of 360CoreSec
https://twitter.com/dnpushme,https://twitter.com/360CoreSec


Jinquan of 360CoreSec
https://twitter.com/jq0904,https://twitter.com/360CoreSec


CVE-2018-8546 - Microsoft Skype for Business Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8546
MITRE
NVD
CVE Title: Microsoft Skype for Business Denial of Service Vulnerability
Description:

A denial of service vulnerability exists in Skype for Business. An attacker who successfully exploited the vulnerability could cause Skype for Business to stop responding. Note that the denial of service would not allow an attacker to execute code or to elevate the attacker's user rights.

For an attack to be successful, this vulnerability requires that a user sends a number of emojis in the affected version of Skype for Business.

The security update addresses the vulnerability by correcting how Skype for Business handles emojis.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-11-13T08:00:00    

Information published.


Low Denial of Service

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely Exploitation Unlikely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8546
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft Lync 2013 Service Pack 1 (32-bit) 4461487 (Security Update) Low Denial of Service 4022225 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Lync 2013 Service Pack 1 (64-bit) 4461487 (Security Update) Low Denial of Service 4022225 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Lync Basic 2013 Service Pack 1 (32-bit) 4461487 (Security Update) Low Denial of Service 4022225 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Lync Basic 2013 Service Pack 1 (64-bit) 4461487 (Security Update) Low Denial of Service 4022225 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Low Denial of Service None Base: N/A
Temporal: N/A
Vector: N/A
No
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Low Denial of Service None Base: N/A
Temporal: N/A
Vector: N/A
No
Office 365 ProPlus for 32-bit Systems Click to Run (Security Update) Low Denial of Service None Base: N/A
Temporal: N/A
Vector: N/A
No
Office 365 ProPlus for 64-bit Systems Click to Run (Security Update) Low Denial of Service None Base: N/A
Temporal: N/A
Vector: N/A
No
Skype for Business 2016 (32-bit) 4461473 (Security Update) Low Denial of Service 4022221 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Skype for Business 2016 (64-bit) 4461473 (Security Update) Low Denial of Service 4022221 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Skype for Business 2016 Basic (32-bit) 4461473 (Security Update) Low Denial of Service 4022221 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Skype for Business 2016 Basic (64-bit) 4461473 (Security Update) Low Denial of Service 4022221 Base: N/A
Temporal: N/A
Vector: N/A
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8546 Sabine Degen of SEC Consult Vulnerability Lab
https://www.sec-consult.com


CVE-2018-8553 - Microsoft Graphics Components Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8553
MITRE
NVD
CVE Title: Microsoft Graphics Components Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system.

To exploit the vulnerability, a user would have to open a specially crafted file.

The security update addresses the vulnerability by correcting how Microsoft Graphics Components handle objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-11-13T08:00:00    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
N/A Exploitation More Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8553
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4467680 (Security Update) Critical Remote Code Execution 4462922 Base: 7.40
Temporal: 6.70
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O
Yes
Windows 10 for x64-based Systems 4467680 (Security Update) Critical Remote Code Execution 4462922 Base: 7.40
Temporal: 6.70
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O
Yes
Windows 10 Version 1607 for 32-bit Systems 4467691 (Security Update) Critical Remote Code Execution 4462917 Base: 7.40
Temporal: 6.70
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O
Yes
Windows 10 Version 1607 for x64-based Systems 4467691 (Security Update) Critical Remote Code Execution 4462917 Base: 7.40
Temporal: 6.70
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O
Yes
Windows 7 for 32-bit Systems Service Pack 1 4467106 (Security Only)
4467107 (Monthly Rollup)
Critical Remote Code Execution
4462923
Base: 7.40
Temporal: 6.70
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O
Yes
Windows 7 for x64-based Systems Service Pack 1 4467106 (Security Only)
4467107 (Monthly Rollup)
Critical Remote Code Execution
4462923
Base: 7.40
Temporal: 6.70
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O
Yes
Windows 8.1 for 32-bit systems 4467703 (Security Only)
4467697 (Monthly Rollup)
Critical Remote Code Execution
4462926
Base: 7.40
Temporal: 6.70
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O
Yes
Windows 8.1 for x64-based systems 4467697 (Monthly Rollup)
4467703 (Security Only)
Critical Remote Code Execution 4462926
Base: 7.40
Temporal: 6.70
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O
Yes
Windows RT 8.1 4467697 (Monthly Rollup) Critical Remote Code Execution 4462926 Base: 7.40
Temporal: 6.70
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4467700 (Security Only)
4467706 (Monthly Rollup)
Critical Remote Code Execution
4463097
Base: 7.40
Temporal: 6.70
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4467700 (Security Only)
4467706 (Monthly Rollup)
Critical Remote Code Execution
4463097
Base: 7.40
Temporal: 6.70
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O
Yes
Windows Server 2008 for Itanium-Based Systems Service Pack 2 4467706 (Monthly Rollup)
4467700 (Security Only)
Critical Remote Code Execution 4463097
Base: 7.40
Temporal: 6.70
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4467700 (Security Only)
4467706 (Monthly Rollup)
Critical Remote Code Execution
4463097
Base: 7.40
Temporal: 6.70
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4467700 (Security Only)
4467706 (Monthly Rollup)
Critical Remote Code Execution
4463097
Base: 7.40
Temporal: 6.70
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O
Yes
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 4467106 (Security Only)
4467107 (Monthly Rollup)
Critical Remote Code Execution
4462923
Base: 7.40
Temporal: 6.70
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4467106 (Security Only)
4467107 (Monthly Rollup)
Critical Remote Code Execution
4462923
Base: 7.40
Temporal: 6.70
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4467106 (Security Only)
4467107 (Monthly Rollup)
Critical Remote Code Execution
4462923
Base: 7.40
Temporal: 6.70
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O
Yes
Windows Server 2012 4467678 (Security Only)
4467701 (Monthly Rollup)
Critical Remote Code Execution
4462929
Base: 7.40
Temporal: 6.70
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O
Yes
Windows Server 2012 (Server Core installation) 4467678 (Security Only)
4467701 (Monthly Rollup)
Critical Remote Code Execution
4462929
Base: 7.40
Temporal: 6.70
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O
Yes
Windows Server 2012 R2 4467697 (Monthly Rollup)
4467703 (Security Only)
Critical Remote Code Execution 4462926
Base: 7.40
Temporal: 6.70
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O
Yes
Windows Server 2012 R2 (Server Core installation) 4467697 (Monthly Rollup)
4467703 (Security Only)
Critical Remote Code Execution 4462926
Base: 7.40
Temporal: 6.70
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O
Yes
Windows Server 2016 4467691 (Security Update) Critical Remote Code Execution 4462917 Base: 7.40
Temporal: 6.70
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O
Yes
Windows Server 2016 (Server Core installation) 4467691 (Security Update) Critical Remote Code Execution 4462917 Base: 7.40
Temporal: 6.70
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8553 Lin Wang of Beihang University working with Trend Micro's Zero Day Initiative
http://www.zerodayinitiative.com/


CVE-2018-8554 - DirectX Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8554
MITRE
NVD
CVE Title: DirectX Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.

The update addresses the vulnerability by correcting how DirectX handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-11-13T08:00:00    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely Exploitation More Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8554
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 Version 1803 for 32-bit Systems 4467702 (Security Update) Important Elevation of Privilege 4462919 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4467702 (Security Update) Important Elevation of Privilege 4462919 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4467708 (Security Update) Important Elevation of Privilege 4464330 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4467708 (Security Update) Important Elevation of Privilege 4464330 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 4467708 (Security Update) Important Elevation of Privilege 4464330 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4467708 (Security Update) Important Elevation of Privilege 4464330 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1803 (Server Core Installation) 4467702 (Security Update) Important Elevation of Privilege 4462919 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8554 Alex Ionescu, CrowdStrike Inc.
https://www.crowdstrike.com


Thomas Imbert (@masthoon) of MSRC Vulnerabilities and Mitigations Team
https://twitter.com/masthoon


CVE-2018-8561 - DirectX Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8561
MITRE
NVD
CVE Title: DirectX Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.

