This report contains detail for the following vulnerabilities:
Tag | CVE ID | CVE Title |
---|---|---|
.NET Core | CVE-2018-8409 | System.IO.Pipelines Denial of Service |
.NET Framework | CVE-2018-8421 | .NET Framework Remote Code Execution Vulnerability |
Adobe Flash Player | ADV180023 | September 2018 Adobe Flash Security Update |
Azure | CVE-2018-8479 | Azure IoT SDK Spoofing Vulnerability |
Device Guard | CVE-2018-8449 | Device Guard Security Feature Bypass Vulnerability |
Internet Explorer | CVE-2018-8470 | Internet Explorer Security Feature Bypass Vulnerability |
Internet Explorer | CVE-2018-8447 | Internet Explorer Memory Corruption Vulnerability |
Internet Explorer | CVE-2018-8461 | Internet Explorer Memory Corruption Vulnerability |
Microsoft Edge | CVE-2018-8366 | Microsoft Edge Information Disclosure Vulnerability |
Microsoft Edge | CVE-2018-8469 | Microsoft Edge Elevation of Privilege Vulnerability |
Microsoft Edge | CVE-2018-8463 | Microsoft Edge Elevation of Privilege Vulnerability |
Microsoft Edge | CVE-2018-8425 | Microsoft Edge Spoofing Vulnerability |
Microsoft Edge | CVE-2018-8464 | Microsoft Edge PDF Remote Code Execution Vulnerability |
Microsoft Graphics Component | CVE-2018-8332 | Win32k Graphics Remote Code Execution Vulnerability |
Microsoft Graphics Component | CVE-2018-8475 | Windows Remote Code Execution Vulnerability |
Microsoft Graphics Component | CVE-2018-8462 | DirectX Graphics Kernel Elevation of Privilege Vulnerability |
Microsoft Graphics Component | CVE-2018-8424 | Windows GDI Information Disclosure Vulnerability |
Microsoft Graphics Component | CVE-2018-8433 | Microsoft Graphics Component Information Disclosure Vulnerability |
Microsoft Identity Services | CVE-2018-8269 | OData Denial of Service Vulnerability |
Microsoft JET Database Engine | CVE-2018-8392 | Microsoft JET Database Engine Remote Code Execution Vulnerability |
Microsoft JET Database Engine | CVE-2018-8393 | Microsoft JET Database Engine Remote Code Execution Vulnerability |
Microsoft Office | CVE-2018-8428 | Microsoft SharePoint Elevation of Privilege Vulnerability |
Microsoft Office | CVE-2018-8426 | Microsoft Office SharePoint XSS Vulnerability |
Microsoft Office | CVE-2018-8429 | Microsoft Excel Information Disclosure Vulnerability |
Microsoft Office | CVE-2018-8431 | Microsoft SharePoint Elevation of Privilege Vulnerability |
Microsoft Office | CVE-2018-8430 | Word PDF Remote Code Execution Vulnerability |
Microsoft Office | CVE-2018-8474 | Lync for Mac 2011 Security Feature Bypass Vulnerability |
Microsoft Office | CVE-2018-8331 | Microsoft Excel Remote Code Execution Vulnerability |
Microsoft Scripting Engine | CVE-2018-8457 | Scripting Engine Memory Corruption Vulnerability |
Microsoft Scripting Engine | CVE-2018-8459 | Scripting Engine Memory Corruption Vulnerability |
Microsoft Scripting Engine | CVE-2018-8465 | Chakra Scripting Engine Memory Corruption Vulnerability |
Microsoft Scripting Engine | CVE-2018-8456 | Scripting Engine Memory Corruption Vulnerability |
Microsoft Scripting Engine | CVE-2018-8367 | Chakra Scripting Engine Memory Corruption Vulnerability |
Microsoft Scripting Engine | CVE-2018-8391 | Scripting Engine Memory Corruption Vulnerability |
Microsoft Scripting Engine | CVE-2018-8452 | Scripting Engine Information Disclosure Vulnerability |
Microsoft Scripting Engine | CVE-2018-8315 | Microsoft Scripting Engine Information Disclosure Vulnerability |
Microsoft Scripting Engine | CVE-2018-8354 | Scripting Engine Memory Corruption Vulnerability |
Microsoft Scripting Engine | CVE-2018-8466 | Chakra Scripting Engine Memory Corruption Vulnerability |
Microsoft Scripting Engine | CVE-2018-8467 | Chakra Scripting Engine Memory Corruption Vulnerability |
Microsoft Windows | CVE-2018-8438 | Windows Hyper-V Denial of Service Vulnerability |
Microsoft Windows | CVE-2018-8271 | Windows Information Disclosure Vulnerability |
Microsoft Windows | ADV180022 | Windows Denial of Service Vulnerability |
Microsoft Windows | CVE-2018-8440 | Windows ALPC Elevation of Privilege Vulnerability |
Microsoft Windows | CVE-2018-8410 | Windows Registry Elevation of Privilege Vulnerability |
Microsoft XML Core Services | CVE-2018-8420 | MS XML Remote Code Execution Vulnerability |
Windows Hyper-V | CVE-2018-0965 | Windows Hyper-V Remote Code Execution Vulnerability |
Windows Hyper-V | CVE-2018-8435 | Windows Hyper-V Security Feature Bypass Vulnerability |
Windows Hyper-V | CVE-2018-8436 | Windows Hyper-V Denial of Service Vulnerability |
Windows Hyper-V | CVE-2018-8439 | Windows Hyper-V Remote Code Execution Vulnerability |
Windows Hyper-V | CVE-2018-8437 | Windows Hyper-V Denial of Service Vulnerability |
Windows Hyper-V | CVE-2018-8434 | Windows Hyper-V Information Disclosure Vulnerability |
Windows Kernel | CVE-2018-8336 | Windows Kernel Information Disclosure Vulnerability |
Windows Kernel | CVE-2018-8446 | Windows Kernel Information Disclosure Vulnerability |
Windows Kernel | CVE-2018-8443 | Windows Kernel Information Disclosure Vulnerability |
Windows Kernel | CVE-2018-8445 | Windows Kernel Information Disclosure Vulnerability |
Windows Kernel | CVE-2018-8455 | Windows Kernel Elevation of Privilege Vulnerability |
Windows Kernel | CVE-2018-8442 | Windows Kernel Information Disclosure Vulnerability |
Windows Media | CVE-2018-8419 | Windows Kernel Information Disclosure Vulnerability |
Windows Shell | CVE-2018-8468 | Windows Elevation of Privilege Vulnerability |
Windows SMB Server | CVE-2018-8444 | Windows SMB Information Disclosure Vulnerability |
Windows SMB Server | CVE-2018-8335 | Windows SMB Denial of Service Vulnerability |
Windows Subsystem for Linux | CVE-2018-8441 | Windows Subsystem for Linux Elevation of Privilege Vulnerability |
Windows Subsystem for Linux | CVE-2018-8337 | Windows Subsystem for Linux Security Feature Bypass Vulnerability |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-0965 MITRE NVD |
CVE Title: Windows Hyper-V Remote Code Execution Vulnerability
Description: A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause the Hyper-V host operating system to execute arbitrary code. An attacker who successfully exploited the vulnerability could execute arbitrary code on the host operating system. The security update addresses the vulnerability by correcting how Hyper-V validates guest operating system user input. FAQ: None Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Critical | Remote Code Execution |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
Exploitation Less Likely | Exploitation Less Likely | Not Applicable | No | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-0965 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
Windows 10 Version 1607 for x64-based Systems | 4457131 (Security Update) | Critical | Remote Code Execution | 4343887 | Base: 7.60 Temporal: 6.80 Vector: CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1703 for x64-based Systems | 4457138 (Security Update) | Critical | Remote Code Execution | 4343885 | Base: 7.60 Temporal: 6.80 Vector: CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1803 for x64-based Systems | 4457128 (Security Update) | Critical | Remote Code Execution | 4343909 | Base: 7.60 Temporal: 6.80 Vector: CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2016 | 4457131 (Security Update) | Critical | Remote Code Execution | 4343887 | Base: 7.60 Temporal: 6.80 Vector: CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2016 (Server Core installation) | 4457131 (Security Update) | Critical | Remote Code Execution | 4343887 | Base: 7.60 Temporal: 6.80 Vector: CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server, version 1709 (Server Core Installation) | 4457142 (Security Update) | Critical | Remote Code Execution | 4343897 | Base: 7.60 Temporal: 6.80 Vector: CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server, version 1803 (Server Core Installation) | 4457128 (Security Update) | Critical | Remote Code Execution | 4343909 | Base: 7.60 Temporal: 6.80 Vector: CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
CVE ID | Acknowledgements |
CVE-2018-0965 | None |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8269 MITRE NVD |
CVE Title: OData Denial of Service Vulnerability
Description: A denial of service vulnerability exists when OData Library improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against an OData web application. A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to the OData application. The update addresses the vulnerability by correcting how the OData web application handles web requests. FAQ: None Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Important | Denial of Service |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
Exploitation Less Likely | Exploitation Less Likely | Not Applicable | No | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-8269 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
Microsoft.Data.OData | Release Notes (Security Update) | Important | Denial of Service | None | Base: N/A Temporal: N/A Vector: N/A |
Maybe |
CVE ID | Acknowledgements |
CVE-2018-8269 | Gil Mirmovitch of Aleph Research, HCL Technologies https://alephsecurity.com |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8271 MITRE NVD |
CVE Title: Windows Information Disclosure Vulnerability
Description: An information disclosure vulnerability exists in Windows when the Windows bowser.sys kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could potentially disclose contents of System memory. To exploit this vulnerability, an attacker would have to log on to the system first and then run a specially crafted application in user mode. The security update addresses the vulnerability by correcting how the bowser.sys kernel-mode driver handles objects in memory. FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Important | Information Disclosure |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
Exploitation Less Likely | Exploitation Less Likely | Not Applicable | No | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-8271 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
Windows 10 for 32-bit Systems | 4457132 (Security Update) | Important | Information Disclosure | 4343892 | Base: 2.50 Temporal: 2.50 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N |
Yes |
Windows 10 for x64-based Systems | 4457132 (Security Update) | Important | Information Disclosure | 4343892 | Base: 2.50 Temporal: 2.50 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N |
Yes |
Windows 10 Version 1607 for 32-bit Systems | 4457131 (Security Update) | Important | Information Disclosure | 4343887 | Base: 2.50 Temporal: 2.50 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N |
Yes |
Windows 10 Version 1607 for x64-based Systems | 4457131 (Security Update) | Important | Information Disclosure | 4343887 | Base: 2.50 Temporal: 2.50 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N |
Yes |
Windows 10 Version 1703 for 32-bit Systems | 4457138 (Security Update) | Important | Information Disclosure | 4343885 | Base: 2.50 Temporal: 2.50 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N |
Yes |
Windows 10 Version 1703 for x64-based Systems | 4457138 (Security Update) | Important | Information Disclosure | 4343885 | Base: 2.50 Temporal: 2.50 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N |
Yes |
Windows 10 Version 1709 for 32-bit Systems | 4457142 (Security Update) | Important | Information Disclosure | 4343897 | Base: 2.50 Temporal: 2.50 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N |
Yes |
Windows 10 Version 1709 for x64-based Systems | 4457142 (Security Update) | Important | Information Disclosure | 4343897 | Base: 2.50 Temporal: 2.50 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N |
Yes |
Windows 10 Version 1803 for 32-bit Systems | 4457128 (Security Update) | Important | Information Disclosure | 4343909 | Base: 2.50 Temporal: 2.50 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N |
Yes |
Windows 10 Version 1803 for x64-based Systems | 4457128 (Security Update) | Important | Information Disclosure | 4343909 | Base: 2.50 Temporal: 2.50 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N |
Yes |
Windows 7 for 32-bit Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Information Disclosure | 4343900 |
Base: 2.50 Temporal: 2.50 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N |
Yes |
Windows 7 for x64-based Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Information Disclosure | 4343900 |
Base: 2.50 Temporal: 2.50 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N |
Yes |
Windows 8.1 for 32-bit systems | 4457143 (Security Only) 4457129 (Monthly Rollup) |
Important | Information Disclosure | 4343898 |
Base: 2.50 Temporal: 2.50 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N |
Yes |
Windows 8.1 for x64-based systems | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Important | Information Disclosure | 4343898 |
Base: 2.50 Temporal: 2.50 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N |
Yes |
Windows RT 8.1 | 4457129 (Monthly Rollup) | Important | Information Disclosure | 4343898 | Base: 2.50 Temporal: 2.50 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N |
Yes |
Windows Server 2008 for 32-bit Systems Service Pack 2 | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Information Disclosure | Base: 2.50 Temporal: 2.50 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N |
Yes | |
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Information Disclosure | Base: 2.50 Temporal: 2.50 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N |
Yes | |
Windows Server 2008 for Itanium-Based Systems Service Pack 2 | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Information Disclosure | Base: 2.50 Temporal: 2.50 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N |
Yes | |
Windows Server 2008 for x64-based Systems Service Pack 2 | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Information Disclosure | Base: 2.50 Temporal: 2.50 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N |
Yes | |
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Information Disclosure | Base: 2.50 Temporal: 2.50 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N |
Yes | |
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Information Disclosure | 4343900 |
Base: 2.50 Temporal: 2.50 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N |
Yes |
Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Information Disclosure | 4343900 |
Base: 2.50 Temporal: 2.50 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N |
Yes |
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Information Disclosure | 4343900 |
Base: 2.50 Temporal: 2.50 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N |
Yes |
Windows Server 2012 | 4457135 (Monthly Rollup) 4457140 (Security Only) |
Important | Information Disclosure | 4343901 |
Base: 2.50 Temporal: 2.50 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N |
Yes |
Windows Server 2012 (Server Core installation) | 4457135 (Monthly Rollup) 4457140 (Security Only) |
Important | Information Disclosure | 4343901 |
Base: 2.50 Temporal: 2.50 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N |
Yes |
Windows Server 2012 R2 | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Important | Information Disclosure | 4343898 |
Base: 2.50 Temporal: 2.50 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N |
Yes |
Windows Server 2012 R2 (Server Core installation) | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Important | Information Disclosure | 4343898 |
Base: 2.50 Temporal: 2.50 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N |
Yes |
Windows Server 2016 | 4457131 (Security Update) | Important | Information Disclosure | 4343887 | Base: 2.50 Temporal: 2.50 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N |
Yes |
Windows Server 2016 (Server Core installation) | 4457131 (Security Update) | Important | Information Disclosure | 4343887 | Base: 2.50 Temporal: 2.50 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N |
Yes |
Windows Server, version 1709 (Server Core Installation) | 4457142 (Security Update) | Important | Information Disclosure | 4343897 | Base: 2.50 Temporal: 2.50 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N |
Yes |
Windows Server, version 1803 (Server Core Installation) | 4457128 (Security Update) | Important | Information Disclosure | 4343909 | Base: 2.50 Temporal: 2.50 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N |
Yes |
CVE ID | Acknowledgements |
CVE-2018-8271 | Ruibo Liu of Baidu XLab Tianya Team http://xlab.baidu.com Amichai Shulman Tal Be'ery https://www.linkedin.com/in/amichaishulman/,https://www.linkedin.com/in/talbeery/ |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8315 MITRE NVD |
CVE Title: Microsoft Scripting Engine Information Disclosure Vulnerability
Description: An information disclosure vulnerability exists when the browser scripting engine improperly handle object types. An attacker who has successfully exploited this vulnerability might be able to read privileged data across trust boundaries. In browsing scenarios, an attacker could convince a user to visit a malicious site and leverage the vulnerability to obtain privileged information from the browser process, such as sensitive data from other opened tabs. An attacker could also inject malicious code into advertising networks used by trusted sites or embed malicious code on a compromised, but trusted, site. The security update addresses the vulnerability by correcting how the browser scripting engine handles object types. FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Important | Information Disclosure |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
Exploitation Less Likely | N/A | Not Applicable | No | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-8315 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
ChakraCore | Commit (Security Update) | Important | Information Disclosure | None | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Maybe |
Internet Explorer 10 on Windows Server 2012 | 4457426 (IE Cumulative) 4457135 (Monthly Rollup) |
Low | Information Disclosure | 4343205 4343901 |
Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows 10 for 32-bit Systems | 4457132 (Security Update) | Important | Information Disclosure | 4343892 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows 10 for x64-based Systems | 4457132 (Security Update) | Important | Information Disclosure | 4343892 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows 10 Version 1607 for 32-bit Systems | 4457131 (Security Update) | Important | Information Disclosure | 4343887 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows 10 Version 1607 for x64-based Systems | 4457131 (Security Update) | Important | Information Disclosure | 4343887 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows 10 Version 1703 for 32-bit Systems | 4457138 (Security Update) | Important | Information Disclosure | 4343885 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows 10 Version 1703 for x64-based Systems | 4457138 (Security Update) | Important | Information Disclosure | 4343885 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows 10 Version 1709 for 32-bit Systems | 4457142 (Security Update) | Important | Information Disclosure | 4343897 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows 10 Version 1709 for x64-based Systems | 4457142 (Security Update) | Important | Information Disclosure | 4343897 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows 10 Version 1803 for 32-bit Systems | 4457128 (Security Update) | Important | Information Disclosure | 4343909 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows 10 Version 1803 for x64-based Systems | 4457128 (Security Update) | Important | Information Disclosure | 4343909 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows 7 for 32-bit Systems Service Pack 1 | 4457426 (IE Cumulative) 4457144 (Monthly Rollup) |
Important | Information Disclosure | 4343205 4343900 |
Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows 7 for x64-based Systems Service Pack 1 | 4457426 (IE Cumulative) 4457144 (Monthly Rollup) |
Important | Information Disclosure | 4343205 4343900 |
Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows 8.1 for 32-bit systems | 4457426 (IE Cumulative) 4457129 (Monthly Rollup) |
Important | Information Disclosure | 4343205 4343898 |
Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows 8.1 for x64-based systems | 4457426 (IE Cumulative) 4457129 (Monthly Rollup) |
Important | Information Disclosure | 4343205 4343898 |
Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows RT 8.1 | 4457129 (Monthly Rollup) | Important | Information Disclosure | 4343898 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 4457426 (IE Cumulative) 4457144 (Monthly Rollup) |
Low | Information Disclosure | 4343205 4343900 |
Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows Server 2012 R2 | 4457426 (IE Cumulative) 4457129 (Monthly Rollup) |
Low | Information Disclosure | 4343205 4343898 |
Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows Server 2016 | 4457131 (Security Update) | Low | Information Disclosure | 4343887 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 for 32-bit Systems | 4457132 (Security Update) | Important | Information Disclosure | 4343892 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 for x64-based Systems | 4457132 (Security Update) | Important | Information Disclosure | 4343892 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1607 for 32-bit Systems | 4457131 (Security Update) | Important | Information Disclosure | 4343887 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1607 for x64-based Systems | 4457131 (Security Update) | Important | Information Disclosure | 4343887 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1703 for 32-bit Systems | 4457138 (Security Update) | Important | Information Disclosure | 4343885 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1703 for x64-based Systems | 4457138 (Security Update) | Important | Information Disclosure | 4343885 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1709 for 32-bit Systems | 4457142 (Security Update) | Important | Information Disclosure | 4343897 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1709 for x64-based Systems | 4457142 (Security Update) | Important | Information Disclosure | 4343897 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1803 for 32-bit Systems | 4457128 (Security Update) | Important | Information Disclosure | 4343909 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1803 for x64-based Systems | 4457128 (Security Update) | Important | Information Disclosure | 4343909 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows Server 2016 | 4457131 (Security Update) | Low | Information Disclosure | 4343887 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
CVE ID | Acknowledgements |
CVE-2018-8315 | None |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8335 MITRE NVD |
CVE Title: Windows SMB Denial of Service Vulnerability
Description: A denial of service vulnerability exists in the Microsoft Server Block Message (SMB) when an attacker sends specially crafted requests to the server. An attacker who exploited this vulnerability could cause the affected system to crash. To attempt to exploit this issue, an attacker would need to send specially crafted SMB requests to the target system. Note that the denial of service vulnerability would not allow an attacker to execute code or to elevate their user rights, but it could cause the affected system to stop accepting requests. The security update addresses the vulnerability by correcting the manner in which SMB handles specially crafted client requests. FAQ: None Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Important | Denial of Service |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
Exploitation Less Likely | Exploitation Less Likely | Not Applicable | No | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-8335 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
Windows 10 for 32-bit Systems | 4457132 (Security Update) | Important | Denial of Service | 4343892 | Base: 4.80 Temporal: 4.80 Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H |
Yes |
Windows 10 for x64-based Systems | 4457132 (Security Update) | Important | Denial of Service | 4343892 | Base: 4.80 Temporal: 4.80 Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H |
Yes |
Windows 10 Version 1607 for 32-bit Systems | 4457131 (Security Update) | Important | Denial of Service | 4343887 | Base: 4.80 Temporal: 4.80 Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H |
Yes |
Windows 10 Version 1607 for x64-based Systems | 4457131 (Security Update) | Important | Denial of Service | 4343887 | Base: 4.80 Temporal: 4.80 Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H |
Yes |
Windows 10 Version 1703 for 32-bit Systems | 4457138 (Security Update) | Important | Denial of Service | 4343885 | Base: 4.80 Temporal: 4.80 Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H |
Yes |
Windows 10 Version 1703 for x64-based Systems | 4457138 (Security Update) | Important | Denial of Service | 4343885 | Base: 4.80 Temporal: 4.80 Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H |
Yes |
Windows 10 Version 1709 for 32-bit Systems | 4457142 (Security Update) | Important | Denial of Service | 4343897 | Base: 4.80 Temporal: 4.80 Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H |
Yes |
Windows 10 Version 1709 for x64-based Systems | 4457142 (Security Update) | Important | Denial of Service | 4343897 | Base: 4.80 Temporal: 4.80 Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H |
Yes |
Windows 10 Version 1803 for 32-bit Systems | 4457128 (Security Update) | Important | Denial of Service | 4343909 | Base: 4.80 Temporal: 4.80 Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H |
Yes |
Windows 10 Version 1803 for x64-based Systems | 4457128 (Security Update) | Important | Denial of Service | 4343909 | Base: 4.80 Temporal: 4.80 Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H |
Yes |
Windows 8.1 for 32-bit systems | 4457143 (Security Only) 4457129 (Monthly Rollup) |
Important | Denial of Service | 4343898 |
Base: 4.80 Temporal: 4.80 Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H |
Yes |
Windows 8.1 for x64-based systems | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Important | Denial of Service | 4343898 |
Base: 4.80 Temporal: 4.80 Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H |
Yes |
Windows RT 8.1 | 4457129 (Monthly Rollup) | Important | Denial of Service | 4343898 | Base: 4.80 Temporal: 4.80 Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H |
Yes |
Windows Server 2012 | 4457135 (Monthly Rollup) 4457140 (Security Only) |
Important | Denial of Service | 4343901 |
Base: 4.80 Temporal: 4.80 Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H |
Yes |
Windows Server 2012 (Server Core installation) | 4457135 (Monthly Rollup) 4457140 (Security Only) |
Important | Denial of Service | 4343901 |
Base: 4.80 Temporal: 4.80 Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H |
Yes |
Windows Server 2012 R2 | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Important | Denial of Service | 4343898 |
Base: 4.80 Temporal: 4.80 Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H |
Yes |
Windows Server 2012 R2 (Server Core installation) | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Important | Denial of Service | 4343898 |
Base: 4.80 Temporal: 4.80 Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H |
Yes |
Windows Server 2016 | 4457131 (Security Update) | Important | Denial of Service | 4343887 | Base: 4.80 Temporal: 4.80 Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H |
Yes |
Windows Server 2016 (Server Core installation) | 4457131 (Security Update) | Important | Denial of Service | 4343887 | Base: 4.80 Temporal: 4.80 Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H |
Yes |
Windows Server, version 1709 (Server Core Installation) | 4457142 (Security Update) | Important | Denial of Service | 4343897 | Base: 4.80 Temporal: 4.80 Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H |
Yes |
Windows Server, version 1803 (Server Core Installation) | 4457128 (Security Update) | Important | Denial of Service | 4343909 | Base: 4.80 Temporal: 4.80 Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H |
Yes |
CVE ID | Acknowledgements |
CVE-2018-8335 | Peter Hlavaty @zer0mem of keenlab at tencent https://twitter.com/zer0mem,https://keenlab.tencent.com/en/ |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8336 MITRE NVD |
CVE Title: Windows Kernel Information Disclosure Vulnerability
Description: An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system. The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory. FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is Kernel memory read - unintentional read access to memory contents in kernel space from a user mode process. Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Important | Information Disclosure |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
N/A | Exploitation Less Likely | Not Applicable | No | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-8336 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
Windows 7 for 32-bit Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Information Disclosure | 4343900 |
Base: 2.50 Temporal: 2.50 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N |
Yes |
Windows 7 for x64-based Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Information Disclosure | 4343900 |
Base: 2.50 Temporal: 2.50 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N |
Yes |
Windows Server 2008 for 32-bit Systems Service Pack 2 | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Information Disclosure | Base: 2.50 Temporal: 2.50 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N |
Yes | |
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Information Disclosure | Base: 2.50 Temporal: 2.50 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N |
Yes | |
Windows Server 2008 for Itanium-Based Systems Service Pack 2 | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Information Disclosure | Base: 2.50 Temporal: 2.50 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N |
Yes | |
Windows Server 2008 for x64-based Systems Service Pack 2 | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Information Disclosure | Base: 2.50 Temporal: 2.50 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N |
Yes | |
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Information Disclosure | Base: 2.50 Temporal: 2.50 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N |
Yes | |
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Information Disclosure | 4343900 |
Base: 2.50 Temporal: 2.50 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N |
Yes |
Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Information Disclosure | 4343900 |
Base: 2.50 Temporal: 2.50 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N |
Yes |
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Information Disclosure | 4343900 |
Base: 2.50 Temporal: 2.50 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N |
Yes |
CVE ID | Acknowledgements |
CVE-2018-8336 | Haikuo Xie of Baidu Security Lab working with Trend Micro's Zero Day Initiative http://www.zerodayinitiative.com/ |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8367 MITRE NVD |
CVE Title: Chakra Scripting Engine Memory Corruption Vulnerability
Description: A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory. FAQ: None Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Critical | Remote Code Execution |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
Exploitation More Likely | N/A | Not Applicable | No | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-8367 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
ChakraCore | Commit (Security Update) | Critical | Remote Code Execution | None | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Maybe |
Microsoft Edge on Windows 10 for 32-bit Systems | 4457132 (Security Update) | Critical | Remote Code Execution | 4343892 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 for x64-based Systems | 4457132 (Security Update) | Critical | Remote Code Execution | 4343892 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1607 for 32-bit Systems | 4457131 (Security Update) | Critical | Remote Code Execution | 4343887 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1607 for x64-based Systems | 4457131 (Security Update) | Critical | Remote Code Execution | 4343887 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1703 for 32-bit Systems | 4457138 (Security Update) | Critical | Remote Code Execution | 4343885 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1703 for x64-based Systems | 4457138 (Security Update) | Critical | Remote Code Execution | 4343885 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1709 for 32-bit Systems | 4457142 (Security Update) | Critical | Remote Code Execution | 4343897 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1709 for x64-based Systems | 4457142 (Security Update) | Critical | Remote Code Execution | 4343897 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1803 for 32-bit Systems | 4457128 (Security Update) | Critical | Remote Code Execution | 4343909 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1803 for x64-based Systems | 4457128 (Security Update) | Critical | Remote Code Execution | 4343909 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows Server 2016 | 4457131 (Security Update) | Moderate | Remote Code Execution | 4343887 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
CVE ID | Acknowledgements |
CVE-2018-8367 | Yuki Chen of Qihoo 360 Vulcan Team http://www.360.com/ Qixun Zhao of Qihoo 360 Vulcan Team https://twitter.com/S0rryMybad,http://www.360.com/ Anonymous working with Trend Micro's Zero Day Initiative http://www.zerodayinitiative.com/ |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8410 MITRE NVD |
CVE Title: Windows Registry Elevation of Privilege Vulnerability
Description: An elevation of privilege vulnerability exists when the Windows Kernel API improperly handles registry objects in memory. An attacker who successfully exploited the vulnerability could gain elevated privileges on a targeted system. A locally authenticated attacker could exploit this vulnerability by running a specially crafted application. The security update addresses the vulnerability by helping to ensure that the Windows Kernel API properly handles objects in memory. FAQ: None Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Important | Elevation of Privilege |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
Exploitation More Likely | Exploitation More Likely | Not Applicable | No | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-8410 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
Windows 10 for 32-bit Systems | 4457132 (Security Update) | Important | Elevation of Privilege | 4343892 | Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 for x64-based Systems | 4457132 (Security Update) | Important | Elevation of Privilege | 4343892 | Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1607 for 32-bit Systems | 4457131 (Security Update) | Important | Elevation of Privilege | 4343887 | Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1607 for x64-based Systems | 4457131 (Security Update) | Important | Elevation of Privilege | 4343887 | Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1703 for 32-bit Systems | 4457138 (Security Update) | Important | Elevation of Privilege | 4343885 | Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1703 for x64-based Systems | 4457138 (Security Update) | Important | Elevation of Privilege | 4343885 | Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1709 for 32-bit Systems | 4457142 (Security Update) | Important | Elevation of Privilege | 4343897 | Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1709 for x64-based Systems | 4457142 (Security Update) | Important | Elevation of Privilege | 4343897 | Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1803 for 32-bit Systems | 4457128 (Security Update) | Important | Elevation of Privilege | 4343909 | Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1803 for x64-based Systems | 4457128 (Security Update) | Important | Elevation of Privilege | 4343909 | Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 7 for 32-bit Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Elevation of Privilege | 4343900 |
Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 7 for x64-based Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Elevation of Privilege | 4343900 |
Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 8.1 for 32-bit systems | 4457143 (Security Only) 4457129 (Monthly Rollup) |
Important | Elevation of Privilege | 4343898 |
Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 8.1 for x64-based systems | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Important | Elevation of Privilege | 4343898 |
Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows RT 8.1 | 4457129 (Monthly Rollup) | Important | Elevation of Privilege | 4343898 | Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Elevation of Privilege | 4343900 |
Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Elevation of Privilege | 4343900 |
Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Elevation of Privilege | 4343900 |
Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 | 4457135 (Monthly Rollup) 4457140 (Security Only) |
Important | Elevation of Privilege | 4343901 |
Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 (Server Core installation) | 4457135 (Monthly Rollup) 4457140 (Security Only) |
Important | Elevation of Privilege | 4343901 |
Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 R2 | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Important | Elevation of Privilege | 4343898 |
Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 R2 (Server Core installation) | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Important | Elevation of Privilege | 4343898 |
Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2016 | 4457131 (Security Update) | Important | Elevation of Privilege | 4343887 | Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2016 (Server Core installation) | 4457131 (Security Update) | Important | Elevation of Privilege | 4343887 | Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server, version 1803 (Server Core Installation) | 4457128 (Security Update) | Important | Elevation of Privilege | 4343909 | Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
CVE ID | Acknowledgements |
CVE-2018-8410 | James Forshaw of Google Project Zero http://www.google.com/ Mauro Leggieri of TRAPMINE Inc. https://www.linkedin.com/in/mauroleg/,https://www.trapmine.com |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8419 MITRE NVD |
CVE Title: Windows Kernel Information Disclosure Vulnerability
Description: An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The security update addresses the vulnerability by correcting how the Windows kernel initializes memory. FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Important | Information Disclosure |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
Exploitation Less Likely | Exploitation Less Likely | Not Applicable | No | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-8419 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
Windows 10 for 32-bit Systems | 4457132 (Security Update) | Important | Information Disclosure | 4343892 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 for x64-based Systems | 4457132 (Security Update) | Important | Information Disclosure | 4343892 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1607 for 32-bit Systems | 4457131 (Security Update) | Important | Information Disclosure | 4343887 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1607 for x64-based Systems | 4457131 (Security Update) | Important | Information Disclosure | 4343887 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1703 for 32-bit Systems | 4457138 (Security Update) | Important | Information Disclosure | 4343885 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1703 for x64-based Systems | 4457138 (Security Update) | Important | Information Disclosure | 4343885 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1803 for 32-bit Systems | 4457128 (Security Update) | Important | Information Disclosure | 4343909 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1803 for x64-based Systems | 4457128 (Security Update) | Important | Information Disclosure | 4343909 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 7 for 32-bit Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Information Disclosure | 4343900 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 7 for x64-based Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Information Disclosure | 4343900 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 8.1 for 32-bit systems | 4457143 (Security Only) 4457129 (Monthly Rollup) |
Important | Information Disclosure | 4343898 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 8.1 for x64-based systems | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Important | Information Disclosure | 4343898 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows RT 8.1 | 4457129 (Monthly Rollup) | Important | Information Disclosure | 4343898 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2008 for 32-bit Systems Service Pack 2 | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Information Disclosure | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Information Disclosure | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 for Itanium-Based Systems Service Pack 2 | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Information Disclosure | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 for x64-based Systems Service Pack 2 | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Information Disclosure | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Information Disclosure | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Information Disclosure | 4343900 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Information Disclosure | 4343900 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Information Disclosure | 4343900 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 | 4457135 (Monthly Rollup) 4457140 (Security Only) |
Important | Information Disclosure | 4343901 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 (Server Core installation) | 4457135 (Monthly Rollup) 4457140 (Security Only) |
Important | Information Disclosure | 4343901 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 R2 | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Important | Information Disclosure | 4343898 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 R2 (Server Core installation) | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Important | Information Disclosure | 4343898 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2016 | 4457131 (Security Update) | Important | Information Disclosure | 4343887 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2016 (Server Core installation) | 4457131 (Security Update) | Important | Information Disclosure | 4343887 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server, version 1709 (Server Core Installation) | 4457142 (Security Update) | Important | Information Disclosure | 4343897 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server, version 1803 (Server Core Installation) | 4457128 (Security Update) | Important | Information Disclosure | 4343909 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
CVE ID | Acknowledgements |
CVE-2018-8419 | Tanghui Chen of Baidu XLab Tianya Team http://xlab.baidu.com |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
ADV180022 MITRE NVD |
CVE Title: Windows Denial of Service Vulnerability
Description: Microsoft is aware of a denial of service vulnerability (named "FragmentSmack" CVE-2018-5391) affecting Windows systems. An attacker could send many 8-byte sized IP fragments with random starting offsets, but withhold the last fragment and exploit the worst-case complexity of linked lists in reassembling IP fragments. A system under attack would become unresponsive with 100% CPU utilization but would recover as soon as the attack terminated. Microsoft is working on an update to resolve this vulnerability. Recommended actionsTo protect your system from this vulnerability, Microsoft recommends that you take the following actions:
FAQ1. What workaround(s) exist for this vulnerability? The following commands disable packet reassembly. Any out-of-order packets are dropped. There is a potential for packet loss when discarding out-of-order packets. Valid scenarios should not exceed more than 50 out-of-order fragments. We recommend testing prior to updating production systems.
Further netsh guidance can be found at netsh. 2. Is Azure affected? Azure fabric layer protections mitigate this vulnerability. This is blocked before traffic reaches Azure VMs. 3. When will the security updates for this vulnerability be available? Microsoft will release the updates when sufficient quality/stability and functional bars are met. This advisory will be updated and mailer notifications will be sent when a fix is available. See Microsoft Technical Security Notifications. 4. What can I do at the perimeter to block this attack? Review the perimeter device guidance and modify reassembly packet limits similar to the commands listed in FAQ #1. FAQ: None Mitigations: None Workarounds: Refer to FAQ #1 for the Workaround for this vulnerability. Revision: 1.0    2018-09-11T07:00:00     Information published. |
Important | Denial of Service |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
Exploitation Less Likely | Exploitation Less Likely | Not Applicable | No | No |
The following tables list the affected software details for the vulnerability.