The update addresses the vulnerability by correcting how DirectX handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-11-13T08:00:00    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8561
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4467680 (Security Update) Important Elevation of Privilege 4462922 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4467680 (Security Update) Important Elevation of Privilege 4462922 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4467691 (Security Update) Important Elevation of Privilege 4462917 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4467691 (Security Update) Important Elevation of Privilege 4462917 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1703 for 32-bit Systems 4467696 (Security Update) Important Elevation of Privilege 4462937 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1703 for x64-based Systems 4467696 (Security Update) Important Elevation of Privilege 4462937 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4467686 (Security Update) Important Elevation of Privilege 4462918 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4467686 (Security Update) Important Elevation of Privilege 4462918 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4467686 (Security Update) Important Elevation of Privilege 4462918 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4467702 (Security Update) Important Elevation of Privilege 4462919 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4467702 (Security Update) Important Elevation of Privilege None Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4467702 (Security Update) Important Elevation of Privilege 4462919 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4467708 (Security Update) Important Elevation of Privilege 4464330 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4467708 (Security Update) Important Elevation of Privilege 4464330 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4467708 (Security Update) Important Elevation of Privilege 4464330 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4467703 (Security Only)
4467697 (Monthly Rollup)
Important Elevation of Privilege
4462926
Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4467697 (Monthly Rollup)
4467703 (Security Only)
Important Elevation of Privilege 4462926
Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4467697 (Monthly Rollup) Important Elevation of Privilege 4462926 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 4467678 (Security Only)
4467701 (Monthly Rollup)
Important Elevation of Privilege
4462929
Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4467678 (Security Only)
4467701 (Monthly Rollup)
Important Elevation of Privilege
4462929
Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4467697 (Monthly Rollup)
4467703 (Security Only)
Important Elevation of Privilege 4462926
Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4467697 (Monthly Rollup)
4467703 (Security Only)
Important Elevation of Privilege 4462926
Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 4467691 (Security Update) Important Elevation of Privilege 4462917 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4467691 (Security Update) Important Elevation of Privilege 4462917 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 4467708 (Security Update) Important Elevation of Privilege 4464330 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4467708 (Security Update) Important Elevation of Privilege 4464330 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1709 (Server Core Installation) 4467686 (Security Update) Important Elevation of Privilege 4462918 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1803 (Server Core Installation) 4467702 (Security Update) Important Elevation of Privilege 4462919 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8561 Communications Security Establishment
https://www.cse-cst.gc.ca/


CVE-2018-8562 - Win32k Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8562
MITRE
NVD
CVE Title: Win32k Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.

The update addresses this vulnerability by correcting how Win32k handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-11-13T08:00:00    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely Exploitation More Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8562
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4467680 (Security Update) Important Elevation of Privilege 4462922 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4467680 (Security Update) Important Elevation of Privilege 4462922 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4467691 (Security Update) Important Elevation of Privilege 4462917 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4467691 (Security Update) Important Elevation of Privilege 4462917 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1703 for 32-bit Systems 4467696 (Security Update) Important Elevation of Privilege 4462937 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1703 for x64-based Systems 4467696 (Security Update) Important Elevation of Privilege 4462937 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4467686 (Security Update) Important Elevation of Privilege 4462918 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4467686 (Security Update) Important Elevation of Privilege 4462918 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4467686 (Security Update) Important Elevation of Privilege 4462918 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 4467702 (Security Update) Important Elevation of Privilege 4462919 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 4467702 (Security Update) Important Elevation of Privilege None Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 4467702 (Security Update) Important Elevation of Privilege 4462919 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 4467708 (Security Update) Important Elevation of Privilege 4464330 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4467708 (Security Update) Important Elevation of Privilege 4464330 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4467708 (Security Update) Important Elevation of Privilege 4464330 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 4467106 (Security Only)
4467107 (Monthly Rollup)
Important Elevation of Privilege
4462923
Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 4467106 (Security Only)
4467107 (Monthly Rollup)
Important Elevation of Privilege
4462923
Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4467703 (Security Only)
4467697 (Monthly Rollup)
Important Elevation of Privilege
4462926
Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4467697 (Monthly Rollup)
4467703 (Security Only)
Important Elevation of Privilege 4462926
Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4467697 (Monthly Rollup) Important Elevation of Privilege 4462926 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4467700 (Security Only)
4467706 (Monthly Rollup)
Important Elevation of Privilege
4463097
Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4467700 (Security Only)
4467706 (Monthly Rollup)
Important Elevation of Privilege
4463097
Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for Itanium-Based Systems Service Pack 2 4467706 (Monthly Rollup)
4467700 (Security Only)
Important Elevation of Privilege 4463097
Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4467700 (Security Only)
4467706 (Monthly Rollup)
Important Elevation of Privilege
4463097
Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4467700 (Security Only)
4467706 (Monthly Rollup)
Important Elevation of Privilege
4463097
Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 4467106 (Security Only)
4467107 (Monthly Rollup)
Important Elevation of Privilege
4462923
Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4467106 (Security Only)
4467107 (Monthly Rollup)
Important Elevation of Privilege
4462923
Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4467106 (Security Only)
4467107 (Monthly Rollup)
Important Elevation of Privilege
4462923
Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 4467678 (Security Only)
4467701 (Monthly Rollup)
Important Elevation of Privilege
4462929
Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4467678 (Security Only)
4467701 (Monthly Rollup)
Important Elevation of Privilege
4462929
Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4467697 (Monthly Rollup)
4467703 (Security Only)
Important Elevation of Privilege 4462926
Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4467697 (Monthly Rollup)
4467703 (Security Only)
Important Elevation of Privilege 4462926
Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 4467691 (Security Update) Important Elevation of Privilege 4462917 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4467691 (Security Update) Important Elevation of Privilege 4462917 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 4467708 (Security Update) Important Elevation of Privilege 4464330 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4467708 (Security Update) Important Elevation of Privilege 4464330 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1709 (Server Core Installation) 4467686 (Security Update) Important Elevation of Privilege 4462918 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1803 (Server Core Installation) 4467702 (Security Update) Important Elevation of Privilege 4462919 Base: 7.00
Temporal: 6.30
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8562 Laith AL-Satari
https://twitter.com/laith_satari


CVE-2018-8563 - DirectX Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8563
MITRE
NVD
CVE Title: DirectX Information Disclosure Vulnerability
Description:

An information disclosure vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.

An authenticated attacker could exploit this vulnerability by running a specially crafted application.

The update addresses the vulnerability by correcting how DirectX handles objects in memory.


FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory.



Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-11-13T08:00:00    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
N/A Exploitation More Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8563
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 7 for 32-bit Systems Service Pack 1 4467106 (Security Only)
4467107 (Monthly Rollup)
Important Information Disclosure
4462923
Base: 4.70
Temporal: 4.20
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 4467106 (Security Only)
4467107 (Monthly Rollup)
Important Information Disclosure
4462923
Base: 4.70
Temporal: 4.20
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4467703 (Security Only)
4467697 (Monthly Rollup)
Important Information Disclosure
4462926
Base: 4.70
Temporal: 4.20
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4467697 (Monthly Rollup)
4467703 (Security Only)
Important Information Disclosure 4462926
Base: 4.70
Temporal: 4.20
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4467697 (Monthly Rollup) Important Information Disclosure 4462926 Base: 4.70
Temporal: 4.20
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 4467106 (Security Only)
4467107 (Monthly Rollup)
Important Information Disclosure
4462923
Base: 4.70
Temporal: 4.20
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4467106 (Security Only)
4467107 (Monthly Rollup)
Important Information Disclosure
4462923
Base: 4.70
Temporal: 4.20
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4467106 (Security Only)
4467107 (Monthly Rollup)
Important Information Disclosure
4462923
Base: 4.70
Temporal: 4.20
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 4467678 (Security Only)
4467701 (Monthly Rollup)
Important Information Disclosure
4462929
Base: 4.70
Temporal: 4.20
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4467678 (Security Only)
4467701 (Monthly Rollup)
Important Information Disclosure
4462929
Base: 4.70
Temporal: 4.20
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4467697 (Monthly Rollup)
4467703 (Security Only)
Important Information Disclosure 4462926
Base: 4.70
Temporal: 4.20
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4467697 (Monthly Rollup)
4467703 (Security Only)
Important Information Disclosure 4462926
Base: 4.70
Temporal: 4.20
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8563 Scott Bell of Pulse Security
https://www.pulsesecurity.co.nz/


CVE-2018-8564 - Microsoft Edge Spoofing Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8564
MITRE
NVD
CVE Title: Microsoft Edge Spoofing Vulnerability
Description:

A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content. An attacker who successfully exploited this vulnerability could trick a user into believing that the user was on a legitimate website. The specially crafted website could either spoof content or serve as a pivot to chain an attack with other vulnerabilities in web services.