ADV180022 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
Windows 10 for 32-bit Systems | 4457132 (Security Update) | Important | Denial of Service | 4343892 | Base: N/A Temporal: N/A Vector: N/A |
Yes |
Windows 10 for x64-based Systems | 4457132 (Security Update) | Important | Denial of Service | 4343892 | Base: N/A Temporal: N/A Vector: N/A |
Yes |
Windows 10 Version 1607 for 32-bit Systems | 4457131 (Security Update) | Important | Denial of Service | 4343887 | Base: N/A Temporal: N/A Vector: N/A |
Yes |
Windows 10 Version 1607 for x64-based Systems | 4457131 (Security Update) | Important | Denial of Service | 4343887 | Base: N/A Temporal: N/A Vector: N/A |
Yes |
Windows 10 Version 1703 for 32-bit Systems | 4457138 (Security Update) | Important | Denial of Service | 4343885 | Base: N/A Temporal: N/A Vector: N/A |
Yes |
Windows 10 Version 1703 for x64-based Systems | 4457138 (Security Update) | Important | Denial of Service | 4343885 | Base: N/A Temporal: N/A Vector: N/A |
Yes |
Windows 10 Version 1709 for 32-bit Systems | 4457142 (Security Update) | Important | Denial of Service | 4343897 | Base: N/A Temporal: N/A Vector: N/A |
Yes |
Windows 10 Version 1709 for x64-based Systems | 4457142 (Security Update) | Important | Denial of Service | 4343897 | Base: N/A Temporal: N/A Vector: N/A |
Yes |
Windows 10 Version 1803 for 32-bit Systems | 4457128 (Security Update) | Important | Denial of Service | 4343909 | Base: N/A Temporal: N/A Vector: N/A |
Yes |
Windows 10 Version 1803 for x64-based Systems | 4457128 (Security Update) | Important | Denial of Service | 4343909 | Base: N/A Temporal: N/A Vector: N/A |
Yes |
Windows 7 for 32-bit Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Denial of Service | 4343900 |
Base: N/A Temporal: N/A Vector: N/A |
Yes |
Windows 7 for x64-based Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Denial of Service | 4343900 |
Base: N/A Temporal: N/A Vector: N/A |
Yes |
Windows 8.1 for 32-bit systems | 4457143 (Security Only) 4457129 (Monthly Rollup) |
Important | Denial of Service | 4343898 |
Base: N/A Temporal: N/A Vector: N/A |
Yes |
Windows 8.1 for x64-based systems | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Important | Denial of Service | 4343898 |
Base: N/A Temporal: N/A Vector: N/A |
Yes |
Windows RT 8.1 | 4457129 (Monthly Rollup) | Important | Denial of Service | 4343898 | Base: N/A Temporal: N/A Vector: N/A |
Yes |
Windows Server 2008 for 32-bit Systems Service Pack 2 | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Denial of Service | Base: N/A Temporal: N/A Vector: N/A |
Yes | |
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Denial of Service | Base: N/A Temporal: N/A Vector: N/A |
Yes | |
Windows Server 2008 for Itanium-Based Systems Service Pack 2 | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Denial of Service | Base: N/A Temporal: N/A Vector: N/A |
Yes | |
Windows Server 2008 for x64-based Systems Service Pack 2 | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Denial of Service | Base: N/A Temporal: N/A Vector: N/A |
Yes | |
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Denial of Service | Base: N/A Temporal: N/A Vector: N/A |
Yes | |
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Denial of Service | 4343900 |
Base: N/A Temporal: N/A Vector: N/A |
Yes |
Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Denial of Service | 4343900 |
Base: N/A Temporal: N/A Vector: N/A |
Yes |
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Denial of Service | 4343900 |
Base: N/A Temporal: N/A Vector: N/A |
Yes |
Windows Server 2012 | 4457135 (Monthly Rollup) 4457140 (Security Only) |
Important | Denial of Service | 4343901 |
Base: N/A Temporal: N/A Vector: N/A |
Yes |
Windows Server 2012 (Server Core installation) | 4457135 (Monthly Rollup) 4457140 (Security Only) |
Important | Denial of Service | 4343901 |
Base: N/A Temporal: N/A Vector: N/A |
Yes |
Windows Server 2012 R2 | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Important | Denial of Service | 4343898 |
Base: N/A Temporal: N/A Vector: N/A |
Yes |
Windows Server 2012 R2 (Server Core installation) | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Important | Denial of Service | 4343898 |
Base: N/A Temporal: N/A Vector: N/A |
Yes |
Windows Server 2016 | 4457131 (Security Update) | Important | Denial of Service | 4343887 | Base: N/A Temporal: N/A Vector: N/A |
Yes |
Windows Server 2016 (Server Core installation) | 4457131 (Security Update) | Important | Denial of Service | 4343887 | Base: N/A Temporal: N/A Vector: N/A |
Yes |
Windows Server, version 1709 (Server Core Installation) | 4457142 (Security Update) | Important | Denial of Service | 4343897 | Base: N/A Temporal: N/A Vector: N/A |
Yes |
Windows Server, version 1803 (Server Core Installation) | 4457128 (Security Update) | Important | Denial of Service | 4343909 | Base: N/A Temporal: N/A Vector: N/A |
Yes |
CVE ID | Acknowledgements |
ADV180022 | None |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8420 MITRE NVD |
CVE Title: MS XML Remote Code Execution Vulnerability
Description: A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input. An attacker who successfully exploited the vulnerability could run malicious code remotely to take control of the user’s system. To exploit the vulnerability, an attacker could host a specially crafted website designed to invoke MSXML through a web browser. However, an attacker would have no way to force a user to visit such a website. Instead, an attacker would typically have to convince a user to either click a link in an email message or instant message that would then take the user to the website. When Internet Explorer parses the XML content, an attacker could run malicious code remotely to take control of the user’s system. The update addresses the vulnerability by correcting how the MSXML parser processes user input. FAQ: None Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Critical | Remote Code Execution |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
Exploitation More Likely | Exploitation More Likely | Not Applicable | No | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-8420 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
Windows 10 for 32-bit Systems | 4457132 (Security Update) | Critical | Remote Code Execution | 4343892 | Base: 7.50 Temporal: 6.70 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 for x64-based Systems | 4457132 (Security Update) | Critical | Remote Code Execution | 4343892 | Base: 7.50 Temporal: 6.70 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1607 for 32-bit Systems | 4457131 (Security Update) | Critical | Remote Code Execution | 4343887 | Base: 7.50 Temporal: 6.70 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1607 for x64-based Systems | 4457131 (Security Update) | Critical | Remote Code Execution | 4343887 | Base: 7.50 Temporal: 6.70 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1703 for 32-bit Systems | 4457138 (Security Update) | Critical | Remote Code Execution | 4343885 | Base: 7.50 Temporal: 6.70 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1703 for x64-based Systems | 4457138 (Security Update) | Critical | Remote Code Execution | 4343885 | Base: 7.50 Temporal: 6.70 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1709 for 32-bit Systems | 4457142 (Security Update) | Critical | Remote Code Execution | 4343897 | Base: 7.50 Temporal: 6.70 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1709 for x64-based Systems | 4457142 (Security Update) | Critical | Remote Code Execution | 4343897 | Base: 7.50 Temporal: 6.70 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1803 for 32-bit Systems | 4457128 (Security Update) | Critical | Remote Code Execution | 4343909 | Base: 7.50 Temporal: 6.70 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1803 for x64-based Systems | 4457128 (Security Update) | Critical | Remote Code Execution | 4343909 | Base: 7.50 Temporal: 6.70 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 7 for 32-bit Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Critical | Remote Code Execution | 4343900 |
Base: 7.50 Temporal: 6.70 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 7 for x64-based Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Critical | Remote Code Execution | 4343900 |
Base: 7.50 Temporal: 6.70 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 8.1 for 32-bit systems | 4457143 (Security Only) 4457129 (Monthly Rollup) |
Critical | Remote Code Execution | 4343898 |
Base: 7.50 Temporal: 6.70 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 8.1 for x64-based systems | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Critical | Remote Code Execution | 4343898 |
Base: 7.50 Temporal: 6.70 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows RT 8.1 | 4457129 (Monthly Rollup) | Critical | Remote Code Execution | 4343898 | Base: 7.50 Temporal: 6.70 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2008 for 32-bit Systems Service Pack 2 | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Critical | Remote Code Execution | Base: 6.40 Temporal: 5.80 Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Critical | Remote Code Execution | Base: 6.40 Temporal: 5.80 Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 for Itanium-Based Systems Service Pack 2 | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Critical | Remote Code Execution | Base: 6.40 Temporal: 5.80 Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 for x64-based Systems Service Pack 2 | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Critical | Remote Code Execution | Base: 6.40 Temporal: 5.80 Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Critical | Remote Code Execution | Base: 6.40 Temporal: 5.80 Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Critical | Remote Code Execution | 4343900 |
Base: 6.40 Temporal: 5.80 Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Critical | Remote Code Execution | 4343900 |
Base: 6.40 Temporal: 5.80 Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Critical | Remote Code Execution | 4343900 |
Base: 6.40 Temporal: 5.80 Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 | 4457135 (Monthly Rollup) 4457140 (Security Only) |
Critical | Remote Code Execution | 4343901 |
Base: 6.40 Temporal: 5.80 Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 (Server Core installation) | 4457135 (Monthly Rollup) 4457140 (Security Only) |
Critical | Remote Code Execution | 4343901 |
Base: 6.40 Temporal: 5.80 Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 R2 | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Critical | Remote Code Execution | 4343898 |
Base: 6.40 Temporal: 5.80 Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 R2 (Server Core installation) | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Critical | Remote Code Execution | 4343898 |
Base: 6.40 Temporal: 5.80 Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2016 | 4457131 (Security Update) | Critical | Remote Code Execution | 4343887 | Base: 6.40 Temporal: 5.80 Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2016 (Server Core installation) | 4457131 (Security Update) | Critical | Remote Code Execution | 4343887 | Base: 6.40 Temporal: 5.80 Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server, version 1709 (Server Core Installation) | 4457142 (Security Update) | Critical | Remote Code Execution | 4343897 | Base: 6.40 Temporal: 5.80 Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server, version 1803 (Server Core Installation) | 4457128 (Security Update) | Critical | Remote Code Execution | 4343909 | Base: 6.40 Temporal: 5.80 Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
CVE ID | Acknowledgements |
CVE-2018-8420 | Anonymous working with Trend Micro's Zero Day Initiative http://www.zerodayinitiative.com/ |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8424 MITRE NVD |
CVE Title: Windows GDI Information Disclosure Vulnerability
Description: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory. FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory. Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Important | Information Disclosure |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
Exploitation Less Likely | Exploitation Less Likely | Not Applicable | No | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-8424 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
Windows 10 for 32-bit Systems | 4457132 (Security Update) | Important | Information Disclosure | 4343892 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 for x64-based Systems | 4457132 (Security Update) | Important | Information Disclosure | 4343892 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1607 for 32-bit Systems | 4457131 (Security Update) | Important | Information Disclosure | 4343887 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1607 for x64-based Systems | 4457131 (Security Update) | Important | Information Disclosure | 4343887 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1703 for 32-bit Systems | 4457138 (Security Update) | Important | Information Disclosure | 4343885 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1703 for x64-based Systems | 4457138 (Security Update) | Important | Information Disclosure | 4343885 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1709 for 32-bit Systems | 4457142 (Security Update) | Important | Information Disclosure | 4343897 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1709 for x64-based Systems | 4457142 (Security Update) | Important | Information Disclosure | 4343897 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1803 for 32-bit Systems | 4457128 (Security Update) | Important | Information Disclosure | 4343909 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1803 for x64-based Systems | 4457128 (Security Update) | Important | Information Disclosure | 4343909 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 7 for 32-bit Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Information Disclosure | 4343900 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 7 for x64-based Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Information Disclosure | 4343900 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 8.1 for 32-bit systems | 4457143 (Security Only) 4457129 (Monthly Rollup) |
Important | Information Disclosure | 4343898 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 8.1 for x64-based systems | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Important | Information Disclosure | 4343898 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows RT 8.1 | 4457129 (Monthly Rollup) | Important | Information Disclosure | 4343898 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2008 for 32-bit Systems Service Pack 2 | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Information Disclosure | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Information Disclosure | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 for Itanium-Based Systems Service Pack 2 | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Information Disclosure | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 for x64-based Systems Service Pack 2 | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Information Disclosure | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Information Disclosure | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Information Disclosure | 4343900 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Information Disclosure | 4343900 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Information Disclosure | 4343900 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 | 4457135 (Monthly Rollup) 4457140 (Security Only) |
Important | Information Disclosure | 4343901 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 (Server Core installation) | 4457135 (Monthly Rollup) 4457140 (Security Only) |
Important | Information Disclosure | 4343901 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 R2 | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Important | Information Disclosure | 4343898 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 R2 (Server Core installation) | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Important | Information Disclosure | 4343898 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2016 | 4457131 (Security Update) | Important | Information Disclosure | 4343887 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2016 (Server Core installation) | 4457131 (Security Update) | Important | Information Disclosure | 4343887 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server, version 1709 (Server Core Installation) | 4457142 (Security Update) | Important | Information Disclosure | 4343897 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server, version 1803 (Server Core Installation) | 4457128 (Security Update) | Important | Information Disclosure | 4343909 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
CVE ID | Acknowledgements |
CVE-2018-8424 | willJ working with Trend Micro's Zero Day Initiative http://www.zerodayinitiative.com/ |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8425 MITRE NVD |
CVE Title: Microsoft Edge Spoofing Vulnerability
Description: A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content. An attacker who successfully exploited this vulnerability could trick a user into believing that the user was on a legitimate website. The specially crafted website could either spoof content or serve as a pivot to chain an attack with other vulnerabilities in web services. To exploit the vulnerability, the user must either browse to a malicious website or be redirected to it. In an email attack scenario, an attacker could send an email message in an attempt to convince the user to click a link to a malicious site. In a web-based attack scenario, an attacker could host a specially crafted website designed to appear as a legitimate website to the user. However, the attacker would have no way to force the user to visit the specially crafted website. The attacker would have to convince the user to visit the specially crafted website, typically by way of enticement in an email or instant message. The security update addresses the vulnerability by correcting how Microsoft Edge handles specific HTML content. FAQ: None Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Important | Spoofing |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
Exploitation More Likely | N/A | Not Applicable | No | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-8425 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
Microsoft Edge on Windows 10 for 32-bit Systems | 4457132 (Security Update) | Important | Spoofing | 4343892 | Base: 5.30 Temporal: 5.30 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
Yes |
Microsoft Edge on Windows 10 for x64-based Systems | 4457132 (Security Update) | Important | Spoofing | 4343892 | Base: 5.30 Temporal: 5.30 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
Yes |
Microsoft Edge on Windows 10 Version 1607 for 32-bit Systems | 4457131 (Security Update) | Important | Spoofing | 4343887 | Base: 5.30 Temporal: 5.30 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
Yes |
Microsoft Edge on Windows 10 Version 1607 for x64-based Systems | 4457131 (Security Update) | Important | Spoofing | 4343887 | Base: 5.30 Temporal: 5.30 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
Yes |
Microsoft Edge on Windows 10 Version 1703 for 32-bit Systems | 4457138 (Security Update) | Important | Spoofing | 4343885 | Base: 5.30 Temporal: 5.30 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
Yes |
Microsoft Edge on Windows 10 Version 1703 for x64-based Systems | 4457138 (Security Update) | Important | Spoofing | 4343885 | Base: 5.30 Temporal: 5.30 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
Yes |
Microsoft Edge on Windows 10 Version 1709 for 32-bit Systems | 4457142 (Security Update) | Important | Spoofing | 4343897 | Base: 5.30 Temporal: 5.30 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
Yes |
Microsoft Edge on Windows 10 Version 1709 for x64-based Systems | 4457142 (Security Update) | Important | Spoofing | 4343897 | Base: 5.30 Temporal: 5.30 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
Yes |
Microsoft Edge on Windows 10 Version 1803 for 32-bit Systems | 4457128 (Security Update) | Important | Spoofing | 4343909 | Base: 5.30 Temporal: 5.30 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
Yes |
Microsoft Edge on Windows 10 Version 1803 for x64-based Systems | 4457128 (Security Update) | Important | Spoofing | 4343909 | Base: 5.30 Temporal: 5.30 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
Yes |
Microsoft Edge on Windows Server 2016 | 4457131 (Security Update) | Low | Spoofing | 4343887 | Base: 5.30 Temporal: 5.30 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
Yes |
CVE ID | Acknowledgements |
CVE-2018-8425 | Jonathan Birch of Microsoft Corporation https://www.linkedin.com/in/jonathan-birch-ab27681/ |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8433 MITRE NVD |
CVE Title: Microsoft Graphics Component Information Disclosure Vulnerability
Description: An information disclosure vulnerability exists when the Windows Graphics component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. An authenticated attacker could exploit this vulnerability by running a specially crafted application. The update addresses the vulnerability by correcting how the Windows Graphics Component handles objects in memory. FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory. Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Important | Information Disclosure |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
Exploitation Less Likely | Exploitation Less Likely | Not Applicable | No | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-8433 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
Windows 10 for 32-bit Systems | 4457132 (Security Update) | Important | Information Disclosure | 4343892 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 for x64-based Systems | 4457132 (Security Update) | Important | Information Disclosure | 4343892 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1607 for 32-bit Systems | 4457131 (Security Update) | Important | Information Disclosure | 4343887 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1607 for x64-based Systems | 4457131 (Security Update) | Important | Information Disclosure | 4343887 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1703 for 32-bit Systems | 4457138 (Security Update) | Important | Information Disclosure | 4343885 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1703 for x64-based Systems | 4457138 (Security Update) | Important | Information Disclosure | 4343885 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1709 for 32-bit Systems | 4457142 (Security Update) | Important | Information Disclosure | 4343897 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1709 for x64-based Systems | 4457142 (Security Update) | Important | Information Disclosure | 4343897 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1803 for 32-bit Systems | 4457128 (Security Update) | Important | Information Disclosure | 4343909 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1803 for x64-based Systems | 4457128 (Security Update) | Important | Information Disclosure | 4343909 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 7 for 32-bit Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Information Disclosure | 4343900 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 7 for x64-based Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Information Disclosure | 4343900 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 8.1 for 32-bit systems | 4457143 (Security Only) 4457129 (Monthly Rollup) |
Important | Information Disclosure | 4343898 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 8.1 for x64-based systems | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Important | Information Disclosure | 4343898 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows RT 8.1 | 4457129 (Monthly Rollup) | Important | Information Disclosure | 4343898 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2008 for 32-bit Systems Service Pack 2 | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Information Disclosure | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Information Disclosure | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 for Itanium-Based Systems Service Pack 2 | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Information Disclosure | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 for x64-based Systems Service Pack 2 | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Information Disclosure | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Information Disclosure | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Information Disclosure | 4343900 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Information Disclosure | 4343900 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Information Disclosure | 4343900 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 | 4457135 (Monthly Rollup) 4457140 (Security Only) |
Important | Information Disclosure | 4343901 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 (Server Core installation) | 4457135 (Monthly Rollup) 4457140 (Security Only) |
Important | Information Disclosure | 4343901 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 R2 | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Important | Information Disclosure | 4343898 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 R2 (Server Core installation) | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Important | Information Disclosure | 4343898 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2016 | 4457131 (Security Update) | Important | Information Disclosure | 4343887 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2016 (Server Core installation) | 4457131 (Security Update) | Important | Information Disclosure | 4343887 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server, version 1709 (Server Core Installation) | 4457142 (Security Update) | Important | Information Disclosure | 4343897 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server, version 1803 (Server Core Installation) | 4457128 (Security Update) | Important | Information Disclosure | 4343909 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
CVE ID | Acknowledgements |
CVE-2018-8433 | Behzad Najjarpour Jabbari, Secunia Research at Flexera https://www.flexera.com/company/secunia-research/ |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8461 MITRE NVD |
CVE Title: Internet Explorer Memory Corruption Vulnerability
Description: A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, the attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. An attacker could host a specially crafted website designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website. The attacker could also take advantage of compromised websites, or websites that accept or host user-provided content or advertisements, by adding specially crafted content that could exploit the vulnerability. However, in all cases an attacker would have no way to force a user to view the attacker-controlled content. Instead, an attacker would have to convince a user to take action, typically by an enticement in an email or instant message, or by getting the user to open an attachment sent through email. The security update addresses the vulnerability by modifying how Internet Explorer handles objects in memory. FAQ: None Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Critical | Remote Code Execution |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
Exploitation More Likely | Exploitation More Likely | Not Applicable | No | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-8461 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
Internet Explorer 11 on Windows 10 Version 1709 for 32-bit Systems | 4457142 (Security Update) | Critical | Remote Code Execution | 4343897 | Base: 7.50 Temporal: 6.70 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows 10 Version 1709 for x64-based Systems | 4457142 (Security Update) | Critical | Remote Code Execution | 4343897 | Base: 7.50 Temporal: 6.70 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows 10 Version 1803 for 32-bit Systems | 4457128 (Security Update) | Critical | Remote Code Execution | 4343909 | Base: 7.50 Temporal: 6.70 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows 10 Version 1803 for x64-based Systems | 4457128 (Security Update) | Critical | Remote Code Execution | 4343909 | Base: 7.50 Temporal: 6.70 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
CVE ID | Acknowledgements |
CVE-2018-8461 | ca0nguyen working with Trend Micro's Zero Day Initiative http://www.zerodayinitiative.com/ |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8462 MITRE NVD |
CVE Title: DirectX Graphics Kernel Elevation of Privilege Vulnerability
Description: An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. To exploit the vulnerability, an attacker would first have to log on to the system, and then run a specially crafted application to take control over the affected system. The security update addresses the vulnerability by correcting how DXGKRNL handles objects in memory. FAQ: None Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Important | Elevation of Privilege |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
Exploitation More Likely | Exploitation More Likely | Not Applicable | No | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-8462 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
Windows 10 for 32-bit Systems | 4457132 (Security Update) | Important | Elevation of Privilege | 4343892 | Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 for x64-based Systems | 4457132 (Security Update) | Important | Elevation of Privilege | 4343892 | Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1607 for 32-bit Systems | 4457131 (Security Update) | Important | Elevation of Privilege | 4343887 | Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1607 for x64-based Systems | 4457131 (Security Update) | Important | Elevation of Privilege | 4343887 | Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1703 for 32-bit Systems | 4457138 (Security Update) | Important | Elevation of Privilege | 4343885 | Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1703 for x64-based Systems | 4457138 (Security Update) | Important | Elevation of Privilege | 4343885 | Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1709 for 32-bit Systems | 4457142 (Security Update) | Important | Elevation of Privilege | 4343897 | Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1709 for x64-based Systems | 4457142 (Security Update) | Important | Elevation of Privilege | 4343897 | Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1803 for 32-bit Systems | 4457128 (Security Update) | Important | Elevation of Privilege | 4343909 | Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1803 for x64-based Systems | 4457128 (Security Update) | Important | Elevation of Privilege | 4343909 | Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2016 | 4457131 (Security Update) | Important | Elevation of Privilege | 4343887 | Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2016 (Server Core installation) | 4457131 (Security Update) | Important | Elevation of Privilege | 4343887 | Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server, version 1709 (Server Core Installation) | 4457142 (Security Update) | Important | Elevation of Privilege | 4343897 | Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server, version 1803 (Server Core Installation) | 4457128 (Security Update) | Important | Elevation of Privilege | 4343909 | Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
CVE ID | Acknowledgements |
CVE-2018-8462 | Communications Security Establishment https://www.cse-cst.gc.ca/ ChenNan and RanchoIce of Tencent ZhanluLab working with Trend Micro's Zero Day Initiative http://www.zerodayinitiative.com/ |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8475 MITRE NVD |
CVE Title: Windows Remote Code Execution Vulnerability
Description: A remote code execution vulnerability exists when Windows does not properly handle specially crafted image files. An attacker who successfully exploited the vulnerability could execute arbitrary code. To exploit the vulnerability, an attacker would have to convince a user to download an image file. The update addresses the vulnerability by properly handling image files. FAQ: None Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Critical | Remote Code Execution |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
Exploitation More Likely | Exploitation More Likely | Not Applicable | Yes | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-8475 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
Windows 10 for 32-bit Systems | 4457132 (Security Update) | Critical | Remote Code Execution | 4343892 | Base: 8.80 Temporal: 7.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 for x64-based Systems | 4457132 (Security Update) | Critical | Remote Code Execution | 4343892 | Base: 8.80 Temporal: 7.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1607 for 32-bit Systems | 4457131 (Security Update) | Critical | Remote Code Execution | 4343887 | Base: 8.80 Temporal: 7.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1607 for x64-based Systems | 4457131 (Security Update) | Critical | Remote Code Execution | 4343887 | Base: 8.80 Temporal: 7.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1703 for 32-bit Systems | 4457138 (Security Update) | Critical | Remote Code Execution | 4343885 | Base: 8.80 Temporal: 7.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1703 for x64-based Systems | 4457138 (Security Update) | Critical | Remote Code Execution | 4343885 | Base: 8.80 Temporal: 7.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1709 for 32-bit Systems | 4457142 (Security Update) | Critical | Remote Code Execution | 4343897 | Base: 8.80 Temporal: 7.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1709 for x64-based Systems | 4457142 (Security Update) | Critical | Remote Code Execution | 4343897 | Base: 8.80 Temporal: 7.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1803 for 32-bit Systems | 4457128 (Security Update) | Critical | Remote Code Execution | 4343909 | Base: 8.80 Temporal: 7.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1803 for x64-based Systems | 4457128 (Security Update) | Critical | Remote Code Execution | 4343909 | Base: 8.80 Temporal: 7.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 7 for 32-bit Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Critical | Remote Code Execution | 4343900 |
Base: 8.80 Temporal: 7.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 7 for x64-based Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Critical | Remote Code Execution | 4343900 |
Base: 8.80 Temporal: 7.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 8.1 for 32-bit systems | 4457143 (Security Only) 4457129 (Monthly Rollup) |
Critical | Remote Code Execution | 4343898 |
Base: 8.80 Temporal: 7.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 8.1 for x64-based systems | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Critical | Remote Code Execution | 4343898 |
Base: 8.80 Temporal: 7.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows RT 8.1 | 4457129 (Monthly Rollup) | Critical | Remote Code Execution | 4343898 | Base: 8.80 Temporal: 7.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2008 for 32-bit Systems Service Pack 2 | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Critical | Remote Code Execution | Base: 8.80 Temporal: 7.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Critical | Remote Code Execution | Base: 8.80 Temporal: 7.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 for Itanium-Based Systems Service Pack 2 | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Critical | Remote Code Execution | Base: 8.80 Temporal: 7.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 for x64-based Systems Service Pack 2 | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Critical | Remote Code Execution | Base: 8.80 Temporal: 7.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Critical | Remote Code Execution | Base: 8.80 Temporal: 7.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Critical | Remote Code Execution | 4343900 |
Base: 8.80 Temporal: 7.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Critical | Remote Code Execution | 4343900 |
Base: 8.80 Temporal: 7.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Critical | Remote Code Execution | 4343900 |
Base: 8.80 Temporal: 7.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 | 4457135 (Monthly Rollup) 4457140 (Security Only) |
Critical | Remote Code Execution | 4343901 |
Base: 8.80 Temporal: 7.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 (Server Core installation) | 4457135 (Monthly Rollup) 4457140 (Security Only) |
Critical | Remote Code Execution | 4343901 |
Base: 8.80 Temporal: 7.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 R2 | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Critical | Remote Code Execution | 4343898 |
Base: 8.80 Temporal: 7.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 R2 (Server Core installation) | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Critical | Remote Code Execution | 4343898 |
Base: 8.80 Temporal: 7.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2016 | 4457131 (Security Update) | Critical | Remote Code Execution | 4343887 | Base: 8.80 Temporal: 7.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2016 (Server Core installation) | 4457131 (Security Update) | Critical | Remote Code Execution | 4343887 | Base: 8.80 Temporal: 7.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server, version 1709 (Server Core Installation) | 4457142 (Security Update) | Critical | Remote Code Execution | 4343897 | Base: 8.80 Temporal: 7.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server, version 1803 (Server Core Installation) | 4457128 (Security Update) | Critical | Remote Code Execution | 4343909 | Base: 8.80 Temporal: 7.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
CVE ID | Acknowledgements |
CVE-2018-8475 | None |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8332 MITRE NVD |
CVE Title: Win32k Graphics Remote Code Execution Vulnerability
Description: A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. There are multiple ways an attacker could exploit this vulnerability.
The security update addresses the vulnerability by correcting how the Windows font library handles embedded fonts. FAQ: None Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Critical | Remote Code Execution |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
Exploitation Less Likely | Exploitation Less Likely | Not Applicable | No | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-8332 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
Microsoft Office 2016 Click-to-Run (C2R) for 32-bit editions | Click to Run (Security Update) | Critical | Remote Code Execution | None | Base: N/A Temporal: N/A Vector: N/A |
No |
Microsoft Office 2016 Click-to-Run (C2R) for 64-bit editions | Click to Run (Security Update) | Critical | Remote Code Execution | None | Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft Office 2016 for Mac | Release Notes (Security Update) | Critical | Remote Code Execution | None | Base: N/A Temporal: N/A Vector: N/A |
No |
Windows 10 for 32-bit Systems | 4457132 (Security Update) | Critical | Remote Code Execution | 4343892 | Base: 8.80 Temporal: 8.80 Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Yes |
Windows 10 for x64-based Systems | 4457132 (Security Update) | Critical | Remote Code Execution | 4343892 | Base: 8.80 Temporal: 8.80 Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Yes |
Windows 10 Version 1607 for 32-bit Systems | 4457131 (Security Update) | Critical | Remote Code Execution | 4343887 | Base: 8.80 Temporal: 8.80 Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Yes |
Windows 10 Version 1607 for x64-based Systems | 4457131 (Security Update) | Critical | Remote Code Execution | 4343887 | Base: 8.80 Temporal: 8.80 Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Yes |
Windows 10 Version 1703 for 32-bit Systems | 4457138 (Security Update) | Critical | Remote Code Execution | 4343885 | Base: 8.80 Temporal: 8.80 Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Yes |
Windows 10 Version 1703 for x64-based Systems | 4457138 (Security Update) | Critical | Remote Code Execution | 4343885 | Base: 8.80 Temporal: 8.80 Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Yes |
Windows 10 Version 1709 for 32-bit Systems | 4457142 (Security Update) | Critical | Remote Code Execution | 4343897 | Base: 8.80 Temporal: 8.80 Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Yes |
Windows 10 Version 1709 for x64-based Systems | 4457142 (Security Update) | Critical | Remote Code Execution | 4343897 | Base: 8.80 Temporal: 8.80 Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Yes |
Windows 10 Version 1803 for 32-bit Systems | 4457128 (Security Update) | Critical | Remote Code Execution | 4343909 | Base: 8.80 Temporal: 8.80 Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Yes |
Windows 10 Version 1803 for x64-based Systems | 4457128 (Security Update) | Critical | Remote Code Execution | 4343909 | Base: 8.80 Temporal: 8.80 Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Yes |
Windows 7 for 32-bit Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Critical | Remote Code Execution | 4343900 |
Base: 8.80 Temporal: 8.80 Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Yes |
Windows 7 for x64-based Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Critical | Remote Code Execution | 4343900 |
Base: 8.80 Temporal: 8.80 Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Yes |
Windows 8.1 for 32-bit systems | 4457143 (Security Only) 4457129 (Monthly Rollup) |
Critical | Remote Code Execution | 4343898 |
Base: 8.80 Temporal: 8.80 Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Yes |
Windows 8.1 for x64-based systems | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Critical | Remote Code Execution | 4343898 |
Base: 8.80 Temporal: 8.80 Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Yes |
Windows RT 8.1 | 4457129 (Monthly Rollup) | Critical | Remote Code Execution | 4343898 | Base: 8.80 Temporal: 8.80 Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Yes |
Windows Server 2008 for 32-bit Systems Service Pack 2 | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Critical | Remote Code Execution | Base: 8.80 Temporal: 8.80 Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Yes | |
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Critical | Remote Code Execution | Base: 8.80 Temporal: 8.80 Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Yes | |
Windows Server 2008 for Itanium-Based Systems Service Pack 2 | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Critical | Remote Code Execution | Base: 8.80 Temporal: 8.80 Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Yes | |
Windows Server 2008 for x64-based Systems Service Pack 2 | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Critical | Remote Code Execution | Base: 8.80 Temporal: 8.80 Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Yes | |
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Critical | Remote Code Execution | Base: 8.80 Temporal: 8.80 Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Yes | |
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Critical | Remote Code Execution | 4343900 |
Base: 8.80 Temporal: 8.80 Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Yes |
Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Critical | Remote Code Execution | 4343900 |
Base: 8.80 Temporal: 8.80 Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Yes |
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Critical | Remote Code Execution | 4343900 |
Base: 8.80 Temporal: 8.80 Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Yes |
Windows Server 2012 | 4457135 (Monthly Rollup) 4457140 (Security Only) |
Critical | Remote Code Execution | 4343901 |
Base: 8.80 Temporal: 8.80 Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Yes |
Windows Server 2012 (Server Core installation) | 4457135 (Monthly Rollup) 4457140 (Security Only) |
Critical | Remote Code Execution | 4343901 |
Base: 8.80 Temporal: 8.80 Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Yes |
Windows Server 2012 R2 | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Critical | Remote Code Execution | 4343898 |
Base: 8.80 Temporal: 8.80 Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Yes |
Windows Server 2012 R2 (Server Core installation) | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Critical | Remote Code Execution | 4343898 |
Base: 8.80 Temporal: 8.80 Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Yes |
Windows Server 2016 | 4457131 (Security Update) | Critical | Remote Code Execution | 4343887 | Base: 8.80 Temporal: 8.80 Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Yes |
Windows Server 2016 (Server Core installation) | 4457131 (Security Update) | Critical | Remote Code Execution | 4343887 | Base: 8.80 Temporal: 8.80 Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Yes |
Windows Server, version 1709 (Server Core Installation) | 4457142 (Security Update) | Critical | Remote Code Execution | 4343897 | Base: 8.80 Temporal: 8.80 Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Yes |
Windows Server, version 1803 (Server Core Installation) | 4457128 (Security Update) | Critical | Remote Code Execution | 4343909 | Base: 8.80 Temporal: 8.80 Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Yes |
CVE ID | Acknowledgements |
CVE-2018-8332 | Hossein Lotfi, Secunia Research at Flexera https://www.flexera.com/company/secunia-research/ |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8337 MITRE NVD |
CVE Title: Windows Subsystem for Linux Security Feature Bypass Vulnerability
Description: A security feature bypass vulnerability exists when Windows Subsystem for Linux improperly handles case sensitivity. An attacker who successfully exploited this vulnerability could replace or delete arbitrary files as a low privilege user. A attacker could exploit this vulnerability by running a specially crafted application. The update addresses the vulnerability by correcting how Windows Subsystem for Linux handles case sensitivity. FAQ: None Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Important | Security Feature Bypass |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
N/A | Exploitation Less Likely | Not Applicable | No | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-8337 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
Windows 10 Version 1709 for 32-bit Systems | 4457142 (Security Update) | Important | Security Feature Bypass | 4343897 | Base: 5.30 Temporal: 4.80 Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1709 for x64-based Systems | 4457142 (Security Update) | Important | Security Feature Bypass | 4343897 | Base: 5.30 Temporal: 4.80 Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C |
Yes |
Windows Server, version 1709 (Server Core Installation) | 4457142 (Security Update) | Important | Security Feature Bypass | 4343897 | Base: 5.30 Temporal: 4.80 Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C |
Yes |
CVE ID | Acknowledgements |
CVE-2018-8337 | Michael Weber of NCC Group |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8354 MITRE NVD |
CVE Title: Scripting Engine Memory Corruption Vulnerability
Description: A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The security update addresses the vulnerability by modifying how the scripting engine handles objects in memory. FAQ: None Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Important | Remote Code Execution |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
Exploitation More Likely | N/A | Not Applicable | No | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-8354 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
ChakraCore | Commit (Security Update) | Important | Remote Code Execution | None | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Maybe |
Microsoft Edge on Windows 10 for 32-bit Systems | 4457132 (Security Update) | Important | Remote Code Execution | 4343892 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 for x64-based Systems | 4457132 (Security Update) | Important | Remote Code Execution | 4343892 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1607 for 32-bit Systems | 4457131 (Security Update) | Important | Remote Code Execution | 4343887 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1607 for x64-based Systems | 4457131 (Security Update) | Important | Remote Code Execution | 4343887 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1703 for 32-bit Systems | 4457138 (Security Update) | Important | Remote Code Execution | 4343885 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1703 for x64-based Systems | 4457138 (Security Update) | Important | Remote Code Execution | 4343885 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1709 for 32-bit Systems | 4457142 (Security Update) | Important | Remote Code Execution | 4343897 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1709 for x64-based Systems | 4457142 (Security Update) | Important | Remote Code Execution | 4343897 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1803 for 32-bit Systems | 4457128 (Security Update) | Important | Remote Code Execution | 4343909 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1803 for x64-based Systems | 4457128 (Security Update) | Important | Remote Code Execution | 4343909 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows Server 2016 | 4457131 (Security Update) | Low | Remote Code Execution | 4343887 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
CVE ID | Acknowledgements |
CVE-2018-8354 | Michael Holman, Microsoft Chakra Core Team |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8366 MITRE NVD |
CVE Title: Microsoft Edge Information Disclosure Vulnerability
Description: An information disclosure vulnerability exists when the Microsoft Edge Fetch API incorrectly handles a filtered response type. An attacker could use the vulnerability to read the URL of a cross-origin request. Websites that that do not securely populate the URL with confidential information could allow information to be disclosed to an attacker. To exploit the vulnerability, in a web-based attack scenario, an attacker could host a website in an attempt to exploit the vulnerability. In addition, the user must be logged on to a website that does not securely populate URLs with confidential information. However, in all cases an attacker would have no way to force a user to view the attacker-controlled content. Instead, an attacker would have to convince the user to take action. For example, an attacker could trick a user into clicking a link that takes them to the attacker's site. The update addresses the vulnerability by changing how the Fetch API in Microsoft Edge handles specific filtered response types. FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is Personally Identifiable Information (PII). Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Important | Information Disclosure |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
Exploitation More Likely | N/A | Not Applicable | No | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-8366 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
Microsoft Edge on Windows 10 Version 1803 for 32-bit Systems | 4457128 (Security Update) | Important | Information Disclosure | 4343909 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1803 for x64-based Systems | 4457128 (Security Update) | Important | Information Disclosure | 4343909 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C |
Yes |
CVE ID | Acknowledgements |
CVE-2018-8366 | Jun Kokatsu, Windows & Devices Group - Operating System Security Team James Lee @Windowsrcer of Kryptos Logic https://twitter.com/Windowsrcer,https://kryptoslogic.com |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8391 MITRE NVD |
CVE Title: Scripting Engine Memory Corruption Vulnerability
Description: A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. The security update addresses the vulnerability by modifying how the ChakraCore scripting engine handles objects in memory. FAQ: None Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Critical | Remote Code Execution |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
Exploitation More Likely | N/A | Not Applicable | No | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-8391 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
ChakraCore | Commit (Security Update) | Critical | Remote Code Execution | None | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Maybe |
CVE ID | Acknowledgements |
CVE-2018-8391 | Qixun Zhao of Qihoo 360 Vulcan Team https://twitter.com/S0rryMybad,http://www.360.com/ |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8392 MITRE NVD |
CVE Title: Microsoft JET Database Engine Remote Code Execution Vulnerability
Description: A buffer overflow vulnerability exists in the Microsoft JET Database Engine that could allow remote code execution on an affected system. An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. To exploit the vulnerability, a user must open a specially crafted Excel file while using an affected version of Microsoft Windows. In an email attack scenario, an attacker could exploit the vulnerability by sending a specially crafted Excel file to the user, and then convincing the user to open the file. The security update addresses the vulnerability by modifying how the Microsoft JET Database Engine handles objects in memory. FAQ: None Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Important | Remote Code Execution |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
Exploitation Less Likely | Exploitation Less Likely | Not Applicable | No | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-8392 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
Windows 10 for 32-bit Systems | 4457132 (Security Update) | Important | Remote Code Execution | 4343892 | Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 for x64-based Systems | 4457132 (Security Update) | Important | Remote Code Execution | 4343892 | Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1607 for 32-bit Systems | 4457131 (Security Update) | Important | Remote Code Execution | 4343887 | Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1607 for x64-based Systems | 4457131 (Security Update) | Important | Remote Code Execution | 4343887 | Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1703 for 32-bit Systems | 4457138 (Security Update) | Important | Remote Code Execution | 4343885 | Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1703 for x64-based Systems | 4457138 (Security Update) | Important | Remote Code Execution | 4343885 | Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1709 for 32-bit Systems | 4457142 (Security Update) | Important | Remote Code Execution | 4343897 | Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1709 for x64-based Systems | 4457142 (Security Update) | Important | Remote Code Execution | 4343897 | Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1803 for 32-bit Systems | 4457128 (Security Update) | Important | Remote Code Execution | 4343909 | Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1803 for x64-based Systems | 4457128 (Security Update) | Important | Remote Code Execution | 4343909 | Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 7 for 32-bit Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Remote Code Execution | 4343900 |
Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 7 for x64-based Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Remote Code Execution | 4343900 |
Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 8.1 for 32-bit systems | 4457143 (Security Only) 4457129 (Monthly Rollup) |
Important | Remote Code Execution | 4343898 |
Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 8.1 for x64-based systems | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Important | Remote Code Execution | 4343898 |
Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows RT 8.1 | 4457129 (Monthly Rollup) | Important | Remote Code Execution | 4343898 | Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2008 for 32-bit Systems Service Pack 2 | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Remote Code Execution | Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Remote Code Execution | Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 for Itanium-Based Systems Service Pack 2 | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Remote Code Execution | Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 for x64-based Systems Service Pack 2 | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Remote Code Execution | Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Remote Code Execution | Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Remote Code Execution | 4343900 |
Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Remote Code Execution | 4343900 |
Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Remote Code Execution | 4343900 |
Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 | 4457135 (Monthly Rollup) 4457140 (Security Only) |
Important | Remote Code Execution | 4343901 |
Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 (Server Core installation) | 4457135 (Monthly Rollup) 4457140 (Security Only) |
Important | Remote Code Execution | 4343901 |
Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 R2 | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Important | Remote Code Execution | 4343898 |
Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 R2 (Server Core installation) | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Important | Remote Code Execution | 4343898 |
Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2016 | 4457131 (Security Update) | Important | Remote Code Execution | 4343887 | Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2016 (Server Core installation) | 4457131 (Security Update) | Important | Remote Code Execution | 4343887 | Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server, version 1709 (Server Core Installation) | 4457142 (Security Update) | Important | Remote Code Execution | 4343897 | Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server, version 1803 (Server Core Installation) | 4457128 (Security Update) | Important | Remote Code Execution | 4343909 | Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
CVE ID | Acknowledgements |
CVE-2018-8392 | Honggang Ren of Fortinet's FortiGuard Labs Pengsu Cheng of Trend Micro Security Research working with Trend Micro's Zero Day Initiative http://www.zerodayinitiative.com/ |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8393 MITRE NVD |
CVE Title: Microsoft JET Database Engine Remote Code Execution Vulnerability
Description: A buffer overflow vulnerability exists in the Microsoft JET Database Engine that could allow remote code execution on an affected system. An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. To exploit the vulnerability, a user must open a specially crafted Excel file while using an affected version of Microsoft Windows. In an email attack scenario, an attacker could exploit the vulnerability by sending a specially crafted Excel file to the user, and then convincing the user to open the file. The security update addresses the vulnerability by modifying how the Microsoft JET Database Engine handles objects in memory. FAQ: None Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Important | Remote Code Execution |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
Exploitation Less Likely | Exploitation Less Likely | Not Applicable | No | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-8393 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
Windows 10 for 32-bit Systems | 4457132 (Security Update) | Important | Remote Code Execution | 4343892 | Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 for x64-based Systems | 4457132 (Security Update) | Important | Remote Code Execution | 4343892 | Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1607 for 32-bit Systems | 4457131 (Security Update) | Important | Remote Code Execution | 4343887 | Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1607 for x64-based Systems | 4457131 (Security Update) | Important | Remote Code Execution | 4343887 | Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1703 for 32-bit Systems | 4457138 (Security Update) | Important | Remote Code Execution | 4343885 | Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1703 for x64-based Systems | 4457138 (Security Update) | Important | Remote Code Execution | 4343885 | Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1709 for 32-bit Systems | 4457142 (Security Update) | Important | Remote Code Execution | 4343897 | Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1709 for x64-based Systems | 4457142 (Security Update) | Important | Remote Code Execution | 4343897 | Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1803 for 32-bit Systems | 4457128 (Security Update) | Important | Remote Code Execution | 4343909 | Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1803 for x64-based Systems | 4457128 (Security Update) | Important | Remote Code Execution | 4343909 | Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 7 for 32-bit Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Remote Code Execution | 4343900 |
Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 7 for x64-based Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Remote Code Execution | 4343900 |
Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 8.1 for 32-bit systems | 4457143 (Security Only) 4457129 (Monthly Rollup) |
Important | Remote Code Execution | 4343898 |
Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 8.1 for x64-based systems | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Important | Remote Code Execution | 4343898 |
Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows RT 8.1 | 4457129 (Monthly Rollup) | Important | Remote Code Execution | 4343898 | Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2008 for 32-bit Systems Service Pack 2 | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Remote Code Execution | Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Remote Code Execution | Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 for Itanium-Based Systems Service Pack 2 | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Remote Code Execution | Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 for x64-based Systems Service Pack 2 | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Remote Code Execution | Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Remote Code Execution | Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Remote Code Execution | 4343900 |
Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Remote Code Execution | 4343900 |
Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Remote Code Execution | 4343900 |
Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 | 4457135 (Monthly Rollup) 4457140 (Security Only) |
Important | Remote Code Execution | 4343901 |
Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 (Server Core installation) | 4457135 (Monthly Rollup) 4457140 (Security Only) |
Important | Remote Code Execution | 4343901 |
Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 R2 | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Important | Remote Code Execution | 4343898 |
Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 R2 (Server Core installation) | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Important | Remote Code Execution | 4343898 |
Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2016 | 4457131 (Security Update) | Important | Remote Code Execution | 4343887 | Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2016 (Server Core installation) | 4457131 (Security Update) | Important | Remote Code Execution | 4343887 | Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server, version 1709 (Server Core Installation) | 4457142 (Security Update) | Important | Remote Code Execution | 4343897 | Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server, version 1803 (Server Core Installation) | 4457128 (Security Update) | Important | Remote Code Execution | 4343909 | Base: 7.80 Temporal: 7.00 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
CVE ID | Acknowledgements |
CVE-2018-8393 | Lucas Leong (@wmliang) of Trend Micro Security Research working with Trend Micro's Zero Day Initiative http://www.zerodayinitiative.com/ |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8409 MITRE NVD |
CVE Title: System.IO.Pipelines Denial of Service
Description: A denial of service vulnerability exists when System.IO.Pipelines improperly handles requests. An attacker who successfully exploited this vulnerability could cause a denial of service against an application that is leveraging System.IO.Pipelines. The vulnerability can be exploited remotely, without authentication. A remote unauthenticated attacker could exploit this vulnerability by providing specially crafted requests to the application. The update addresses the vulnerability by correcting how System.IO.Pipelines handles requests. FAQ: None Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Important | Denial of Service |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
Exploitation Less Likely | Exploitation Less Likely | Not Applicable | Yes | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-8409 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
.NET Core 2.1 | Commit (Security Update) | Important | Denial of Service | None | Base: N/A Temporal: N/A Vector: N/A |
Unknown |
ASP.NET Core 2.1 | Commit (Security Update) | Important | Denial of Service | None | Base: N/A Temporal: N/A Vector: N/A |
Unknown |
System.IO.Pipelines | Release Notes (Security Update) | Important | Denial of Service | None | Base: N/A Temporal: N/A Vector: N/A |
Unknown |
CVE ID | Acknowledgements |
CVE-2018-8409 | None |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8421 MITRE NVD |
CVE Title: .NET Framework Remote Code Execution Vulnerability
Description: A remote code execution vulnerability exists when Microsoft .NET Framework processes untrusted input. An attacker who successfully exploited this vulnerability in software using the .NET framework could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. To exploit the vulnerability, an attacker would first need to convince the user to open a malicious document or application. The security update addresses the vulnerability by correcting how .NET validates untrusted input. FAQ: None Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Critical | Remote Code Execution |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
Exploitation Less Likely | Exploitation Less Likely | Not Applicable | No | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-8421 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
Microsoft .NET Framework 2.0 Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2 | 4457054 (Security Only) 4457043 (Monthly Rollup) |
Critical | Remote Code Execution | 4345593, 4346083 |
Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft .NET Framework 2.0 Service Pack 2 on Windows Server 2008 for Itanium-Based Systems Service Pack 2 | 4457054 (Security Only) 4457043 (Monthly Rollup) |
Critical | Remote Code Execution | 4345593, 4346083 |
Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft .NET Framework 2.0 Service Pack 2 on Windows Server 2008 for x64-based Systems Service Pack 2 | 4457054 (Security Only) 4457043 (Monthly Rollup) |
Critical | Remote Code Execution | 4345593, 4346083 |
Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft .NET Framework 3.0 Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2 | 4457054 (Security Only) 4457043 (Monthly Rollup) |
Critical | Remote Code Execution | 4345593, 4346083 |
Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft .NET Framework 3.0 Service Pack 2 on Windows Server 2008 for Itanium-Based Systems Service Pack 2 | 4457054 (Security Only) 4457043 (Monthly Rollup) |
Critical | Remote Code Execution | 4345593, 4346083 |
Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft .NET Framework 3.0 Service Pack 2 on Windows Server 2008 for x64-based Systems Service Pack 2 | 4457054 (Security Only) 4457043 (Monthly Rollup) |
Critical | Remote Code Execution | 4345593, 4346083 |
Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft .NET Framework 3.5 on Windows 10 for 32-bit Systems | 4457132 (Security Update) | Critical | Remote Code Execution | 4343892 | Base: N/A Temporal: N/A Vector: N/A |
Yes |
Microsoft .NET Framework 3.5 on Windows 10 for x64-based Systems | 4457132 (Security Update) | Critical | Remote Code Execution | 4343892 | Base: N/A Temporal: N/A Vector: N/A |
Yes |
Microsoft .NET Framework 3.5 on Windows 10 Version 1607 for 32-bit Systems | 4457131 (Security Update) | Critical | Remote Code Execution | 4343887 | Base: N/A Temporal: N/A Vector: N/A |
Yes |
Microsoft .NET Framework 3.5 on Windows 10 Version 1607 for x64-based Systems | 4457131 (Security Update) | Critical | Remote Code Execution | 4343887 | Base: N/A Temporal: N/A Vector: N/A |
Yes |
Microsoft .NET Framework 3.5 on Windows 10 Version 1703 for 32-bit Systems | 4457138 (Security Update) | Critical | Remote Code Execution | 4343885 | Base: N/A Temporal: N/A Vector: N/A |
Yes |
Microsoft .NET Framework 3.5 on Windows 10 Version 1703 for x64-based Systems | 4457138 (Security Update) | Critical | Remote Code Execution | 4343885 | Base: N/A Temporal: N/A Vector: N/A |
Yes |
Microsoft .NET Framework 3.5 on Windows 10 Version 1709 for 32-bit Systems | 4457142 (Security Update) | Critical | Remote Code Execution | 4343897 | Base: N/A Temporal: N/A Vector: N/A |
Yes |
Microsoft .NET Framework 3.5 on Windows 10 Version 1709 for x64-based Systems | 4457142 (Security Update) | Critical | Remote Code Execution | 4343897 | Base: N/A Temporal: N/A Vector: N/A |
Yes |
Microsoft .NET Framework 3.5 on Windows 10 Version 1803 for 32-bit Systems | 4457128 (Security Update) | Critical | Remote Code Execution | 4343909 | Base: N/A Temporal: N/A Vector: N/A |
Yes |
Microsoft .NET Framework 3.5 on Windows 10 Version 1803 for x64-based Systems | 4457128 (Security Update) | Critical | Remote Code Execution | 4343909 | Base: N/A Temporal: N/A Vector: N/A |
Yes |
Microsoft .NET Framework 3.5 on Windows 8.1 for 32-bit systems | 4457045 (Monthly Rollup) 4457056 (Security Only) |
Critical | Remote Code Execution | 4345592, 4346082 |
Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft .NET Framework 3.5 on Windows 8.1 for x64-based systems | 4457045 (Monthly Rollup) 4457056 (Security Only) |
Critical | Remote Code Execution | 4345592, 4346082 |
Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft .NET Framework 3.5 on Windows Server 2012 | 4457053 (Security Only) 4457042 (Monthly Rollup) |
Critical | Remote Code Execution | 4345591, 4346081 |
Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft .NET Framework 3.5 on Windows Server 2012 (Server Core installation) | 4457053 (Security Only) 4457042 (Monthly Rollup) |
Critical | Remote Code Execution | 4345591, 4346081 |
Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft .NET Framework 3.5 on Windows Server 2012 R2 | 4457045 (Monthly Rollup) 4457056 (Security Only) |
Critical | Remote Code Execution | 4345592, 4346082 |
Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft .NET Framework 3.5 on Windows Server 2012 R2 (Server Core installation) | 4457045 (Monthly Rollup) 4457056 (Security Only) |
Critical | Remote Code Execution | 4345592, 4346082 |
Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft .NET Framework 3.5 on Windows Server 2016 | 4457131 (Security Update) | Critical | Remote Code Execution | 4343887 | Base: N/A Temporal: N/A Vector: N/A |
Yes |
Microsoft .NET Framework 3.5 on Windows Server 2016 (Server Core installation) | 4457131 (Security Update) | Critical | Remote Code Execution | 4343887 | Base: N/A Temporal: N/A Vector: N/A |
Yes |
Microsoft .NET Framework 3.5 on Windows Server, version 1709 (Server Core Installation) | 4457142 (Security Update) | Critical | Remote Code Execution | 4343897 | Base: N/A Temporal: N/A Vector: N/A |
Yes |
Microsoft .NET Framework 3.5 on Windows Server, version 1803 (Server Core Installation) | 4457128 (Security Update) | Critical | Remote Code Execution | 4343909 | Base: N/A Temporal: N/A Vector: N/A |
Yes |
Microsoft .NET Framework 3.5.1 on Windows 7 for 32-bit Systems Service Pack 1 | 4457055 (Security Only) 4457044 (Monthly Rollup) |
Critical | Remote Code Execution | 4345590, 4346080 |
Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft .NET Framework 3.5.1 on Windows 7 for x64-based Systems Service Pack 1 | 4457055 (Security Only) 4457044 (Monthly Rollup) |
Critical | Remote Code Execution | 4345590, 4346080 |
Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft .NET Framework 3.5.1 on Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 | 4457055 (Security Only) 4457044 (Monthly Rollup) |
Critical | Remote Code Execution | 4345590, 4346080 |
Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft .NET Framework 3.5.1 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 4457055 (Security Only) 4457044 (Monthly Rollup) |
Critical | Remote Code Execution | 4345590, 4346080 |
Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft .NET Framework 3.5.1 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 4457055 (Security Only) 4457044 (Monthly Rollup) |
Critical | Remote Code Execution | 4345590, 4346080 |
Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft .NET Framework 4.5.2 on Windows 7 for 32-bit Systems Service Pack 1 | 4457030 (Security Only) 4457038 (Monthly Rollup) |
Critical | Remote Code Execution | 4345590, 4346080 |
Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft .NET Framework 4.5.2 on Windows 7 for x64-based Systems Service Pack 1 | 4457030 (Security Only) 4457038 (Monthly Rollup) |
Critical | Remote Code Execution | 4345590, 4346080 |
Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft .NET Framework 4.5.2 on Windows 8.1 for 32-bit systems | 4457036 (Monthly Rollup) 4457028 (Security Only) |
Critical | Remote Code Execution | 4345592, 4346082 |
Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft .NET Framework 4.5.2 on Windows 8.1 for x64-based systems | 4457036 (Monthly Rollup) 4457028 (Security Only) |
Critical | Remote Code Execution | 4345592, 4346082 |
Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft .NET Framework 4.5.2 on Windows RT 8.1 | 4457036 (Monthly Rollup) | Critical | Remote Code Execution | 4345592, 4346082 | Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft .NET Framework 4.5.2 on Windows Server 2008 for 32-bit Systems Service Pack 2 | 4457038 (Monthly Rollup) 4457030 (Security Only) |
Critical | Remote Code Execution | 4345593, 4346083 |
Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft .NET Framework 4.5.2 on Windows Server 2008 for x64-based Systems Service Pack 2 | 4457038 (Monthly Rollup) 4457030 (Security Only) |
Critical | Remote Code Execution | 4345593, 4346083 |
Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft .NET Framework 4.5.2 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 4457030 (Security Only) 4457038 (Monthly Rollup) |
Critical | Remote Code Execution | 4345590, 4346080 |
Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft .NET Framework 4.5.2 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 4457030 (Security Only) 4457038 (Monthly Rollup) |
Critical | Remote Code Execution | 4345590, 4346080 |
Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft .NET Framework 4.5.2 on Windows Server 2012 | 4457029 (Security Only) 4457037 (Monthly Rollup) |
Critical | Remote Code Execution | 4345591, 4346081 |
Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft .NET Framework 4.5.2 on Windows Server 2012 (Server Core installation) | 4457029 (Security Only) 4457037 (Monthly Rollup) |
Critical | Remote Code Execution | 4345591, 4346081 |
Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft .NET Framework 4.5.2 on Windows Server 2012 R2 | 4457036 (Monthly Rollup) 4457028 (Security Only) |
Critical | Remote Code Execution | 4345592, 4346082 |
Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft .NET Framework 4.5.2 on Windows Server 2012 R2 (Server Core installation) | 4457036 (Monthly Rollup) 4457028 (Security Only) |
Critical | Remote Code Execution | 4345592, 4346082 |
Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft .NET Framework 4.6 on Windows Server 2008 for 32-bit Systems Service Pack 2 | 4457035 (Monthly Rollup) 4457027 (Security Only) |
Critical | Remote Code Execution | 4345593, 4346083 |
Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft .NET Framework 4.6 on Windows Server 2008 for x64-based Systems Service Pack 2 | 4457035 (Monthly Rollup) 4457027 (Security Only) |
Critical | Remote Code Execution | 4345593, 4346083 |
Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows 10 Version 1607 for 32-bit Systems | 4457131 (Security Update) | Critical | Remote Code Execution | 4343887 | Base: N/A Temporal: N/A Vector: N/A |
Yes |
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows 10 Version 1607 for x64-based Systems | 4457131 (Security Update) | Critical | Remote Code Execution | 4343887 | Base: N/A Temporal: N/A Vector: N/A |
Yes |
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2016 | 4457131 (Security Update) | Critical | Remote Code Execution | 4343887 | Base: N/A Temporal: N/A Vector: N/A |
Yes |
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2016 (Server Core installation) | 4457131 (Security Update) | Critical | Remote Code Execution | 4343887 | Base: N/A Temporal: N/A Vector: N/A |
Yes |
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2 on Windows 7 for 32-bit Systems Service Pack 1 | 4457027 (Security Only) 4457035 (Monthly Rollup) |
Critical | Remote Code Execution | 4345590, 4346080 |
Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2 on Windows 7 for x64-based Systems Service Pack 1 | 4457027 (Security Only) 4457035 (Monthly Rollup) |
Critical | Remote Code Execution | 4345590, 4346080 |
Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2 on Windows 8.1 for 32-bit systems | 4457034 (Monthly Rollup) 4457026 (Security Only) |
Critical | Remote Code Execution | 4345592, 4346082 |
Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2 on Windows 8.1 for x64-based systems | 4457034 (Monthly Rollup) 4457026 (Security Only) |
Critical | Remote Code Execution | 4345592, 4346082 |
Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2 on Windows RT 8.1 | 4457034 (Monthly Rollup) | Critical | Remote Code Execution | 4345592, 4346082 | Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 4457027 (Security Only) 4457035 (Monthly Rollup) |
Critical | Remote Code Execution | 4345590, 4346080 |
Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 4457027 (Security Only) 4457035 (Monthly Rollup) |
Critical | Remote Code Execution | 4345590, 4346080 |
Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2 on Windows Server 2012 | 4457025 (Security Only) 4457033 (Monthly Rollup) |
Critical | Remote Code Execution | 4345591, 4346081 |
Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2 on Windows Server 2012 (Server Core installation) | 4457025 (Security Only) 4457033 (Monthly Rollup) |
Critical | Remote Code Execution | 4345591, 4346081 |
Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2 on Windows Server 2012 R2 | 4457034 (Monthly Rollup) 4457026 (Security Only) |
Critical | Remote Code Execution | 4345592, 4346082 |
Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2 on Windows Server 2012 R2 (Server Core installation) | 4457034 (Monthly Rollup) 4457026 (Security Only) |
Critical | Remote Code Execution | 4345592, 4346082 |
Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft .NET Framework 4.7.1/4.7.2 on Windows 10 Version 1709 for 32-bit Systems | 4457142 (Security Update) | Critical | Remote Code Execution | 4343897 | Base: N/A Temporal: N/A Vector: N/A |
Yes |
Microsoft .NET Framework 4.7.1/4.7.2 on Windows 10 Version 1709 for x64-based Systems | 4457142 (Security Update) | Critical | Remote Code Execution | 4343897 | Base: N/A Temporal: N/A Vector: N/A |
Yes |
Microsoft .NET Framework 4.7.1/4.7.2 on Windows Server, version 1709 (Server Core Installation) | 4457142 (Security Update) | Critical | Remote Code Execution | 4343897 | Base: N/A Temporal: N/A Vector: N/A |
Yes |
Microsoft .NET Framework 4.7.2 on Windows 10 Version 1803 for 32-bit Systems | 4457128 (Security Update) | Critical | Remote Code Execution | 4343909 | Base: N/A Temporal: N/A Vector: N/A |
Yes |
Microsoft .NET Framework 4.7.2 on Windows 10 Version 1803 for x64-based Systems | 4457128 (Security Update) | Critical | Remote Code Execution | 4343909 | Base: N/A Temporal: N/A Vector: N/A |
Yes |
Microsoft .NET Framework 4.7.2 on Windows Server, version 1803 (Server Core Installation) | 4457128 (Security Update) | Critical | Remote Code Execution | 4343909 | Base: N/A Temporal: N/A Vector: N/A |
Yes |
Microsoft .NET Framework 4.7/4.7.1/4.7.2 on Windows 10 Version 1703 for 32-bit Systems | 4457138 (Security Update) | Critical | Remote Code Execution | 4343885 | Base: N/A Temporal: N/A Vector: N/A |
Yes |
Microsoft .NET Framework 4.7/4.7.1/4.7.2 on Windows 10 Version 1703 for x64-based Systems | 4457138 (Security Update) | Critical | Remote Code Execution | 4343885 | Base: N/A Temporal: N/A Vector: N/A |
Yes |
CVE ID | Acknowledgements |
CVE-2018-8421 | Soroush Dalili of NCC Group https://twitter.com/irsdl,https://www.nccgroup.trust/ |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8426 MITRE NVD |
CVE Title: Microsoft Office SharePoint XSS Vulnerability
Description: A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacker who successfully exploited the vulnerability could then perform cross-site scripting attacks on affected systems and run script in the security context of the current user. The attacks could allow the attacker to read content that the attacker is not authorized to read, use the victim's identity to take actions on the SharePoint site on behalf of the user, such as change permissions and delete content, and inject malicious content in the browser of the user. The security update addresses the vulnerability by helping to ensure that SharePoint Server properly sanitizes web requests. FAQ: None Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Important | Information Disclosure |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
Exploitation Less Likely | Exploitation Less Likely | Not Applicable | No | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-8426 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
Microsoft SharePoint Enterprise Server 2013 Service Pack 1 | 4092470 (Security Update) | Important | Information Disclosure | 4022235 | Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft SharePoint Enterprise Server 2016 | 4092459 (Security Update) | Important | Information Disclosure | 4032256 | Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft SharePoint Server 2010 Service Pack 2 | 4022207 (Security Update) | Important | Information Disclosure | 4022145 | Base: N/A Temporal: N/A Vector: N/A |
Maybe |
CVE ID | Acknowledgements |
CVE-2018-8426 | Ashar Javed of Hyundai AutoEver Europe GmbH https://twitter.com/soaj1664ashar,https://www.hyundai-autoever.eu/ |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8428 MITRE NVD |
CVE Title: Microsoft SharePoint Elevation of Privilege Vulnerability
Description: An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacker who successfully exploited the vulnerability could then perform cross-site scripting attacks on affected systems and run script in the security context of the current user. These attacks could allow the attacker to read content that the attacker is not authorized to read, use the victim's identity to take actions on the SharePoint site on behalf of the user, such as change permissions and delete content, and inject malicious content in the browser of the user. The security update addresses the vulnerability by helping to ensure that SharePoint Server properly sanitizes web requests. FAQ: None Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Important | Elevation of Privilege |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
Exploitation Less Likely | Exploitation Less Likely | Not Applicable | No | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-8428 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
Microsoft SharePoint Enterprise Server 2013 Service Pack 1 | 4092470 (Security Update) | Important | Elevation of Privilege | 4022235 | Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft SharePoint Enterprise Server 2016 | 4092459 (Security Update) | Important | Elevation of Privilege | 4032256 | Base: N/A Temporal: N/A Vector: N/A |
Maybe |
CVE ID | Acknowledgements |
CVE-2018-8428 | Ashar Javed of Hyundai AutoEver Europe GmbH https://twitter.com/soaj1664ashar,https://www.hyundai-autoever.eu/ |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8429 MITRE NVD |
CVE Title: Microsoft Excel Information Disclosure Vulnerability
Description: An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory. An attacker who exploited the vulnerability could access information previously deleted from the active worksheet. To exploit the vulnerability, an attacker could craft a special document file and then convince the user to open it. The update addresses the vulnerability by changing the way certain Excel functions handle objects in memory. FAQ: I am being offered this update for software that is not specifically indicated as being affected in the Affected Software and Vulnerability Severity Ratings table. Why am I being offered this update? When updates address vulnerable code that exists in a component that is shared between multiple Microsoft Office products or shared between multiple versions of the same Microsoft Office product, the update is considered to be applicable to all supported products and versions that contain the vulnerable component. For example, when an update applies to Microsoft Office 2007 products, only Microsoft Office 2007 may be specifically listed in the Affected Software table. However, the update could apply to Microsoft Word 2007, Microsoft Excel 2007, Microsoft Visio 2007, Microsoft Compatibility Pack, Microsoft Excel Viewer, or any other Microsoft Office 2007 product that is not specifically listed in the Affected Software table. Furthermore, when an update applies to Microsoft Office 2010 products, only Microsoft Office 2010 may be specifically listed in the Affected Software table. However, the update could apply to Microsoft Word 2010, Microsoft Excel 2010, Microsoft Visio 2010, Microsoft Visio Viewer, or any other Microsoft Office 2010 product that is not specifically listed in the Affected Software table. For more information on this behavior and recommended actions, see Microsoft Knowledge Base Article 830335. For a list of Microsoft Office products that an update may apply to, refer to the Microsoft Knowledge Base Article associated with the specific update. Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Important | Information Disclosure |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
Exploitation Less Likely | Exploitation Less Likely | Not Applicable | No | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-8429 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