To exploit the vulnerability, the user must either browse to a malicious website or be redirected to it. In an email attack scenario, an attacker could send an email message in an attempt to convince the user to click a link to a malicious site.

In a web-based attack scenario, an attacker could host a specially crafted website designed to appear as a legitimate website to the user. However, the attacker would have no way to force the user to visit the specially crafted website. The attacker would have to convince the user to visit the specially crafted website, typically by way of enticement in an email or instant message.

The security update addresses the vulnerability by correcting how Microsoft Edge handles specific HTML content.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-11-13T08:00:00    

Information published.


Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely N/A Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8564
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft Edge on Windows 10 for 32-bit Systems 4467680 (Security Update) Important Spoofing 4462922 Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 for x64-based Systems 4467680 (Security Update) Important Spoofing 4462922 Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1607 for 32-bit Systems 4467691 (Security Update) Important Spoofing 4462917 Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1607 for x64-based Systems 4467691 (Security Update) Important Spoofing 4462917 Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1703 for 32-bit Systems 4467696 (Security Update) Important Spoofing 4462937 Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1703 for x64-based Systems 4467696 (Security Update) Important Spoofing 4462937 Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1709 for 32-bit Systems 4467686 (Security Update) Important Spoofing 4462918 Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1709 for ARM64-based Systems 4467686 (Security Update) Important Spoofing 4462918 Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1709 for x64-based Systems 4467686 (Security Update) Important Spoofing 4462918 Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1803 for 32-bit Systems 4467702 (Security Update) Important Spoofing 4462919 Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1803 for ARM64-based Systems 4467702 (Security Update) Important Spoofing 4462919 Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1803 for x64-based Systems 4467702 (Security Update) Important Spoofing 4462919 Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1809 for 32-bit Systems 4467708 (Security Update) Important Spoofing 4464330 Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1809 for ARM64-based Systems 4467708 (Security Update) Important Spoofing 4464330 Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1809 for x64-based Systems 4467708 (Security Update) Important Spoofing 4464330 Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows Server 2016 4467691 (Security Update) Low Spoofing 4462917 Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows Server 2019 4467708 (Security Update) Low Spoofing 4464330 Base: 4.30
Temporal: 3.90
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8564 Jun Kokatsu, Windows & Devices Group - Operating System Security Team


CVE-2018-8565 - Win32k Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8565
MITRE
NVD
CVE Title: Win32k Information Disclosure Vulnerability
Description:

An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.

To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.

The security update addresses the vulnerability by correcting how win32k handles objects in memory.


FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory.



Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-11-13T08:00:00    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
N/A Exploitation More Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8565
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4467680 (Security Update) Important Information Disclosure 4462922 Base: 4.70
Temporal: 4.20
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4467680 (Security Update) Important Information Disclosure 4462922 Base: 4.70
Temporal: 4.20
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4467691 (Security Update) Important Information Disclosure 4462917 Base: 4.70
Temporal: 4.20
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4467691 (Security Update) Important Information Disclosure 4462917 Base: 4.70
Temporal: 4.20
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1703 for 32-bit Systems 4467696 (Security Update) Important Information Disclosure 4462937 Base: 4.70
Temporal: 4.20
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1703 for x64-based Systems 4467696 (Security Update) Important Information Disclosure 4462937 Base: 4.70
Temporal: 4.20
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4467686 (Security Update) Important Information Disclosure 4462918 Base: 4.70
Temporal: 4.20
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4467686 (Security Update) Important Information Disclosure 4462918 Base: 4.70
Temporal: 4.20
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4467686 (Security Update) Important Information Disclosure 4462918 Base: 4.70
Temporal: 4.20
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 4467106 (Security Only)
4467107 (Monthly Rollup)
Important Information Disclosure
4462923
Base: 4.70
Temporal: 4.20
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 4467106 (Security Only)
4467107 (Monthly Rollup)
Important Information Disclosure
4462923
Base: 4.70
Temporal: 4.20
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4467703 (Security Only)
4467697 (Monthly Rollup)
Important Information Disclosure
4462926
Base: 4.70
Temporal: 4.20
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4467697 (Monthly Rollup)
4467703 (Security Only)
Important Information Disclosure 4462926
Base: 4.70
Temporal: 4.20
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4467697 (Monthly Rollup) Important Information Disclosure 4462926 Base: 4.70
Temporal: 4.20
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4467700 (Security Only)
4467706 (Monthly Rollup)
Important Information Disclosure
4463097
Base: 4.70
Temporal: 4.20
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4467700 (Security Only)
4467706 (Monthly Rollup)
Important Information Disclosure
4463097
Base: 4.70
Temporal: 4.20
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for Itanium-Based Systems Service Pack 2 4467706 (Monthly Rollup)
4467700 (Security Only)
Important Information Disclosure 4463097
Base: 4.70
Temporal: 4.20
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4467700 (Security Only)
4467706 (Monthly Rollup)
Important Information Disclosure
4463097
Base: 4.70
Temporal: 4.20
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4467700 (Security Only)
4467706 (Monthly Rollup)
Important Information Disclosure
4463097
Base: 4.70
Temporal: 4.20
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 4467106 (Security Only)
4467107 (Monthly Rollup)
Important Information Disclosure
4462923
Base: 4.70
Temporal: 4.20
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4467106 (Security Only)
4467107 (Monthly Rollup)
Important Information Disclosure
4462923
Base: 4.70
Temporal: 4.20
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4467106 (Security Only)
4467107 (Monthly Rollup)
Important Information Disclosure
4462923
Base: 4.70
Temporal: 4.20
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 4467678 (Security Only)
4467701 (Monthly Rollup)
Important Information Disclosure
4462929
Base: 4.70
Temporal: 4.20
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4467678 (Security Only)
4467701 (Monthly Rollup)
Important Information Disclosure
4462929
Base: 4.70
Temporal: 4.20
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4467697 (Monthly Rollup)
4467703 (Security Only)
Important Information Disclosure 4462926
Base: 4.70
Temporal: 4.20
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4467697 (Monthly Rollup)
4467703 (Security Only)
Important Information Disclosure 4462926
Base: 4.70
Temporal: 4.20
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2016 4467691 (Security Update) Important Information Disclosure 4462917 Base: 4.70
Temporal: 4.20
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4467691 (Security Update) Important Information Disclosure 4462917 Base: 4.70
Temporal: 4.20
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1709 (Server Core Installation) 4467686 (Security Update) Important Information Disclosure 4462918 Base: 4.70
Temporal: 4.20
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8565 Long Li of Baidu XLab Tianya Team


CVE-2018-8566 - BitLocker Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8566
MITRE
NVD
CVE Title: BitLocker Security Feature Bypass Vulnerability
Description:

A security feature bypass vulnerability exists when Windows improperly suspends BitLocker Device Encryption. An attacker with physical access to a powered off system could exploit this vulnerability to gain access to encrypted data.