Microsoft Excel 2010 Service Pack 2 (32-bit editions) | 4227175 (Security Update) | Important | Information Disclosure | 4032223 | Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft Excel 2010 Service Pack 2 (64-bit editions) | 4227175 (Security Update) | Important | Information Disclosure | 4032223 | Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft Excel 2013 RT Service Pack 1 | 4092479 (Security Update) | Important | Information Disclosure | 4032241 | Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft Excel 2013 Service Pack 1 (32-bit editions) | 4092479 (Security Update) | Important | Information Disclosure | 4032241 | Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft Excel 2013 Service Pack 1 (64-bit editions) | 4092479 (Security Update) | Important | Information Disclosure | 4032241 | Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft Excel 2016 (32-bit edition) | 4092460 (Security Update) | Important | Information Disclosure | 4032229 | Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft Excel 2016 (64-bit edition) | 4092460 (Security Update) | Important | Information Disclosure | 4032229 | Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft Excel Viewer 2007 Service Pack 3 | 4092467 (Security Update) | Important | Information Disclosure | 4032213 | Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft Office 2016 Click-to-Run (C2R) for 32-bit editions | Click to Run (Security Update) | Important | Information Disclosure | None | Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft Office 2016 Click-to-Run (C2R) for 64-bit editions | Click to Run (Security Update) | Important | Information Disclosure | None | Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft Office 2016 for Mac | Release Notes (Security Update) | Important | Information Disclosure | None | Base: N/A Temporal: N/A Vector: N/A |
No |
Microsoft Office Compatibility Pack Service Pack 3 | 4092466 (Security Update) | Important | Information Disclosure | 4032212 | Base: N/A Temporal: N/A Vector: N/A |
Maybe |
CVE ID | Acknowledgements |
CVE-2018-8429 | Jaanus Kp Clarified Security working with Trend Micro's Zero Day Initiative http://www.zerodayinitiative.com/ |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8430 MITRE NVD |
CVE Title: Word PDF Remote Code Execution Vulnerability
Description: A remote code execution vulnerability exists in Microsoft Word if a user opens a specially crafted PDF file. An attacker who successfully exploited the vulnerability could cause arbitrary code to execute in the context of the current user. To exploit the vulnerability, an attacker must entice the user to open a specially crafted PDF file. The update addresses the vulnerability by modifying how Microsoft Word parses PDF files. FAQ: I am being offered this update for software that is not specifically indicated as being affected in the Affected Software and Vulnerability Severity Ratings table. Why am I being offered this update? When updates address vulnerable code that exists in a component that is shared between multiple Microsoft Office products or shared between multiple versions of the same Microsoft Office product, the update is considered to be applicable to all supported products and versions that contain the vulnerable component. For example, when an update applies to Microsoft Office 2007 products, only Microsoft Office 2007 may be specifically listed in the Affected Software table. However, the update could apply to Microsoft Word 2007, Microsoft Excel 2007, Microsoft Visio 2007, Microsoft Compatibility Pack, Microsoft Excel Viewer, or any other Microsoft Office 2007 product that is not specifically listed in the Affected Software table. Furthermore, when an update applies to Microsoft Office 2010 products, only Microsoft Office 2010 may be specifically listed in the Affected Software table. However, the update could apply to Microsoft Word 2010, Microsoft Excel 2010, Microsoft Visio 2010, Microsoft Visio Viewer, or any other Microsoft Office 2010 product that is not specifically listed in the Affected Software table. For more information on this behavior and recommended actions, see Microsoft Knowledge Base Article 830335. For a list of Microsoft Office products that an update may apply to, refer to the Microsoft Knowledge Base Article associated with the specific update. Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Important | Remote Code Execution |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
Exploitation More Likely | Exploitation More Likely | Not Applicable | No | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-8430 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
Microsoft Office 2016 Click-to-Run (C2R) for 32-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | None | Base: N/A Temporal: N/A Vector: N/A |
No |
Microsoft Office 2016 Click-to-Run (C2R) for 64-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | None | Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft Word 2013 RT Service Pack 1 | 4032246 (Security Update) | Important | Remote Code Execution | 4022224 | Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft Word 2013 Service Pack 1 (32-bit editions) | 4032246 (Security Update) | Important | Remote Code Execution | 4022224 | Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft Word 2013 Service Pack 1 (64-bit editions) | 4032246 (Security Update) | Important | Remote Code Execution | 4022224 | Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft Word 2016 (32-bit edition) | 4092447 (Security Update) | Important | Remote Code Execution | 4022218 | Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft Word 2016 (64-bit edition) | 4092447 (Security Update) | Important | Remote Code Execution | 4022218 | Base: N/A Temporal: N/A Vector: N/A |
Maybe |
CVE ID | Acknowledgements |
CVE-2018-8430 | Omri Herscovici of Check Point https://www.checkpoint.com/ |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8431 MITRE NVD |
CVE Title: Microsoft SharePoint Elevation of Privilege Vulnerability
Description: An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacker who successfully exploited the vulnerability could then perform cross-site scripting attacks on affected systems and run script in the security context of the current user. These attacks could allow the attacker to read content that the attacker is not authorized to read, use the victim's identity to take actions on the SharePoint site on behalf of the user, such as change permissions and delete content, and inject malicious content in the browser of the user. The security update addresses the vulnerability by helping to ensure that SharePoint Server properly sanitizes web requests. FAQ: None Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Important | Information Disclosure |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
Exploitation Less Likely | Exploitation Less Likely | Not Applicable | No | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-8431 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
Microsoft SharePoint Enterprise Server 2013 Service Pack 1 | 4092470 (Security Update) | Important | Information Disclosure | 4022235 | Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft SharePoint Enterprise Server 2016 | 4092459 (Security Update) | Important | Information Disclosure | 4032256 | Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft SharePoint Server 2010 Service Pack 2 | 4022207 (Security Update) | Important | Information Disclosure | 4022145 | Base: N/A Temporal: N/A Vector: N/A |
Maybe |
CVE ID | Acknowledgements |
CVE-2018-8431 | Ashar Javed of Hyundai AutoEver Europe GmbH https://twitter.com/soaj1664ashar,https://www.hyundai-autoever.eu/ |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8434 MITRE NVD |
CVE Title: Windows Hyper-V Information Disclosure Vulnerability
Description: An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker on a guest operating system could run a specially crafted application that could cause the Hyper-V host operating system to disclose memory information. An attacker who successfully exploited the vulnerability could gain access to information on the Hyper-V host operating system. The security update addresses the vulnerability by correcting how Hyper-V validates guest operating system user input. FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is Guest VM to Hyper-V host server - virtualization security boundary. Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Important | Information Disclosure |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
Exploitation Less Likely | Exploitation Less Likely | Not Applicable | No | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-8434 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
Windows 10 for x64-based Systems | 4457132 (Security Update) | Important | Information Disclosure | 4343892 | Base: 5.40 Temporal: 4.90 Vector: CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1607 for x64-based Systems | 4457131 (Security Update) | Important | Information Disclosure | 4343887 | Base: 5.40 Temporal: 4.90 Vector: CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1703 for x64-based Systems | 4457138 (Security Update) | Important | Information Disclosure | 4343885 | Base: 5.40 Temporal: 4.90 Vector: CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1709 for x64-based Systems | 4457142 (Security Update) | Important | Information Disclosure | 4343897 | Base: 5.40 Temporal: 4.90 Vector: CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1803 for x64-based Systems | 4457128 (Security Update) | Important | Information Disclosure | 4343909 | Base: 5.40 Temporal: 4.90 Vector: CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 7 for x64-based Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Information Disclosure | 4343900 |
Base: 5.40 Temporal: 4.90 Vector: CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 8.1 for x64-based systems | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Important | Information Disclosure | 4343898 |
Base: 5.40 Temporal: 4.90 Vector: CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows RT 8.1 | 4457129 (Monthly Rollup) | Important | Information Disclosure | 4343898 | Base: 5.40 Temporal: 4.90 Vector: CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2008 for x64-based Systems Service Pack 2 | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Information Disclosure | Base: 5.40 Temporal: 4.90 Vector: CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Information Disclosure | Base: 5.40 Temporal: 4.90 Vector: CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Information Disclosure | 4343900 |
Base: 5.40 Temporal: 4.90 Vector: CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Information Disclosure | 4343900 |
Base: 5.40 Temporal: 4.90 Vector: CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 | 4457135 (Monthly Rollup) 4457140 (Security Only) |
Important | Information Disclosure | 4343901 |
Base: 5.40 Temporal: 4.90 Vector: CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 (Server Core installation) | 4457135 (Monthly Rollup) 4457140 (Security Only) |
Important | Information Disclosure | 4343901 |
Base: 5.40 Temporal: 4.90 Vector: CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 R2 | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Important | Information Disclosure | 4343898 |
Base: 5.40 Temporal: 4.90 Vector: CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 R2 (Server Core installation) | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Important | Information Disclosure | 4343898 |
Base: 5.40 Temporal: 4.90 Vector: CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2016 | 4457131 (Security Update) | Important | Information Disclosure | 4343887 | Base: 5.40 Temporal: 4.90 Vector: CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2016 (Server Core installation) | 4457131 (Security Update) | Important | Information Disclosure | 4343887 | Base: 5.40 Temporal: 4.90 Vector: CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server, version 1709 (Server Core Installation) | 4457142 (Security Update) | Important | Information Disclosure | 4343897 | Base: 5.40 Temporal: 4.90 Vector: CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server, version 1803 (Server Core Installation) | 4457128 (Security Update) | Important | Information Disclosure | 4343909 | Base: 5.40 Temporal: 4.90 Vector: CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
CVE ID | Acknowledgements |
CVE-2018-8434 | Giwan Go, Hyoung-Kee Choi in HIT Lab at Sungkyunkwan University http://hit.skku.edu/~hkchoi/,http://hit.skku.edu/ |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8435 MITRE NVD |
CVE Title: Windows Hyper-V Security Feature Bypass Vulnerability
Description: A security feature bypass vulnerability exists when Windows Hyper-V BIOS loader fails to provide a high-entropy source. To exploit this vulnerability, an attacker would need to reboot a guest virtual machine numerous times until the vulnerability is triggered. The security update addresses the vulnerability by correcting security feature behavior to ensure Windows Hyper-V BIOS loader provides a high-entropy source. FAQ: None Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Important | Security Feature Bypass |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
Exploitation Less Likely | Exploitation Less Likely | Not Applicable | No | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-8435 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
Windows 10 for x64-based Systems | 4457132 (Security Update) | Important | Security Feature Bypass | 4343892 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1607 for x64-based Systems | 4457131 (Security Update) | Important | Security Feature Bypass | 4343887 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1703 for x64-based Systems | 4457138 (Security Update) | Important | Security Feature Bypass | 4343885 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1709 for x64-based Systems | 4457142 (Security Update) | Important | Security Feature Bypass | 4343897 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1803 for x64-based Systems | 4457128 (Security Update) | Important | Security Feature Bypass | 4343909 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2016 | 4457131 (Security Update) | Important | Security Feature Bypass | 4343887 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2016 (Server Core installation) | 4457131 (Security Update) | Important | Security Feature Bypass | 4343887 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server, version 1709 (Server Core Installation) | 4457142 (Security Update) | Important | Security Feature Bypass | 4343897 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server, version 1803 (Server Core Installation) | 4457128 (Security Update) | Important | Security Feature Bypass | 4343909 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C |
Yes |
CVE ID | Acknowledgements |
CVE-2018-8435 | Niels Ferguson of Microsoft Corporation |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8436 MITRE NVD |
CVE Title: Windows Hyper-V Denial of Service Vulnerability
Description: A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application that causes a host machine to crash. The update addresses the vulnerability by modifying how virtual machines access the Hyper-V Network Switch. FAQ: None Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Important | Denial of Service |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
Exploitation Less Likely | N/A | Not Applicable | No | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-8436 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
Windows 10 Version 1803 for x64-based Systems | 4457128 (Security Update) | Important | Denial of Service | 4343909 | Base: 5.40 Temporal: 4.90 Vector: CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server, version 1803 (Server Core Installation) | 4457128 (Security Update) | Important | Denial of Service | 4343909 | Base: 5.40 Temporal: 4.90 Vector: CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C |
Yes |
CVE ID | Acknowledgements |
CVE-2018-8436 | Peter Hlavaty (@zer0mem), KeenLab at Tencent https://twitter.com/zer0mem,http://keenlab.tencent.com/en/ |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8437 MITRE NVD |
CVE Title: Windows Hyper-V Denial of Service Vulnerability
Description: A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application that causes a host machine to crash. The update addresses the vulnerability by modifying how virtual machines access the Hyper-V Network Switch. FAQ: None Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Important | Denial of Service |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
Exploitation Less Likely | N/A | Not Applicable | No | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-8437 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
Windows 10 Version 1803 for x64-based Systems | 4457128 (Security Update) | Important | Denial of Service | 4343909 | Base: 5.40 Temporal: 4.90 Vector: CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server, version 1803 (Server Core Installation) | 4457128 (Security Update) | Important | Denial of Service | 4343909 | Base: 5.40 Temporal: 4.90 Vector: CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C |
Yes |
CVE ID | Acknowledgements |
CVE-2018-8437 | Peter Hlavaty (@zer0mem), KeenLab, Tencent https://twitter.com/zer0mem,http://keenlab.tencent.com/en/ |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8438 MITRE NVD |
CVE Title: Windows Hyper-V Denial of Service Vulnerability
Description: A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application that causes a host machine to crash. The update addresses the vulnerability by modifying how virtual machines access the Hyper-V Network Switch. FAQ: None Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Important | Denial of Service |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
Exploitation Less Likely | Exploitation Less Likely | Not Applicable | No | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-8438 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
Windows 10 for 32-bit Systems | 4457132 (Security Update) | Important | Denial of Service | 4343892 | Base: 5.80 Temporal: 5.20 Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 for x64-based Systems | 4457132 (Security Update) | Important | Denial of Service | 4343892 | Base: 5.80 Temporal: 5.20 Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1607 for 32-bit Systems | 4457131 (Security Update) | Important | Denial of Service | 4343887 | Base: 5.80 Temporal: 5.20 Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1607 for x64-based Systems | 4457131 (Security Update) | Important | Denial of Service | 4343887 | Base: 5.80 Temporal: 5.20 Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1703 for 32-bit Systems | 4457138 (Security Update) | Important | Denial of Service | 4343885 | Base: 5.80 Temporal: 5.20 Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1703 for x64-based Systems | 4457138 (Security Update) | Important | Denial of Service | 4343885 | Base: 5.80 Temporal: 5.20 Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1709 for 32-bit Systems | 4457142 (Security Update) | Important | Denial of Service | 4343897 | Base: 5.80 Temporal: 5.20 Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1709 for x64-based Systems | 4457142 (Security Update) | Important | Denial of Service | 4343897 | Base: 5.80 Temporal: 5.20 Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1803 for 32-bit Systems | 4457128 (Security Update) | Important | Denial of Service | 4343909 | Base: 5.80 Temporal: 5.20 Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1803 for x64-based Systems | 4457128 (Security Update) | Important | Denial of Service | 4343909 | Base: 5.80 Temporal: 5.20 Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C |
Yes |
Windows 8.1 for 32-bit systems | 4457143 (Security Only) 4457129 (Monthly Rollup) |
Important | Denial of Service | 4343898 |
Base: 5.80 Temporal: 5.20 Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C |
Yes |
Windows 8.1 for x64-based systems | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Important | Denial of Service | 4343898 |
Base: 5.80 Temporal: 5.20 Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C |
Yes |
Windows RT 8.1 | 4457129 (Monthly Rollup) | Important | Denial of Service | 4343898 | Base: 5.80 Temporal: 5.20 Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 R2 | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Important | Denial of Service | 4343898 |
Base: 5.80 Temporal: 5.20 Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 R2 (Server Core installation) | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Important | Denial of Service | 4343898 |
Base: 5.80 Temporal: 5.20 Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2016 | 4457131 (Security Update) | Important | Denial of Service | 4343887 | Base: 5.80 Temporal: 5.20 Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2016 (Server Core installation) | 4457131 (Security Update) | Important | Denial of Service | 4343887 | Base: 5.80 Temporal: 5.20 Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server, version 1709 (Server Core Installation) | 4457142 (Security Update) | Important | Denial of Service | 4343897 | Base: 5.80 Temporal: 5.20 Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server, version 1803 (Server Core Installation) | 4457128 (Security Update) | Important | Denial of Service | 4343909 | Base: 5.80 Temporal: 5.20 Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C |
Yes |
CVE ID | Acknowledgements |
CVE-2018-8438 | Nick Freeman |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8439 MITRE NVD |
CVE Title: Windows Hyper-V Remote Code Execution Vulnerability
Description: A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause the Hyper-V host operating system to execute arbitrary code. An attacker who successfully exploited the vulnerability could execute arbitrary code on the host operating system. The security update addresses the vulnerability by correcting how Hyper-V validates guest operating system user input. FAQ: None Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Critical | Remote Code Execution |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
Exploitation Less Likely | Exploitation Less Likely | Not Applicable | No | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-8439 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
Windows 10 for x64-based Systems | 4457132 (Security Update) | Critical | Remote Code Execution | 4343892 | Base: 7.60 Temporal: 6.80 Vector: CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1607 for x64-based Systems | 4457131 (Security Update) | Critical | Remote Code Execution | 4343887 | Base: 7.60 Temporal: 6.80 Vector: CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1703 for x64-based Systems | 4457138 (Security Update) | Critical | Remote Code Execution | 4343885 | Base: 7.60 Temporal: 6.80 Vector: CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1709 for x64-based Systems | 4457142 (Security Update) | Critical | Remote Code Execution | 4343897 | Base: 7.60 Temporal: 6.80 Vector: CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1803 for x64-based Systems | 4457128 (Security Update) | Critical | Remote Code Execution | 4343909 | Base: 7.60 Temporal: 6.80 Vector: CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 8.1 for x64-based systems | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Critical | Remote Code Execution | 4343898 |
Base: 7.60 Temporal: 6.80 Vector: CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows RT 8.1 | 4457129 (Monthly Rollup) | Critical | Remote Code Execution | 4343898 | Base: 7.60 Temporal: 6.80 Vector: CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 R2 | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Critical | Remote Code Execution | 4343898 |
Base: 7.60 Temporal: 6.80 Vector: CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 R2 (Server Core installation) | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Critical | Remote Code Execution | 4343898 |
Base: 7.60 Temporal: 6.80 Vector: CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2016 | 4457131 (Security Update) | Critical | Remote Code Execution | 4343887 | Base: 7.60 Temporal: 6.80 Vector: CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2016 (Server Core installation) | 4457131 (Security Update) | Critical | Remote Code Execution | 4343887 | Base: 7.60 Temporal: 6.80 Vector: CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server, version 1709 (Server Core Installation) | 4457142 (Security Update) | Critical | Remote Code Execution | 4343897 | Base: 7.60 Temporal: 6.80 Vector: CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server, version 1803 (Server Core Installation) | 4457128 (Security Update) | Critical | Remote Code Execution | 4343909 | Base: 7.60 Temporal: 6.80 Vector: CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
CVE ID | Acknowledgements |
CVE-2018-8439 | Daniel King (@long123king), MSRC Microsoft https://twitter.com/long123king |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8440 MITRE NVD |
CVE Title: Windows ALPC Elevation of Privilege Vulnerability
Description: An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC). An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control over an affected system. The update addresses the vulnerability by correcting how Windows handles calls to ALPC. FAQ: None Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Important | Elevation of Privilege |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
Exploitation More Likely | Exploitation More Likely | Not Applicable | Yes | Yes |
The following tables list the affected software details for the vulnerability.
CVE-2018-8440 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
Windows 10 for 32-bit Systems | 4457132 (Security Update) | Important | Elevation of Privilege | 4343892 | Base: 7.80 Temporal: 7.50 Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C |
Yes |
Windows 10 for x64-based Systems | 4457132 (Security Update) | Important | Elevation of Privilege | 4343892 | Base: 7.80 Temporal: 7.50 Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C |
Yes |
Windows 10 Version 1607 for 32-bit Systems | 4457131 (Security Update) | Important | Elevation of Privilege | 4343887 | Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1607 for x64-based Systems | 4457131 (Security Update) | Important | Elevation of Privilege | 4343887 | Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1703 for 32-bit Systems | 4457138 (Security Update) | Important | Elevation of Privilege | 4343885 | Base: 7.80 Temporal: 7.50 Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C |
Yes |
Windows 10 Version 1703 for x64-based Systems | 4457138 (Security Update) | Important | Elevation of Privilege | 4343885 | Base: 7.80 Temporal: 7.50 Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C |
Yes |
Windows 10 Version 1709 for 32-bit Systems | 4457142 (Security Update) | Important | Elevation of Privilege | 4343897 | Base: 7.80 Temporal: 7.50 Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C |
Yes |
Windows 10 Version 1709 for x64-based Systems | 4457142 (Security Update) | Important | Elevation of Privilege | 4343897 | Base: 7.80 Temporal: 7.50 Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C |
Yes |
Windows 10 Version 1803 for 32-bit Systems | 4457128 (Security Update) | Important | Elevation of Privilege | 4343909 | Base: 7.80 Temporal: 7.50 Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C |
Yes |
Windows 10 Version 1803 for x64-based Systems | 4457128 (Security Update) | Important | Elevation of Privilege | 4343909 | Base: 7.80 Temporal: 7.50 Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C |
Yes |
Windows 7 for 32-bit Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Elevation of Privilege | 4343900 |
Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 7 for x64-based Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Elevation of Privilege | 4343900 |
Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 8.1 for 32-bit systems | 4457143 (Security Only) 4457129 (Monthly Rollup) |
Important | Elevation of Privilege | 4343898 |
Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 8.1 for x64-based systems | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Important | Elevation of Privilege | 4343898 |
Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows RT 8.1 | 4457129 (Monthly Rollup) | Important | Elevation of Privilege | 4343898 | Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2008 for 32-bit Systems Service Pack 2 | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Elevation of Privilege | Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Elevation of Privilege | Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 for Itanium-Based Systems Service Pack 2 | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Elevation of Privilege | Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 for x64-based Systems Service Pack 2 | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Elevation of Privilege | Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Elevation of Privilege | Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Elevation of Privilege | 4343900 |
Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Elevation of Privilege | 4343900 |
Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Elevation of Privilege | 4343900 |
Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 | 4457135 (Monthly Rollup) 4457140 (Security Only) |
Important | Elevation of Privilege | 4343901 |
Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 (Server Core installation) | 4457135 (Monthly Rollup) 4457140 (Security Only) |
Important | Elevation of Privilege | 4343901 |
Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 R2 | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Important | Elevation of Privilege | 4343898 |
Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 R2 (Server Core installation) | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Important | Elevation of Privilege | 4343898 |
Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2016 | 4457131 (Security Update) | Important | Elevation of Privilege | 4343887 | Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2016 (Server Core installation) | 4457131 (Security Update) | Important | Elevation of Privilege | 4343887 | Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server, version 1709 (Server Core Installation) | 4457142 (Security Update) | Important | Elevation of Privilege | 4343897 | Base: 7.80 Temporal: 7.50 Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C |
Yes |
Windows Server, version 1803 (Server Core Installation) | 4457128 (Security Update) | Important | Elevation of Privilege | 4343909 | Base: 7.80 Temporal: 7.50 Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C |
Yes |
CVE ID | Acknowledgements |
CVE-2018-8440 | None |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8441 MITRE NVD |
CVE Title: Windows Subsystem for Linux Elevation of Privilege Vulnerability
Description: An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application. The security update addresses the vulnerability by correcting how Windows Subsystem for Linux handles objects in memory. FAQ: None Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Important | Elevation of Privilege |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
Exploitation Less Likely | N/A | Not Applicable | No | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-8441 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
Windows 10 Version 1803 for 32-bit Systems | 4457128 (Security Update) | Important | Elevation of Privilege | 4343909 | Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1803 for x64-based Systems | 4457128 (Security Update) | Important | Elevation of Privilege | 4343909 | Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server, version 1803 (Server Core Installation) | 4457128 (Security Update) | Important | Elevation of Privilege | 4343909 | Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
CVE ID | Acknowledgements |
CVE-2018-8441 | Anthony LAOU HINE TSUEI of Tencent Keen Security Lab https://twitter.com/anarcheuz,https://keenlab.tencent.com/en/ |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8442 MITRE NVD |
CVE Title: Windows Kernel Information Disclosure Vulnerability
Description: An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. An authenticated attacker could exploit this vulnerability by running a specially crafted application. The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory. FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is Kernel memory read - unintentional read access to memory contents in kernel space from a user mode process. Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Important | Information Disclosure |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
Exploitation More Likely | Exploitation More Likely | Not Applicable | No | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-8442 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
Windows 10 for 32-bit Systems | 4457132 (Security Update) | Important | Information Disclosure | 4343892 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 for x64-based Systems | 4457132 (Security Update) | Important | Information Disclosure | 4343892 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1607 for 32-bit Systems | 4457131 (Security Update) | Important | Information Disclosure | 4343887 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1607 for x64-based Systems | 4457131 (Security Update) | Important | Information Disclosure | 4343887 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1703 for 32-bit Systems | 4457138 (Security Update) | Important | Information Disclosure | 4343885 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1703 for x64-based Systems | 4457138 (Security Update) | Important | Information Disclosure | 4343885 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1709 for 32-bit Systems | 4457142 (Security Update) | Important | Information Disclosure | 4343897 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1709 for x64-based Systems | 4457142 (Security Update) | Important | Information Disclosure | 4343897 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1803 for 32-bit Systems | 4457128 (Security Update) | Important | Information Disclosure | 4343909 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1803 for x64-based Systems | 4457128 (Security Update) | Important | Information Disclosure | 4343909 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 7 for 32-bit Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Information Disclosure | 4343900 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 7 for x64-based Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Information Disclosure | 4343900 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 8.1 for 32-bit systems | 4457143 (Security Only) 4457129 (Monthly Rollup) |
Important | Information Disclosure | 4343898 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 8.1 for x64-based systems | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Important | Information Disclosure | 4343898 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows RT 8.1 | 4457129 (Monthly Rollup) | Important | Information Disclosure | 4343898 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2008 for 32-bit Systems Service Pack 2 | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Information Disclosure | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Information Disclosure | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 for Itanium-Based Systems Service Pack 2 | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Information Disclosure | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 for x64-based Systems Service Pack 2 | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Information Disclosure | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Information Disclosure | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Information Disclosure | 4343900 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Information Disclosure | 4343900 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Information Disclosure | 4343900 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 | 4457135 (Monthly Rollup) 4457140 (Security Only) |
Important | Information Disclosure | 4343901 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 (Server Core installation) | 4457135 (Monthly Rollup) 4457140 (Security Only) |
Important | Information Disclosure | 4343901 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 R2 | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Important | Information Disclosure | 4343898 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 R2 (Server Core installation) | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Important | Information Disclosure | 4343898 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2016 | 4457131 (Security Update) | Important | Information Disclosure | 4343887 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2016 (Server Core installation) | 4457131 (Security Update) | Important | Information Disclosure | 4343887 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server, version 1709 (Server Core Installation) | 4457142 (Security Update) | Important | Information Disclosure | 4343897 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server, version 1803 (Server Core Installation) | 4457128 (Security Update) | Important | Information Disclosure | 4343909 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
CVE ID | Acknowledgements |
CVE-2018-8442 | Tanghui Chen of Baidu X-Lab Tianya Team http://xlab.baidu.com |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8443 MITRE NVD |
CVE Title: Windows Kernel Information Disclosure Vulnerability
Description: An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. An authenticated attacker could exploit this vulnerability by running a specially crafted application. The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory. FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is Kernel memory read - unintentional read access to memory contents in kernel space from a user mode process. Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Important | Information Disclosure |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
Exploitation Less Likely | Exploitation Less Likely | Not Applicable | No | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-8443 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
Windows 10 for 32-bit Systems | 4457132 (Security Update) | Important | Information Disclosure | 4343892 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 for x64-based Systems | 4457132 (Security Update) | Important | Information Disclosure | 4343892 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1607 for 32-bit Systems | 4457131 (Security Update) | Important | Information Disclosure | 4343887 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1607 for x64-based Systems | 4457131 (Security Update) | Important | Information Disclosure | 4343887 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1703 for 32-bit Systems | 4457138 (Security Update) | Important | Information Disclosure | 4343885 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1703 for x64-based Systems | 4457138 (Security Update) | Important | Information Disclosure | 4343885 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1709 for 32-bit Systems | 4457142 (Security Update) | Important | Information Disclosure | 4343897 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1709 for x64-based Systems | 4457142 (Security Update) | Important | Information Disclosure | 4343897 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1803 for 32-bit Systems | 4457128 (Security Update) | Important | Information Disclosure | 4343909 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1803 for x64-based Systems | 4457128 (Security Update) | Important | Information Disclosure | 4343909 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 7 for 32-bit Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Information Disclosure | 4343900 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 7 for x64-based Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Information Disclosure | 4343900 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 8.1 for 32-bit systems | 4457143 (Security Only) 4457129 (Monthly Rollup) |
Important | Information Disclosure | 4343898 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 8.1 for x64-based systems | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Important | Information Disclosure | 4343898 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows RT 8.1 | 4457129 (Monthly Rollup) | Important | Information Disclosure | 4343898 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2008 for 32-bit Systems Service Pack 2 | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Information Disclosure | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Information Disclosure | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 for Itanium-Based Systems Service Pack 2 | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Information Disclosure | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 for x64-based Systems Service Pack 2 | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Information Disclosure | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Information Disclosure | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Information Disclosure | 4343900 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Information Disclosure | 4343900 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Information Disclosure | 4343900 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 | 4457135 (Monthly Rollup) 4457140 (Security Only) |
Important | Information Disclosure | 4343901 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 (Server Core installation) | 4457135 (Monthly Rollup) 4457140 (Security Only) |
Important | Information Disclosure | 4343901 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 R2 | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Important | Information Disclosure | 4343898 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 R2 (Server Core installation) | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Important | Information Disclosure | 4343898 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2016 | 4457131 (Security Update) | Important | Information Disclosure | 4343887 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2016 (Server Core installation) | 4457131 (Security Update) | Important | Information Disclosure | 4343887 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server, version 1709 (Server Core Installation) | 4457142 (Security Update) | Important | Information Disclosure | 4343897 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server, version 1803 (Server Core Installation) | 4457128 (Security Update) | Important | Information Disclosure | 4343909 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
CVE ID | Acknowledgements |
CVE-2018-8443 | Tanghui Chen of Baidu X-Lab Tianya Team http://xlab.baidu.com |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8444 MITRE NVD |
CVE Title: Windows SMB Information Disclosure Vulnerability
Description: An information disclosure vulnerability exists in the way that the Microsoft Server Message Block 2.0 (SMBv2) server handles certain requests. An attacker who successfully exploited this vulnerability could craft a special packet, which could lead to information disclosure from the server. To exploit the vulnerability, in most situations, an unauthenticated attacker could send a specially crafted packet to a targeted SMBv2 server. The security update addresses the vulnerability by correcting how SMBv2 handles these specially crafted requests. FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is Kernel memory read - unintentional read access to memory contents in kernel space from a user mode process. Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Important | Information Disclosure |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
N/A | Exploitation Less Likely | Not Applicable | No | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-8444 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
Windows 10 for 32-bit Systems | 4457132 (Security Update) | Important | Information Disclosure | 4343892 | Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C |
Yes |
Windows 10 for x64-based Systems | 4457132 (Security Update) | Important | Information Disclosure | 4343892 | Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C |
Yes |
Windows 8.1 for 32-bit systems | 4457143 (Security Only) 4457129 (Monthly Rollup) |
Important | Information Disclosure | 4343898 |
Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C |
Yes |
Windows 8.1 for x64-based systems | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Important | Information Disclosure | 4343898 |
Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C |
Yes |
Windows RT 8.1 | 4457129 (Monthly Rollup) | Important | Information Disclosure | 4343898 | Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 | 4457135 (Monthly Rollup) 4457140 (Security Only) |
Important | Information Disclosure | 4343901 |
Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 (Server Core installation) | 4457135 (Monthly Rollup) 4457140 (Security Only) |
Important | Information Disclosure | 4343901 |
Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 R2 | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Important | Information Disclosure | 4343898 |
Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 R2 (Server Core installation) | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Important | Information Disclosure | 4343898 |
Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C |
Yes |
CVE ID | Acknowledgements |
CVE-2018-8444 | Haikuo Xie of Baidu Security Lab |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8445 MITRE NVD |
CVE Title: Windows Kernel Information Disclosure Vulnerability
Description: An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. An authenticated attacker could exploit this vulnerability by running a specially crafted application. The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory. FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is Kernel memory read - unintentional read access to memory contents in kernel space from a user mode process. Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Important | Information Disclosure |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
Exploitation Less Likely | N/A | Not Applicable | No | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-8445 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
Windows 10 Version 1803 for 32-bit Systems | 4457128 (Security Update) | Important | Information Disclosure | 4343909 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1803 for x64-based Systems | 4457128 (Security Update) | Important | Information Disclosure | 4343909 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server, version 1803 (Server Core Installation) | 4457128 (Security Update) | Important | Information Disclosure | 4343909 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
CVE ID | Acknowledgements |
CVE-2018-8445 | Alex Ionescu, CrowdStrike Inc. https://www.crowdstrike.com |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8446 MITRE NVD |
CVE Title: Windows Kernel Information Disclosure Vulnerability
Description: An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system. The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory. FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is Kernel memory read - unintentional read access to memory contents in kernel space from a user mode process. Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Important | Information Disclosure |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
Exploitation Less Likely | Exploitation Less Likely | Not Applicable | No | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-8446 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
Windows 10 for 32-bit Systems | 4457132 (Security Update) | Important | Information Disclosure | 4343892 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 for x64-based Systems | 4457132 (Security Update) | Important | Information Disclosure | 4343892 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1607 for 32-bit Systems | 4457131 (Security Update) | Important | Information Disclosure | 4343887 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1607 for x64-based Systems | 4457131 (Security Update) | Important | Information Disclosure | 4343887 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1703 for 32-bit Systems | 4457138 (Security Update) | Important | Information Disclosure | 4343885 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1703 for x64-based Systems | 4457138 (Security Update) | Important | Information Disclosure | 4343885 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1709 for 32-bit Systems | 4457142 (Security Update) | Important | Information Disclosure | 4343897 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1709 for x64-based Systems | 4457142 (Security Update) | Important | Information Disclosure | 4343897 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1803 for 32-bit Systems | 4457128 (Security Update) | Important | Information Disclosure | 4343909 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1803 for x64-based Systems | 4457128 (Security Update) | Important | Information Disclosure | 4343909 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 7 for 32-bit Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Information Disclosure | 4343900 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 7 for x64-based Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Information Disclosure | 4343900 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 8.1 for 32-bit systems | 4457143 (Security Only) 4457129 (Monthly Rollup) |
Important | Information Disclosure | 4343898 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows 8.1 for x64-based systems | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Important | Information Disclosure | 4343898 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows RT 8.1 | 4457129 (Monthly Rollup) | Important | Information Disclosure | 4343898 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2008 for 32-bit Systems Service Pack 2 | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Information Disclosure | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Information Disclosure | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 for Itanium-Based Systems Service Pack 2 | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Information Disclosure | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 for x64-based Systems Service Pack 2 | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Information Disclosure | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Information Disclosure | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Information Disclosure | 4343900 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Information Disclosure | 4343900 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Information Disclosure | 4343900 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 | 4457135 (Monthly Rollup) 4457140 (Security Only) |
Important | Information Disclosure | 4343901 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 (Server Core installation) | 4457135 (Monthly Rollup) 4457140 (Security Only) |
Important | Information Disclosure | 4343901 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 R2 | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Important | Information Disclosure | 4343898 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 R2 (Server Core installation) | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Important | Information Disclosure | 4343898 |
Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2016 | 4457131 (Security Update) | Important | Information Disclosure | 4343887 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2016 (Server Core installation) | 4457131 (Security Update) | Important | Information Disclosure | 4343887 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server, version 1709 (Server Core Installation) | 4457142 (Security Update) | Important | Information Disclosure | 4343897 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server, version 1803 (Server Core Installation) | 4457128 (Security Update) | Important | Information Disclosure | 4343909 | Base: 4.70 Temporal: 4.20 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C |
Yes |
CVE ID | Acknowledgements |
CVE-2018-8446 | Ruibo Liu of Baidu X-Lab Tianya Team http://xlab.baidu.com |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8447 MITRE NVD |
CVE Title: Internet Explorer Memory Corruption Vulnerability
Description: A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, the attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. An attacker could host a specially crafted website designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website. The attacker could also take advantage of compromised websites, or websites that accept or host user-provided content or advertisements, by adding specially crafted content that could exploit the vulnerability. However, in all cases an attacker would have no way to force a user to view the attacker-controlled content. Instead, an attacker would have to convince a user to take action, typically by an enticement in an email or instant message, or by getting the user to open an attachment sent through email. The security update addresses the vulnerability by modifying how Internet Explorer handles objects in memory. FAQ: None Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Moderate | Remote Code Execution |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