To exploit the vulnerability, an attacker must gain physical access to the target system prior to the next system reboot.

The security update fixes the vulnerability by ensuring Windows resumes BitLocker Device Encryption.


FAQ:

Is CVE-2018-8566 related to Microsoft Security Advisory ADV180028 - Guidance for configuring BitLocker to enforce software encryption?

CVE-2018-8566 is not related to Microsoft Security Advisory ADV180028. Customers who install the updates listed in CVE-2018-8566 will also need to review the guidance in Security Advisory ADV180028 regarding self-encrypting drives.



Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-11-13T08:00:00    

Information published.


Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable Yes No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8566
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 Version 1607 for 32-bit Systems 4465659 (Servicing Stack Update) Important Security Feature Bypass None Base: 4.60
Temporal: 4.60
Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Yes
Windows 10 Version 1607 for x64-based Systems 4465659 (Servicing Stack Update) Important Security Feature Bypass None Base: 4.60
Temporal: 4.60
Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Yes
Windows 10 Version 1703 for 32-bit Systems 4465660 (Servicing Stack Update) Important Security Feature Bypass None Base: 4.60
Temporal: 4.60
Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Yes
Windows 10 Version 1703 for x64-based Systems 4465660 (Servicing Stack Update) Important Security Feature Bypass None Base: 4.60
Temporal: 4.60
Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Yes
Windows 10 Version 1709 for 32-bit Systems 4465661 (Servicing Stack Update) Important Security Feature Bypass None Base: 4.60
Temporal: 4.60
Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Yes
Windows 10 Version 1709 for ARM64-based Systems 4465661 (Servicing Stack Update) Important Security Feature Bypass None Base: 4.60
Temporal: 4.60
Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Yes
Windows 10 Version 1709 for x64-based Systems 4465661 (Servicing Stack Update) Important Security Feature Bypass None Base: 4.60
Temporal: 4.60
Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Yes
Windows 10 Version 1803 for 32-bit Systems 4465663 (Servicing Stack Update) Important Security Feature Bypass None Base: 4.60
Temporal: 4.60
Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Yes
Windows 10 Version 1803 for ARM64-based Systems 4465663 (Servicing Stack Update) Important Security Feature Bypass None Base: 4.60
Temporal: 4.60
Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Yes
Windows 10 Version 1803 for x64-based Systems 4465663 (Servicing Stack Update) Important Security Feature Bypass None Base: 4.60
Temporal: 4.60
Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Yes
Windows 10 Version 1809 for 32-bit Systems 4465664 (Servicing Stack Update) Important Security Feature Bypass None Base: 4.60
Temporal: 4.60
Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Yes
Windows 10 Version 1809 for ARM64-based Systems 4465664 (Servicing Stack Update) Important Security Feature Bypass None Base: 4.60
Temporal: 4.60
Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Yes
Windows 10 Version 1809 for x64-based Systems 4465664 (Servicing Stack Update) Important Security Feature Bypass None Base: 4.60
Temporal: 4.60
Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Yes
Windows Server 2016 4465659 (Servicing Stack Update) Important Security Feature Bypass None Base: 4.60
Temporal: 4.60
Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Yes
Windows Server 2016 (Server Core installation) 4465659 (Servicing Stack Update) Important Security Feature Bypass None Base: 4.60
Temporal: 4.60
Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Yes
Windows Server 2019 4465664 (Servicing Stack Update) Important Security Feature Bypass None Base: 4.60
Temporal: 4.60
Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Yes
Windows Server 2019 (Server Core installation) 4465664 (Servicing Stack Update) Important Security Feature Bypass None Base: 4.60
Temporal: 4.60
Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Yes
Windows Server, version 1709 (Server Core Installation) 4465661 (Servicing Stack Update) Important Security Feature Bypass None Base: 4.60
Temporal: 4.60
Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Yes
Windows Server, version 1803 (Server Core Installation) 4465663 (Servicing Stack Update) Important Security Feature Bypass None Base: 4.60
Temporal: 4.60
Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8566 None

CVE-2018-8558 - Microsoft Outlook Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8558
MITRE
NVD
CVE Title: Microsoft Outlook Information Disclosure Vulnerability
Description:

An information disclosure vulnerability exists when Microsoft Outlook fails to respect "Default link type" settings configured via the SharePoint Online Admin Center.

A malicious user could potentially share anonymously-accessible links to other users via email where these links are intended to be accessed only by specific users.

The security update addresses the vulnerability by correcting how Microsoft Outlook generates links inserted into emails via the "Attach File" interface.


FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is unauthorized file system access - reading from file system.



Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-11-13T08:00:00    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8558
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Information Disclosure None Base: N/A
Temporal: N/A
Vector: N/A
No
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Information Disclosure None Base: N/A
Temporal: N/A
Vector: N/A
No
Office 365 ProPlus for 32-bit Systems Click to Run (Security Update) Important Information Disclosure None Base: N/A
Temporal: N/A
Vector: N/A
No
Office 365 ProPlus for 64-bit Systems Click to Run (Security Update) Important Information Disclosure None Base: N/A
Temporal: N/A
Vector: N/A
No

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8558 None

CVE-2018-8572 - Microsoft SharePoint Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8572
MITRE
NVD
CVE Title: Microsoft SharePoint Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.

The attacker who successfully exploited the vulnerability could then perform cross-site scripting attacks on affected systems and run script in the security context of the current user. These attacks could allow the attacker to read content that the attacker is not authorized to read, use the victim's identity to take actions on the SharePoint site on behalf of the user, such as change permissions and delete content, and inject malicious content in the browser of the user.

The security update addresses the vulnerability by helping to ensure that SharePoint Server properly sanitizes web requests.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-11-13T08:00:00    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8572
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft SharePoint Enterprise Server 2016 4461501 (Security Update) Important Elevation of Privilege 4461447 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft SharePoint Foundation 2013 Service Pack 1 4461511 (Security Update) Important Elevation of Privilege 4022243 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft SharePoint Server 2019 4461513 (Security Update) Important Elevation of Privilege None Base: N/A
Temporal: N/A
Vector: N/A
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8572 Ashar Javed of Hyundai AutoEver Europe GmbH
https://twitter.com/soaj1664ashar,https://www.hyundai-autoever.eu/


CVE-2018-8573 - Microsoft Word Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8573
MITRE
NVD
CVE Title: Microsoft Word Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the file could then take actions on behalf of the logged-on user with the same permissions as the current user.

To exploit the vulnerability, a user must open a specially crafted file with an affected version of Microsoft Word software. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerability. However, an attacker would have no way to force the user to visit the website. Instead, an attacker would have to convince the user to click a link, typically by way of an enticement in an email or Instant Messenger message, and then convince the user to open the specially crafted file.

The security update addresses the vulnerability by correcting how Microsoft Word handles files in memory.


FAQ:

I have Microsoft Word 2010 installed. Why am I not being offered the 4461524 update? The 4461524 update only applies to systems running specific configurations of Microsoft Office 2010. Some configurations will not be offered the update.

I am being offered this update for software that is not specifically indicated as being affected in the Affected Software and Vulnerability Severity Ratings table. Why am I being offered this update? When updates address vulnerable code that exists in a component that is shared between multiple Microsoft Office products or shared between multiple versions of the same Microsoft Office product, the update is considered to be applicable to all supported products and versions that contain the vulnerable component.

For example, when an update applies to Microsoft Office 2007 products, only Microsoft Office 2007 may be specifically listed in the Affected Software table. However, the update could apply to Microsoft Word 2007, Microsoft Excel 2007, Microsoft Visio 2007, Microsoft Compatibility Pack, Microsoft Excel Viewer, or any other Microsoft Office 2007 product that is not specifically listed in the Affected Software table. Furthermore, when an update applies to Microsoft Office 2010 products, only Microsoft Office 2010 may be specifically listed in the Affected Software table. However, the update could apply to Microsoft Word 2010, Microsoft Excel 2010, Microsoft Visio 2010, Microsoft Visio Viewer, or any other Microsoft Office 2010 product that is not specifically listed in the Affected Software table.

For more information on this behavior and recommended actions, see Microsoft Knowledge Base Article 830335. For a list of Microsoft Office products that an update may apply to, refer to the Microsoft Knowledge Base Article associated with the specific update.



Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-11-13T08:00:00    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely Exploitation More Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8573
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft Office 2010 Service Pack 2 (32-bit editions) 4461524 (Security Update) Important Remote Code Execution 4092437 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Office 2010 Service Pack 2 (64-bit editions) 4461524 (Security Update) Important Remote Code Execution 4092437 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: N/A
Temporal: N/A
Vector: N/A
No
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: N/A
Temporal: N/A
Vector: N/A
No
Microsoft Word 2010 Service Pack 2 (32-bit editions) 4461526 (Security Update) Important Remote Code Execution 4092439 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Word 2010 Service Pack 2 (64-bit editions) 4461526 (Security Update) Important Remote Code Execution 4092439 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Word 2013 RT Service Pack 1 4461485 (Security Update) Important Remote Code Execution None Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Word 2013 Service Pack 1 (32-bit editions) 4461485 (Security Update) Important Remote Code Execution 4461457 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Word 2013 Service Pack 1 (64-bit editions) 4461485 (Security Update) Important Remote Code Execution 4461457 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Word 2016 (32-bit edition) 4461504 (Security Update) Important Remote Code Execution 4461449 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Word 2016 (64-bit edition) 4461504 (Security Update) Important Remote Code Execution 4461449 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Office 365 ProPlus for 32-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: N/A
Temporal: N/A
Vector: N/A
No
Office 365 ProPlus for 64-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: N/A
Temporal: N/A
Vector: N/A
No

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8573 Anonymous working with Trend Micro's Zero Day Initiative
http://www.zerodayinitiative.com/


CVE-2018-8574 - Microsoft Excel Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8574
MITRE
NVD
CVE Title: Microsoft Excel Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Exploitation of the vulnerability requires that a user open a specially crafted file with an affected version of Microsoft Excel. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) containing a specially crafted file designed to exploit the vulnerability. An attacker would have no way to force users to visit the website. Instead, an attacker would have to convince users to click a link, typically by way of an enticement in an email or instant message, and then convince them to open the specially crafted file.

The security update addresses the vulnerability by correcting how Microsoft Excel handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-11-13T08:00:00    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely Exploitation More Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8574
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft Excel 2016 (32-bit edition) 4461503 (Security Update) Important Remote Code Execution 4461448 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Excel 2016 (64-bit edition) 4461503 (Security Update) Important Remote Code Execution 4461448 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Office 2016 for Mac Release Notes (Security Update) Important Remote Code Execution None Base: N/A
Temporal: N/A
Vector: N/A
No
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: N/A
Temporal: N/A
Vector: N/A
No
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: N/A
Temporal: N/A
Vector: N/A
No
Microsoft Office 2019 for Mac Release Notes (Security Update) Important Remote Code Execution None Base: N/A
Temporal: N/A
Vector: N/A
No
Office 365 ProPlus for 32-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: N/A
Temporal: N/A
Vector: N/A
No
Office 365 ProPlus for 64-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: N/A
Temporal: N/A
Vector: N/A
No

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8574 Nicolas Joly of Microsoft Corporation
https://twitter.com/n_joly


CVE-2018-8575 - Microsoft Project Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8575
MITRE
NVD
CVE Title: Microsoft Project Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists in Microsoft Project software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the file could then take actions on behalf of the logged-on user with the same permissions as the current user.

To exploit the vulnerability, a user must open a specially crafted file with an affected version of Microsoft Project software. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerability. However, an attacker would have no way to force the user to visit the website. Instead, an attacker would have to convince the user to click a link, typically by way of an enticement in an email or Instant Messenger message, and then convince the user to open the specially crafted file.

The security update addresses the vulnerability by correcting how Microsoft Project handles files in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-11-13T08:00:00    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8575
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft Project 2010 Service Pack 2 (32-bit editions) 4022147 (Security Update) Important Remote Code Execution 3085614 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Project 2010 Service Pack 2 (64-bit editions) 4022147 (Security Update) Important Remote Code Execution 3085614 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Project 2016 (32-bit edition) 4461478 (Security Update) Important Remote Code Execution 2920698 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Project 2016 (64-bit edition) 4461478 (Security Update) Important Remote Code Execution 2920698 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Project Server 2013 Service Pack 1 (32-bit edition) 4461489 (Security Update) Important Remote Code Execution 3101506 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Project Server 2013 Service Pack 1 (64-bit edition) 4461489 (Security Update) Important Remote Code Execution 3101506 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Office 365 ProPlus for 32-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: N/A
Temporal: N/A
Vector: N/A
No
Office 365 ProPlus for 64-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: N/A
Temporal: N/A
Vector: N/A
No

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8575 None

CVE-2018-8581 - Microsoft Exchange Server Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8581
MITRE
NVD
CVE Title: Microsoft Exchange Server Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists in Microsoft Exchange Server. An attacker who successfully exploited this vulnerability could attempt to impersonate any other user of the Exchange server.

To exploit the vulnerability, an attacker would need to execute a man-in-the-middle attack to forward an authentication request to a Microsoft Exchange Server, thereby allowing impersonation of another Exchange user.

The security update addresses this vulnerability by deleting a registry key and enabling a loopback check.


FAQ:

A registry key exists called HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa. The vulnerability described by CVE-2018-8581 is unexploitable if this registry key is removed.

To remove the registry key, type the following command in an elevated CMD window:

reg delete HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa /v DisableLoopbackCheck /f



Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-11-13T08:00:00    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8581
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft Exchange Server 2010 Important Elevation of Privilege None Base: N/A
Temporal: N/A
Vector: N/A
Unknown
Microsoft Exchange Server 2013 Important Elevation of Privilege None Base: N/A
Temporal: N/A
Vector: N/A
Unknown
Microsoft Exchange Server 2016 Important Elevation of Privilege None Base: N/A
Temporal: N/A
Vector: N/A
Unknown
Microsoft Exchange Server 2019 Important Elevation of Privilege None Base: N/A
Temporal: N/A
Vector: N/A
Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8581 Anonymous working with Trend Micro's Zero Day Initiative
http://www.zerodayinitiative.com/


CVE-2018-8582 - Microsoft Outlook Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8582
MITRE
NVD
CVE Title: Microsoft Outlook Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists in the way that Microsoft Outlook parses specially modified rule export files.

An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Systems such as workstations and terminal servers where Microsoft Outlook is used are at risk. Servers could be at more risk if administrators allow users to log on to servers and to run programs. However, best practices strongly discourage allowing this.

In an email attack scenario, an attacker could exploit the vulnerability by sending a specially crafted email message to the user and then convincing the user to open the email and import an attached .rwz (rule export) file. Exploitation of this vulnerability requires that a user open a specially crafted email message with an affected version of Microsoft Outlook, download a malicious attachment, and manually import the contents of the attachment using the Outlook user interface.

The update addresses the vulnerability by correcting the way that Microsoft Outlook parses rule export files.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-11-13T08:00:00    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely Exploitation More Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8582
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: N/A
Temporal: N/A
Vector: N/A
No
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: N/A
Temporal: N/A
Vector: N/A
No
Microsoft Outlook 2010 Service Pack 2 (32-bit editions) 4461529 (Security Update) Important Remote Code Execution 4227170 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Outlook 2010 Service Pack 2 (64-bit editions) 4461529 (Security Update) Important Remote Code Execution 4227170 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Outlook 2013 RT Service Pack 1 4461486 (Security Update) Important Remote Code Execution 4092477 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Outlook 2013 Service Pack 1 (32-bit editions) 4461486 (Security Update) Important Remote Code Execution 4092477 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Outlook 2013 Service Pack 1 (64-bit editions) 4461486 (Security Update) Important Remote Code Execution 4092477 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Outlook 2016 (32-bit edition) 4461506 (Security Update) Important Remote Code Execution 4461440 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Outlook 2016 (64-bit edition) 4461506 (Security Update) Important Remote Code Execution 4461440 Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Office 365 ProPlus for 32-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: N/A
Temporal: N/A
Vector: N/A
No
Office 365 ProPlus for 64-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: N/A
Temporal: N/A
Vector: N/A
No

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8582 Yonghui Han of Fortinet’s FortiGuard Labs


CVE-2018-8588 - Chakra Scripting Engine Memory Corruption Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8588
MITRE
NVD
CVE Title: Chakra Scripting Engine Memory Corruption Vulnerability
Description:

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.

The security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-11-13T08:00:00    

Information published.


Moderate Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely N/A Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8588
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
ChakraCore Release Notes (Security Update) Critical Remote Code Execution None Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Maybe
Microsoft Edge on Windows 10 for 32-bit Systems 4467680 (Security Update) Critical Remote Code Execution 4462922 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 for x64-based Systems 4467680 (Security Update) Critical Remote Code Execution 4462922 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1607 for 32-bit Systems 4467691 (Security Update) Critical Remote Code Execution 4462917 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1607 for x64-based Systems 4467691 (Security Update) Critical Remote Code Execution 4462917 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1703 for 32-bit Systems 4467696 (Security Update) Critical Remote Code Execution 4462937 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1703 for x64-based Systems 4467696 (Security Update) Critical Remote Code Execution 4462937 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1709 for 32-bit Systems 4467686 (Security Update) Critical Remote Code Execution 4462918 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1709 for ARM64-based Systems 4467686 (Security Update) Critical Remote Code Execution 4462918 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1709 for x64-based Systems 4467686 (Security Update) Critical Remote Code Execution 4462918 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1803 for 32-bit Systems 4467702 (Security Update) Critical Remote Code Execution 4462919 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1803 for ARM64-based Systems 4467702 (Security Update) Critical Remote Code Execution 4462919 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1803 for x64-based Systems 4467702 (Security Update) Critical Remote Code Execution 4462919 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1809 for 32-bit Systems 4467708 (Security Update) Critical Remote Code Execution 4464330 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1809 for ARM64-based Systems 4467708 (Security Update) Critical Remote Code Execution 4464330 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1809 for x64-based Systems 4467708 (Security Update) Critical Remote Code Execution 4464330 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows Server 2016 4467691 (Security Update) Moderate Remote Code Execution 4462917 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows Server 2019 4467708 (Security Update) Moderate Remote Code Execution 4464330 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8588 Qixun Zhao of Qihoo 360 Vulcan Team​
https://twitter.com/S0rryMybad,http://www.360.com/


Jonathan Jacobi (@j0nathanj) of MSRC-IL
https://twitter.com/j0nathanj


CVE-2018-8600 - Azure App Service Cross-site Scripting Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8600
MITRE
NVD
CVE Title: Azure App Service Cross-site Scripting Vulnerability
Description:

A Cross-site Scripting (XSS) vulnerability exists when Azure App Services on Azure Stack does not properly sanitize user provided input. An authenticated attacker could exploit the vulnerability by sending a specially crafted payload to the App Service, which will get executed in the context of the user every time a user visits the compromised page.

The attacker who successfully exploited the vulnerability could then perform cross-site scripting attacks on affected systems and run script in the security context of the current user. The attacks could allow the attacker to read content that the attacker is not authorized to read, execute malicious code, and use the victim's identity to take actions on the site on behalf of the user, such as change permissions and delete content.

The security update addresses the vulnerability by ensuring that Azure App Service sanitizes user inputs.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-11-13T08:00:00    

Information published.


Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8600
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Azure App Service on Azure Stack Release Notes (Security Update) Important Spoofing None Base: N/A
Temporal: N/A
Vector: N/A
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8600 Jayson Grace of Sandia National Labs
https://www.sandia.gov


CVE-2018-8589 - Windows Win32k Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8589
MITRE
NVD
CVE Title: Windows Win32k Elevation of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists when Windows improperly handles calls to Win32k.sys.

An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control over an affected system.

The update addresses the vulnerability by correcting how Windows handles calls to Win32k.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-11-13T08:00:00    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely Exploitation Detected Not Applicable No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8589
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 7 for 32-bit Systems Service Pack 1 4467106 (Security Only)
4467107 (Monthly Rollup)
Important Elevation of Privilege
4462923
Base: 7.80
Temporal: 7.50
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 4467106 (Security Only)
4467107 (Monthly Rollup)
Important Elevation of Privilege
4462923
Base: 7.80
Temporal: 7.50
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4467700 (Security Only)
4467706 (Monthly Rollup)
Important Elevation of Privilege
4463097
Base: 7.80
Temporal: 7.50
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4467700 (Security Only)
4467706 (Monthly Rollup)
Important Elevation of Privilege
4463097
Base: 7.80
Temporal: 7.50
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C
Yes
Windows Server 2008 for Itanium-Based Systems Service Pack 2 4467706 (Monthly Rollup)
4467700 (Security Only)
Important Elevation of Privilege 4463097
Base: 7.80
Temporal: 7.50
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4467700 (Security Only)
4467706 (Monthly Rollup)
Important Elevation of Privilege
4463097
Base: 7.80
Temporal: 7.50
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4467700 (Security Only)
4467706 (Monthly Rollup)
Important Elevation of Privilege
4463097
Base: 7.80
Temporal: 7.50
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C
Yes
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 4467106 (Security Only)
4467107 (Monthly Rollup)
Important Elevation of Privilege
4462923
Base: 7.80
Temporal: 7.50
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4467106 (Security Only)
4467107 (Monthly Rollup)
Important Elevation of Privilege
4462923
Base: 7.80
Temporal: 7.50
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4467106 (Security Only)
4467107 (Monthly Rollup)
Important Elevation of Privilege
4462923
Base: 7.80
Temporal: 7.50
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8589 Boris Larin (Oct0xor) of Kaspersky Lab
https://twitter.com/oct0xor,https://www.kaspersky.com/


Igor Soumenkov (2igosha) of Kaspersky Lab
https://twitter.com/2igosha,https://www.kaspersky.com/


CVE-2018-8592 - Windows Elevation Of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8592
MITRE
NVD
CVE Title: Windows Elevation Of Privilege Vulnerability
Description:

An elevation of privilege vulnerability exists in Windows 10 version 1809 when installed from physical media (USB, DVD, etc.) with the “keep nothing” option selected during installation. Successful exploitation of the vulnerability could allow an attacker to gain local access to an affected system.

To exploit the vulnerability, an attacker would need physical access to the console of the affected system.

The update addresses the vulnerability by changing built-in account behavior after the setup process completes.

For recommendations on managing the local administrator accounts, please see Implementing Least-Privilege Administrative Models


FAQ:

What versions of Windows 10 version 1809 builds are affected by this vulnerability?

Affected versions were Windows 10 version 1809 builds are 17652 through 18269. Builds above and below this range are not affected.



Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-11-13T08:00:00    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8592
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 Version 1809 for 32-bit Systems 4467708 (Security Update) Important Elevation of Privilege 4464330 Base: 6.40
Temporal: 6.10
Vector: CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 4467708 (Security Update) Important Elevation of Privilege 4464330 Base: 6.40
Temporal: 6.10
Vector: CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 4467708 (Security Update) Important Elevation of Privilege 4464330 Base: 6.40
Temporal: 6.10
Vector: CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/RL:O/RC:C
Yes
Windows Server 2019 4467708 (Security Update) Important Elevation of Privilege 4464330 Base: 6.40
Temporal: 6.10
Vector: CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 4467708 (Security Update) Important Elevation of Privilege 4464330 Base: 6.40
Temporal: 6.10
Vector: CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8592 None

CVE-2018-8605 - Microsoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8605
MITRE
NVD
CVE Title: Microsoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability
Description:

A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) version 8 does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics server.

The attacker who successfully exploited the vulnerability could then perform cross-site scripting attacks on affected systems and run script in the security context of the current user. These attacks could allow the attacker to read content that the attacker is not authorized to read, use the victim's identity to take actions within Dynamics Server on behalf of the user, such as change permissions and delete content, and inject malicious content in the browser of the user.

The security update addresses the vulnerability by helping to ensure that Dynamics Server properly sanitizes web requests.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-11-13T08:00:00    

Information published.


Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8605
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft Dynamics 365 (on-premises) version 8 4467675 (Security Update) Important Spoofing None Base: N/A
Temporal: N/A
Vector: N/A
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8605 Manuel Sanchez Hernanz CBRE Real Estate https://www.cbre.us
https://www.linkedin.com/in/msanchezher/


Tim Kent of TSS Cyber
https://twitter.com/__timk,https://www.tsscyber.com.au/


CVE-2018-8606 - Microsoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8606
MITRE
NVD
CVE Title: Microsoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability
Description:

A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) version 8 does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics server.

The attacker who successfully exploited the vulnerability could then perform cross-site scripting attacks on affected systems and run script in the security context of the current user. These attacks could allow the attacker to read content that the attacker is not authorized to read, use the victim's identity to take actions within Dynamics Server on behalf of the user, such as change permissions and delete content, and inject malicious content in the browser of the user.

The security update addresses the vulnerability by helping to ensure that Dynamics Server properly sanitizes web requests.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-11-13T08:00:00    

Information published.


Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8606
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft Dynamics 365 (on-premises) version 8 4467675 (Security Update) Important Spoofing None Base: N/A
Temporal: N/A
Vector: N/A
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8606 None

CVE-2018-8607 - Microsoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8607
MITRE
NVD
CVE Title: Microsoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability
Description:

A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) version 8 does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics server.

The attacker who successfully exploited the vulnerability could then perform cross-site scripting attacks on affected systems and run script in the security context of the current user. These attacks could allow the attacker to read content that the attacker is not authorized to read, use the victim's identity to take actions within Dynamics Server on behalf of the user, such as change permissions and delete content, and inject malicious content in the browser of the user.

The security update addresses the vulnerability by helping to ensure that Dynamics Server properly sanitizes web requests.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-11-13T08:00:00    

Information published.


Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8607
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft Dynamics 365 (on-premises) version 8 4467675 (Security Update) Important Spoofing None Base: N/A
Temporal: N/A
Vector: N/A
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8607 Tim Kent of TSS Cyber
https://twitter.com/__timk,https://www.tsscyber.com.au/


Marios Gyftos
https://Twitter.com/mariosgyftos


CVE-2018-8608 - Microsoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8608
MITRE
NVD
CVE Title: Microsoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability
Description:

A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) version 8 does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics server.

The attacker who successfully exploited the vulnerability could then perform cross-site scripting attacks on affected systems and run script in the security context of the current user. These attacks could allow the attacker to read content that the attacker is not authorized to read, use the victim's identity to take actions within Dynamics Server on behalf of the user, such as change permissions and delete content, and inject malicious content in the browser of the user.

The security update addresses the vulnerability by helping to ensure that Dynamics Server properly sanitizes web requests.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-11-13T08:00:00    

Information published.


Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8608
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft Dynamics 365 (on-premises) version 8 4467675 (Security Update) Important Spoofing None Base: N/A
Temporal: N/A
Vector: N/A
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8608 None

CVE-2018-8609 - Microsoft Dynamics 365 (on-premises) version 8 Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8609
MITRE
NVD
CVE Title: Microsoft Dynamics 365 (on-premises) version 8 Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists in Microsoft Dynamics 365 (on-premises) version 8 when the server fails to properly sanitize web requests to an affected Dynamics server. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SQL service account.   An authenticated attacker could exploit this vulnerability by sending a specially crafted request to a vulnerable Dynamics server.   The security update addresses the vulnerability by correcting how Microsoft Dynamics 365 (on-premises) version 8 validates and sanitizes user input.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-11-13T08:00:00    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8609
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Microsoft Dynamics 365 (on-premises) version 8 4467675 (Security Update) Critical Remote Code Execution None Base: N/A
Temporal: N/A
Vector: N/A
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8609 None

CVE-2018-8408 - Windows Kernel Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8408
MITRE
NVD
CVE Title: Windows Kernel Information Disclosure Vulnerability
Description:

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.

To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.

The update addresses the vulnerability by correcting how the Windows kernel initializes objects in memory.


FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory.



Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-11-13T08:00:00    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely Exploitation More Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8408
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4467680 (Security Update) Important Information Disclosure 4462922 Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows 10 for x64-based Systems 4467680 (Security Update) Important Information Disclosure 4462922 Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows 10 Version 1607 for 32-bit Systems 4467691 (Security Update) Important Information Disclosure 4462917 Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows 10 Version 1607 for x64-based Systems 4467691 (Security Update) Important Information Disclosure 4462917 Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows 10 Version 1703 for 32-bit Systems 4467696 (Security Update) Important Information Disclosure 4462937 Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows 10 Version 1703 for x64-based Systems 4467696 (Security Update) Important Information Disclosure 4462937 Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows 10 Version 1709 for 32-bit Systems 4467686 (Security Update) Important Information Disclosure 4462918 Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows 10 Version 1709 for ARM64-based Systems 4467686 (Security Update) Important Information Disclosure 4462918 Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows 10 Version 1709 for x64-based Systems 4467686 (Security Update) Important Information Disclosure 4462918 Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows 10 Version 1803 for 32-bit Systems 4467702 (Security Update) Important Information Disclosure 4462919 Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows 10 Version 1803 for ARM64-based Systems 4467702 (Security Update) Important Information Disclosure None Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows 10 Version 1803 for x64-based Systems 4467702 (Security Update) Important Information Disclosure 4462919 Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows 7 for 32-bit Systems Service Pack 1 4467106 (Security Only)
4467107 (Monthly Rollup)
Important Information Disclosure
4462923
Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows 7 for x64-based Systems Service Pack 1 4467106 (Security Only)
4467107 (Monthly Rollup)
Important Information Disclosure
4462923
Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows 8.1 for 32-bit systems 4467703 (Security Only)
4467697 (Monthly Rollup)
Important Information Disclosure
4462926
Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows 8.1 for x64-based systems 4467697 (Monthly Rollup)
4467703 (Security Only)
Important Information Disclosure 4462926
Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows RT 8.1 4467697 (Monthly Rollup) Important Information Disclosure 4462926 Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4467700 (Security Only)
4467706 (Monthly Rollup)
Important Information Disclosure
4463097
Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4467700 (Security Only)
4467706 (Monthly Rollup)
Important Information Disclosure
4463097
Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows Server 2008 for Itanium-Based Systems Service Pack 2 4467706 (Monthly Rollup)
4467700 (Security Only)
Important Information Disclosure 4463097
Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4467700 (Security Only)
4467706 (Monthly Rollup)
Important Information Disclosure
4463097
Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4467700 (Security Only)
4467706 (Monthly Rollup)
Important Information Disclosure
4463097
Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 4467106 (Security Only)
4467107 (Monthly Rollup)
Important Information Disclosure
4462923
Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4467106 (Security Only)
4467107 (Monthly Rollup)
Important Information Disclosure
4462923
Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4467106 (Security Only)
4467107 (Monthly Rollup)
Important Information Disclosure
4462923
Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows Server 2012 4467678 (Security Only)
4467701 (Monthly Rollup)
Important Information Disclosure
4462929
Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows Server 2012 (Server Core installation) 4467678 (Security Only)
4467701 (Monthly Rollup)
Important Information Disclosure
4462929
Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows Server 2012 R2 4467697 (Monthly Rollup)
4467703 (Security Only)
Important Information Disclosure 4462926
Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows Server 2012 R2 (Server Core installation) 4467697 (Monthly Rollup)
4467703 (Security Only)
Important Information Disclosure 4462926
Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows Server 2016 4467691 (Security Update) Important Information Disclosure 4462917 Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows Server 2016 (Server Core installation) 4467691 (Security Update) Important Information Disclosure 4462917 Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows Server, version 1709 (Server Core Installation) 4467686 (Security Update) Important Information Disclosure 4462918 Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes
Windows Server, version 1803 (Server Core Installation) 4467702 (Security Update) Important Information Disclosure 4462919 Base: 3.30
Temporal: 3.30
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8408 ZiMi and JunGu from Alibaba Orion Security Lab


CVE-2018-8416 - .NET Core Tampering Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8416
MITRE
NVD
CVE Title: .NET Core Tampering Vulnerability
Description:

A tampering vulnerability exists when .NET Core improperly handles specially crafted files. An attacker who successfully exploited this vulnerability could write arbitrary files and directories to certain locations on a vulnerable system. However, an attacker would have limited control over the destination of the files and directories.

To exploit the vulnerability, an attacker must send a specially crafted file to a vulnerable system.

The security update fixes the vulnerability by ensuring .NET Core properly handles files.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-11-13T08:00:00    

Information published.


Moderate Tampering

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Exploitation Less Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8416
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
.NET Core 2.1 Pull Request (Security Update) Moderate Tampering None Base: N/A
Temporal: N/A
Vector: N/A
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8416 Danny Grander of Snyk
https://twitter.com/grander,https://snyk.io


CVE-2018-8450 - Windows Search Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8450
MITRE
NVD
CVE Title: Windows Search Remote Code Execution Vulnerability
Description:

A remote code execution vulnerability exists when Windows Search handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

To exploit the vulnerability, the attacker could send specially crafted messages to the Windows Search service. An attacker with access to a target computer could exploit this vulnerability to elevate privileges and take control of the computer. Additionally, in an enterprise scenario, a remote authenticated attacker could remotely trigger the vulnerability through an SMB connection and then take control of a target computer.

The security update addresses the vulnerability by correcting how Windows Search handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-11-13T08:00:00    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely Exploitation More Likely Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8450
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 4467680 (Security Update) Important Remote Code Execution 4462922 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 4467680 (Security Update) Important Remote Code Execution 4462922 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 4467691 (Security Update) Important Remote Code Execution 4462917 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 4467691 (Security Update) Important Remote Code Execution 4462917 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1703 for 32-bit Systems 4467696 (Security Update) Important Remote Code Execution 4462937 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1703 for x64-based Systems 4467696 (Security Update) Important Remote Code Execution 4462937 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for 32-bit Systems 4467686 (Security Update) Important Remote Code Execution 4462918 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for ARM64-based Systems 4467686 (Security Update) Important Remote Code Execution 4462918 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1709 for x64-based Systems 4467686 (Security Update) Important Remote Code Execution 4462918 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 4467106 (Security Only)
4467107 (Monthly Rollup)
Important Remote Code Execution
4462923
Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 4467106 (Security Only)
4467107 (Monthly Rollup)
Important Remote Code Execution
4462923
Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 4467703 (Security Only)
4467697 (Monthly Rollup)
Important Remote Code Execution
4462926
Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 4467697 (Monthly Rollup)
4467703 (Security Only)
Important Remote Code Execution 4462926
Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows RT 8.1 4467697 (Monthly Rollup) Important Remote Code Execution 4462926 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 4467700 (Security Only)
4467706 (Monthly Rollup)
Important Remote Code Execution
4463097
Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 4467700 (Security Only)
4467706 (Monthly Rollup)
Important Remote Code Execution
4463097
Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 4467700 (Security Only)
4467706 (Monthly Rollup)
Important Remote Code Execution
4463097
Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 4467700 (Security Only)
4467706 (Monthly Rollup)
Important Remote Code Execution
4463097
Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 4467106 (Security Only)
4467107 (Monthly Rollup)
Important Remote Code Execution
4462923
Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 4467106 (Security Only)
4467107 (Monthly Rollup)
Important Remote Code Execution
4462923
Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 4467678 (Security Only)
4467701 (Monthly Rollup)
Important Remote Code Execution
4462929
Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 4467678 (Security Only)
4467701 (Monthly Rollup)
Important Remote Code Execution
4462929
Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 4467697 (Monthly Rollup)
4467703 (Security Only)
Important Remote Code Execution 4462926
Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 4467697 (Monthly Rollup)
4467703 (Security Only)
Important Remote Code Execution 4462926
Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 4467691 (Security Update) Important Remote Code Execution 4462917 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 4467691 (Security Update) Important Remote Code Execution 4462917 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1709 (Server Core Installation) 4467686 (Security Update) Important Remote Code Execution 4462918 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1803 (Server Core Installation) 4467702 (Security Update) Important Remote Code Execution 4462919 Base: 7.50
Temporal: 6.70
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8450 None

CVE-2018-8541 - Chakra Scripting Engine Memory Corruption Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8541
MITRE
NVD
CVE Title: Chakra Scripting Engine Memory Corruption Vulnerability
Description:

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.

The security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-11-13T08:00:00    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely N/A Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8541
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
ChakraCore Release Notes (Security Update) Critical Remote Code Execution None Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Maybe
Microsoft Edge on Windows 10 Version 1803 for 32-bit Systems 4467702 (Security Update) Critical Remote Code Execution 4462919 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1803 for ARM64-based Systems 4467702 (Security Update) Critical Remote Code Execution 4462919 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1803 for x64-based Systems 4467702 (Security Update) Critical Remote Code Execution 4462919 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1809 for 32-bit Systems 4467708 (Security Update) Critical Remote Code Execution 4464330 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1809 for ARM64-based Systems 4467708 (Security Update) Critical Remote Code Execution 4464330 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1809 for x64-based Systems 4467708 (Security Update) Critical Remote Code Execution 4464330 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows Server 2019 4467708 (Security Update) Moderate Remote Code Execution 4464330 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2018-8541 None

CVE-2018-8542 - Chakra Scripting Engine Memory Corruption Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-8542
MITRE
NVD
CVE Title: Chakra Scripting Engine Memory Corruption Vulnerability
Description:

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.

The security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2018-11-13T08:00:00    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment for Latest Software Release Exploitability Assessment for Older Software Release Denial of Service Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely N/A Not Applicable No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-8542
Product KB Article Severity Impact Supersedence CVSS Score Set Restart Required
ChakraCore Release Notes (Security Update) Critical Remote Code Execution None Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Maybe
Microsoft Edge on Windows 10 for 32-bit Systems 4467680 (Security Update) Critical Remote Code Execution 4462922 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 for x64-based Systems 4467680 (Security Update) Critical Remote Code Execution 4462922 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1607 for 32-bit Systems 4467691 (Security Update) Critical Remote Code Execution 4462917 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1607 for x64-based Systems 4467691 (Security Update) Critical Remote Code Execution 4462917 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1703 for 32-bit Systems 4467696 (Security Update) Critical Remote Code Execution 4462937 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1703 for x64-based Systems 4467696 (Security Update) Critical Remote Code Execution 4462937 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1709 for 32-bit Systems 4467686 (Security Update) Critical Remote Code Execution 4462918 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1709 for ARM64-based Systems 4467686 (Security Update) Critical Remote Code Execution 4462918 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1709 for x64-based Systems 4467686 (Security Update) Critical Remote Code Execution 4462918 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1803 for 32-bit Systems 4467702 (Security Update) Critical Remote Code Execution 4462919 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1803 for ARM64-based Systems 4467702 (Security Update) Critical Remote Code Execution 4462919 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1803 for x64-based Systems 4467702 (Security Update) Critical Remote Code Execution 4462919 Base: 4.20
Temporal: 3.80
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C
Yes
Microsoft Edge on Windows 10 Version 1809 for 32-bit Systems 4467708 (Security Update) Critical<