Exploitation More Likely | Exploitation More Likely | Not Applicable | No | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-8447 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
Internet Explorer 10 on Windows Server 2012 | 4457426 (IE Cumulative) 4457135 (Monthly Rollup) |
Moderate | Remote Code Execution | 4343205 4343901 |
Base: 6.40 Temporal: 5.80 Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows 10 for 32-bit Systems | 4457132 (Security Update) | Critical | Remote Code Execution | 4343892 | Base: 7.50 Temporal: 6.70 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows 10 for x64-based Systems | 4457132 (Security Update) | Critical | Remote Code Execution | 4343892 | Base: 7.50 Temporal: 6.70 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows 10 Version 1607 for 32-bit Systems | 4457131 (Security Update) | Critical | Remote Code Execution | 4343887 | Base: 7.50 Temporal: 6.70 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows 10 Version 1607 for x64-based Systems | 4457131 (Security Update) | Critical | Remote Code Execution | 4343887 | Base: 7.50 Temporal: 6.70 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows 10 Version 1703 for 32-bit Systems | 4457138 (Security Update) | Critical | Remote Code Execution | 4343885 | Base: 7.50 Temporal: 6.70 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows 10 Version 1703 for x64-based Systems | 4457138 (Security Update) | Critical | Remote Code Execution | 4343885 | Base: 7.50 Temporal: 6.70 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows 10 Version 1709 for 32-bit Systems | 4457142 (Security Update) | Critical | Remote Code Execution | 4343897 | Base: 7.50 Temporal: 6.70 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows 10 Version 1709 for x64-based Systems | 4457142 (Security Update) | Critical | Remote Code Execution | 4343897 | Base: 7.50 Temporal: 6.70 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows 10 Version 1803 for 32-bit Systems | 4457128 (Security Update) | Critical | Remote Code Execution | 4343909 | Base: 7.50 Temporal: 6.70 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows 10 Version 1803 for x64-based Systems | 4457128 (Security Update) | Critical | Remote Code Execution | 4343909 | Base: 7.50 Temporal: 6.70 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows 7 for 32-bit Systems Service Pack 1 | 4457426 (IE Cumulative) 4457144 (Monthly Rollup) |
Critical | Remote Code Execution | 4343205 4343900 |
Base: 7.50 Temporal: 6.70 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows 7 for x64-based Systems Service Pack 1 | 4457426 (IE Cumulative) 4457144 (Monthly Rollup) |
Critical | Remote Code Execution | 4343205 4343900 |
Base: 7.50 Temporal: 6.70 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows 8.1 for 32-bit systems | 4457426 (IE Cumulative) 4457129 (Monthly Rollup) |
Critical | Remote Code Execution | 4343205 4343898 |
Base: 7.50 Temporal: 6.70 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows 8.1 for x64-based systems | 4457426 (IE Cumulative) 4457129 (Monthly Rollup) |
Critical | Remote Code Execution | 4343205 4343898 |
Base: 7.50 Temporal: 6.70 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows RT 8.1 | 4457129 (Monthly Rollup) | Critical | Remote Code Execution | 4343898 | Base: 7.50 Temporal: 6.70 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 4457426 (IE Cumulative) 4457144 (Monthly Rollup) |
Moderate | Remote Code Execution | 4343205 4343900 |
Base: 6.40 Temporal: 5.80 Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows Server 2012 R2 | 4457426 (IE Cumulative) 4457129 (Monthly Rollup) |
Moderate | Remote Code Execution | 4343205 4343898 |
Base: 6.40 Temporal: 5.80 Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows Server 2016 | 4457131 (Security Update) | Moderate | Remote Code Execution | 4343887 | Base: 6.40 Temporal: 5.80 Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Internet Explorer 9 on Windows Server 2008 for 32-bit Systems Service Pack 2 | 4457426 (IE Cumulative) 4458010 (Monthly Rollup) |
Moderate | Remote Code Execution | 4343205 |
Base: 6.40 Temporal: 5.80 Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Internet Explorer 9 on Windows Server 2008 for x64-based Systems Service Pack 2 | 4457426 (IE Cumulative) 4458010 (Monthly Rollup) |
Moderate | Remote Code Execution | 4343205 |
Base: 6.40 Temporal: 5.80 Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
CVE ID | Acknowledgements |
CVE-2018-8447 | Anonymous working with Trend Micro's Zero Day Initiative http://www.zerodayinitiative.com/ |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8449 MITRE NVD |
CVE Title: Device Guard Security Feature Bypass Vulnerability
Description: A security feature bypass exists when Device Guard incorrectly validates an untrusted file. An attacker who successfully exploited this vulnerability could make an unsigned file appear to be signed. Because Device Guard relies on the signature to determine the file is non-malicious, Device Guard could then allow a malicious file to execute. In an attack scenario, an attacker could make an untrusted file appear to be a trusted file. The update addresses the vulnerability by correcting how Device Guard handles untrusted files. FAQ: None Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Important | Security Feature Bypass |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
Exploitation More Likely | Exploitation More Likely | Not Applicable | No | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-8449 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
Windows 10 for 32-bit Systems | 4457132 (Security Update) | Important | Security Feature Bypass | 4343892 | Base: 5.30 Temporal: 4.80 Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C |
Yes |
Windows 10 for x64-based Systems | 4457132 (Security Update) | Important | Security Feature Bypass | 4343892 | Base: 5.30 Temporal: 4.80 Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1607 for 32-bit Systems | 4457131 (Security Update) | Important | Security Feature Bypass | 4343887 | Base: 5.30 Temporal: 4.80 Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1607 for x64-based Systems | 4457131 (Security Update) | Important | Security Feature Bypass | 4343887 | Base: 5.30 Temporal: 4.80 Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1703 for 32-bit Systems | 4457138 (Security Update) | Important | Security Feature Bypass | 4343885 | Base: 5.30 Temporal: 4.80 Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1703 for x64-based Systems | 4457138 (Security Update) | Important | Security Feature Bypass | 4343885 | Base: 5.30 Temporal: 4.80 Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1709 for 32-bit Systems | 4457142 (Security Update) | Important | Security Feature Bypass | 4343897 | Base: 5.30 Temporal: 4.80 Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1709 for x64-based Systems | 4457142 (Security Update) | Important | Security Feature Bypass | 4343897 | Base: 5.30 Temporal: 4.80 Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1803 for 32-bit Systems | 4457128 (Security Update) | Important | Security Feature Bypass | 4343909 | Base: 5.30 Temporal: 4.80 Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1803 for x64-based Systems | 4457128 (Security Update) | Important | Security Feature Bypass | 4343909 | Base: 5.30 Temporal: 4.80 Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C |
Yes |
Windows Server 2016 | 4457131 (Security Update) | Important | Security Feature Bypass | 4343887 | Base: 5.30 Temporal: 4.80 Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C |
Yes |
Windows Server 2016 (Server Core installation) | 4457131 (Security Update) | Important | Security Feature Bypass | 4343887 | Base: 5.30 Temporal: 4.80 Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C |
Yes |
Windows Server, version 1709 (Server Core Installation) | 4457142 (Security Update) | Important | Security Feature Bypass | 4343897 | Base: 5.30 Temporal: 4.80 Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C |
Yes |
Windows Server, version 1803 (Server Core Installation) | 4457128 (Security Update) | Important | Security Feature Bypass | 4343909 | Base: 5.30 Temporal: 4.80 Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C |
Yes |
CVE ID | Acknowledgements |
CVE-2018-8449 | James Forshaw of Google Project Zero http://www.google.com/ |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8452 MITRE NVD |
CVE Title: Scripting Engine Information Disclosure Vulnerability
Description: An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft browsers. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. In a web-based attack scenario, an attacker could host a website in an attempt to exploit the vulnerability. In addition, compromised websites and websites that accept or host user-provided content could contain specially crafted content that could exploit the vulnerability. However, in all cases an attacker would have no way to force a user to view the attacker-controlled content. Instead, an attacker would have to convince a user to take action. For example, an attacker could trick a user into clicking a link that takes the user to the attacker's site. The security update addresses the vulnerability by changing how the scripting engine handles objects in memory. FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Important | Information Disclosure |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
Exploitation More Likely | N/A | Not Applicable | No | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-8452 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
ChakraCore | Commit (Security Update) | Important | Information Disclosure | None | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O |
Maybe |
Internet Explorer 11 on Windows 10 for 32-bit Systems | 4457132 (Security Update) | Important | Information Disclosure | 4343892 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O |
Yes |
Internet Explorer 11 on Windows 10 for x64-based Systems | 4457132 (Security Update) | Important | Information Disclosure | 4343892 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O |
Yes |
Internet Explorer 11 on Windows 10 Version 1607 for 32-bit Systems | 4457131 (Security Update) | Important | Information Disclosure | 4343887 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O |
Yes |
Internet Explorer 11 on Windows 10 Version 1607 for x64-based Systems | 4457131 (Security Update) | Important | Information Disclosure | 4343887 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O |
Yes |
Internet Explorer 11 on Windows 10 Version 1703 for 32-bit Systems | 4457138 (Security Update) | Important | Information Disclosure | 4343885 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O |
Yes |
Internet Explorer 11 on Windows 10 Version 1703 for x64-based Systems | 4457138 (Security Update) | Important | Information Disclosure | 4343885 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O |
Yes |
Internet Explorer 11 on Windows 10 Version 1709 for 32-bit Systems | 4457142 (Security Update) | Important | Information Disclosure | 4343897 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O |
Yes |
Internet Explorer 11 on Windows 10 Version 1709 for x64-based Systems | 4457142 (Security Update) | Important | Information Disclosure | 4343897 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O |
Yes |
Internet Explorer 11 on Windows 10 Version 1803 for 32-bit Systems | 4457128 (Security Update) | Important | Information Disclosure | 4343909 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O |
Yes |
Internet Explorer 11 on Windows 10 Version 1803 for x64-based Systems | 4457128 (Security Update) | Important | Information Disclosure | 4343909 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O |
Yes |
Internet Explorer 11 on Windows 7 for 32-bit Systems Service Pack 1 | 4457426 (IE Cumulative) 4457144 (Monthly Rollup) |
Important | Information Disclosure | 4343205 4343900 |
Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O |
Yes |
Internet Explorer 11 on Windows 7 for x64-based Systems Service Pack 1 | 4457426 (IE Cumulative) 4457144 (Monthly Rollup) |
Important | Information Disclosure | 4343205 4343900 |
Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O |
Yes |
Internet Explorer 11 on Windows 8.1 for 32-bit systems | 4457426 (IE Cumulative) 4457129 (Monthly Rollup) |
Important | Information Disclosure | 4343205 4343898 |
Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O |
Yes |
Internet Explorer 11 on Windows 8.1 for x64-based systems | 4457426 (IE Cumulative) 4457129 (Monthly Rollup) |
Important | Information Disclosure | 4343205 4343898 |
Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O |
Yes |
Internet Explorer 11 on Windows RT 8.1 | 4457129 (Monthly Rollup) | Important | Information Disclosure | 4343898 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O |
Yes |
Internet Explorer 11 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 4457426 (IE Cumulative) 4457144 (Monthly Rollup) |
Low | Information Disclosure | 4343205 4343900 |
Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O |
Yes |
Internet Explorer 11 on Windows Server 2012 R2 | 4457426 (IE Cumulative) 4457129 (Monthly Rollup) |
Low | Information Disclosure | 4343205 4343898 |
Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O |
Yes |
Internet Explorer 11 on Windows Server 2016 | 4457131 (Security Update) | Low | Information Disclosure | 4343887 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O |
Yes |
Microsoft Edge on Windows 10 for 32-bit Systems | 4457132 (Security Update) | Important | Information Disclosure | 4343892 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O |
Yes |
Microsoft Edge on Windows 10 for x64-based Systems | 4457132 (Security Update) | Important | Information Disclosure | 4343892 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O |
Yes |
Microsoft Edge on Windows 10 Version 1607 for 32-bit Systems | 4457131 (Security Update) | Important | Information Disclosure | 4343887 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O |
Yes |
Microsoft Edge on Windows 10 Version 1607 for x64-based Systems | 4457131 (Security Update) | Important | Information Disclosure | 4343887 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O |
Yes |
Microsoft Edge on Windows 10 Version 1703 for 32-bit Systems | 4457138 (Security Update) | Important | Information Disclosure | 4343885 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O |
Yes |
Microsoft Edge on Windows 10 Version 1703 for x64-based Systems | 4457138 (Security Update) | Important | Information Disclosure | 4343885 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O |
Yes |
Microsoft Edge on Windows 10 Version 1709 for 32-bit Systems | 4457142 (Security Update) | Important | Information Disclosure | 4343897 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O |
Yes |
Microsoft Edge on Windows 10 Version 1709 for x64-based Systems | 4457142 (Security Update) | Important | Information Disclosure | 4343897 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O |
Yes |
Microsoft Edge on Windows 10 Version 1803 for 32-bit Systems | 4457128 (Security Update) | Important | Information Disclosure | 4343909 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O |
Yes |
Microsoft Edge on Windows 10 Version 1803 for x64-based Systems | 4457128 (Security Update) | Important | Information Disclosure | 4343909 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O |
Yes |
Microsoft Edge on Windows Server 2016 | 4457131 (Security Update) | Low | Information Disclosure | 4343887 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O |
Yes |
CVE ID | Acknowledgements |
CVE-2018-8452 | None |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8455 MITRE NVD |
CVE Title: Windows Kernel Elevation of Privilege Vulnerability
Description: An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application. The security update addresses the vulnerability by ensuring the Windows Kernel properly handles objects in memory. FAQ: None Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Important | Elevation of Privilege |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
Exploitation Less Likely | Exploitation Less Likely | Not Applicable | No | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-8455 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
Windows 10 Version 1607 for 32-bit Systems | 4457131 (Security Update) | Important | Elevation of Privilege | 4343887 | Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1607 for x64-based Systems | 4457131 (Security Update) | Important | Elevation of Privilege | 4343887 | Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1703 for 32-bit Systems | 4457138 (Security Update) | Important | Elevation of Privilege | 4343885 | Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1703 for x64-based Systems | 4457138 (Security Update) | Important | Elevation of Privilege | 4343885 | Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1709 for 32-bit Systems | 4457142 (Security Update) | Important | Elevation of Privilege | 4343897 | Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1709 for x64-based Systems | 4457142 (Security Update) | Important | Elevation of Privilege | 4343897 | Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1803 for 32-bit Systems | 4457128 (Security Update) | Important | Elevation of Privilege | 4343909 | Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1803 for x64-based Systems | 4457128 (Security Update) | Important | Elevation of Privilege | 4343909 | Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 8.1 for 32-bit systems | 4457143 (Security Only) 4457129 (Monthly Rollup) |
Important | Elevation of Privilege | 4343898 |
Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows 8.1 for x64-based systems | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Important | Elevation of Privilege | 4343898 |
Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows RT 8.1 | 4457129 (Monthly Rollup) | Important | Elevation of Privilege | 4343898 | Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 R2 | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Important | Elevation of Privilege | 4343898 |
Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 R2 (Server Core installation) | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Important | Elevation of Privilege | 4343898 |
Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2016 | 4457131 (Security Update) | Important | Elevation of Privilege | 4343887 | Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server 2016 (Server Core installation) | 4457131 (Security Update) | Important | Elevation of Privilege | 4343887 | Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server, version 1709 (Server Core Installation) | 4457142 (Security Update) | Important | Elevation of Privilege | 4343897 | Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Windows Server, version 1803 (Server Core Installation) | 4457128 (Security Update) | Important | Elevation of Privilege | 4343909 | Base: 7.00 Temporal: 6.30 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
CVE ID | Acknowledgements |
CVE-2018-8455 | None |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8456 MITRE NVD |
CVE Title: Scripting Engine Memory Corruption Vulnerability
Description: A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. The security update addresses the vulnerability by modifying how the ChakraCore scripting engine handles objects in memory. FAQ: None Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Critical | Remote Code Execution |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
Exploitation More Likely | N/A | Not Applicable | No | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-8456 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
ChakraCore | Commit (Security Update) | Critical | Remote Code Execution | None | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Maybe |
Microsoft Edge on Windows 10 Version 1703 for 32-bit Systems | 4457138 (Security Update) | Critical | Remote Code Execution | 4343885 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1703 for x64-based Systems | 4457138 (Security Update) | Critical | Remote Code Execution | 4343885 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1709 for 32-bit Systems | 4457142 (Security Update) | Critical | Remote Code Execution | 4343897 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1709 for x64-based Systems | 4457142 (Security Update) | Critical | Remote Code Execution | 4343897 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1803 for 32-bit Systems | 4457128 (Security Update) | Critical | Remote Code Execution | 4343909 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1803 for x64-based Systems | 4457128 (Security Update) | Critical | Remote Code Execution | 4343909 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
CVE ID | Acknowledgements |
CVE-2018-8456 | Qixun Zhao of Qihoo 360 Vulcan Team https://twitter.com/S0rryMybad,http://www.360.com/ |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8457 MITRE NVD |
CVE Title: Scripting Engine Memory Corruption Vulnerability
Description: A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website designed to exploit the vulnerability through a Microsoft browser and then convince a user to view the website. An attacker could also embed an ActiveX control marked "safe for initialization" in an application or Microsoft Office document that hosts the browser rendering engine. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The security update addresses the vulnerability by modifying how the scripting engine handles objects in memory. FAQ: None Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Critical | Remote Code Execution |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
Exploitation More Likely | Exploitation More Likely | Not Applicable | Yes | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-8457 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
Internet Explorer 10 on Windows Server 2012 | 4457426 (IE Cumulative) 4457135 (Monthly Rollup) |
Moderate | Remote Code Execution | 4343205 4343901 |
Base: 6.40 Temporal: 5.80 Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O |
Yes |
Internet Explorer 11 on Windows 10 for 32-bit Systems | 4457132 (Security Update) | Critical | Remote Code Execution | 4343892 | Base: 7.50 Temporal: 6.70 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows 10 for x64-based Systems | 4457132 (Security Update) | Critical | Remote Code Execution | 4343892 | Base: 7.50 Temporal: 6.70 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows 10 Version 1607 for 32-bit Systems | 4457131 (Security Update) | Critical | Remote Code Execution | 4343887 | Base: 7.50 Temporal: 6.70 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows 10 Version 1607 for x64-based Systems | 4457131 (Security Update) | Critical | Remote Code Execution | 4343887 | Base: 7.50 Temporal: 6.70 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows 10 Version 1703 for 32-bit Systems | 4457138 (Security Update) | Critical | Remote Code Execution | 4343885 | Base: 7.50 Temporal: 6.70 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows 10 Version 1703 for x64-based Systems | 4457138 (Security Update) | Critical | Remote Code Execution | 4343885 | Base: 7.50 Temporal: 6.70 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows 10 Version 1709 for 32-bit Systems | 4457142 (Security Update) | Critical | Remote Code Execution | 4343897 | Base: 7.50 Temporal: 6.70 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows 10 Version 1709 for x64-based Systems | 4457142 (Security Update) | Critical | Remote Code Execution | 4343897 | Base: 7.50 Temporal: 6.70 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows 10 Version 1803 for 32-bit Systems | 4457128 (Security Update) | Critical | Remote Code Execution | 4343909 | Base: 7.50 Temporal: 6.70 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows 10 Version 1803 for x64-based Systems | 4457128 (Security Update) | Critical | Remote Code Execution | 4343909 | Base: 7.50 Temporal: 6.70 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows 7 for 32-bit Systems Service Pack 1 | 4457426 (IE Cumulative) 4457144 (Monthly Rollup) |
Critical | Remote Code Execution | 4343205 4343900 |
Base: 7.50 Temporal: 6.70 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows 7 for x64-based Systems Service Pack 1 | 4457426 (IE Cumulative) 4457144 (Monthly Rollup) |
Critical | Remote Code Execution | 4343205 4343900 |
Base: 7.50 Temporal: 6.70 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows 8.1 for 32-bit systems | 4457426 (IE Cumulative) 4457129 (Monthly Rollup) |
Critical | Remote Code Execution | 4343205 4343898 |
Base: 7.50 Temporal: 6.70 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows 8.1 for x64-based systems | 4457426 (IE Cumulative) 4457129 (Monthly Rollup) |
Critical | Remote Code Execution | 4343205 4343898 |
Base: 7.50 Temporal: 6.70 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows RT 8.1 | 4457129 (Monthly Rollup) | Critical | Remote Code Execution | 4343898 | Base: 7.50 Temporal: 6.70 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 4457426 (IE Cumulative) 4457144 (Monthly Rollup) |
Moderate | Remote Code Execution | 4343205 4343900 |
Base: 6.40 Temporal: 5.80 Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O |
Yes |
Internet Explorer 11 on Windows Server 2012 R2 | 4457426 (IE Cumulative) 4457129 (Monthly Rollup) |
Moderate | Remote Code Execution | 4343205 4343898 |
Base: 6.40 Temporal: 5.80 Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O |
Yes |
Internet Explorer 11 on Windows Server 2016 | 4457131 (Security Update) | Moderate | Remote Code Execution | 4343887 | Base: 6.40 Temporal: 5.80 Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O |
Yes |
Microsoft Edge on Windows 10 for 32-bit Systems | 4457132 (Security Update) | Critical | Remote Code Execution | 4343892 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 for x64-based Systems | 4457132 (Security Update) | Critical | Remote Code Execution | 4343892 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1607 for 32-bit Systems | 4457131 (Security Update) | Critical | Remote Code Execution | 4343887 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1607 for x64-based Systems | 4457131 (Security Update) | Critical | Remote Code Execution | 4343887 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1703 for 32-bit Systems | 4457138 (Security Update) | Critical | Remote Code Execution | 4343885 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1703 for x64-based Systems | 4457138 (Security Update) | Critical | Remote Code Execution | 4343885 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1709 for 32-bit Systems | 4457142 (Security Update) | Critical | Remote Code Execution | 4343897 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1709 for x64-based Systems | 4457142 (Security Update) | Critical | Remote Code Execution | 4343897 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1803 for 32-bit Systems | 4457128 (Security Update) | Critical | Remote Code Execution | 4343909 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1803 for x64-based Systems | 4457128 (Security Update) | Critical | Remote Code Execution | 4343909 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows Server 2016 | 4457131 (Security Update) | Moderate | Remote Code Execution | 4343887 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
CVE ID | Acknowledgements |
CVE-2018-8457 | Microsoft Chakra Core Team |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8459 MITRE NVD |
CVE Title: Scripting Engine Memory Corruption Vulnerability
Description: A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. The security update addresses the vulnerability by modifying how the ChakraCore scripting engine handles objects in memory. FAQ: None Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Critical | Remote Code Execution |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
Exploitation More Likely | N/A | Not Applicable | No | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-8459 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
ChakraCore | Commit (Security Update) | Critical | Remote Code Execution | None | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Maybe |
Microsoft Edge on Windows 10 Version 1803 for 32-bit Systems | 4457128 (Security Update) | Critical | Remote Code Execution | 4343909 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1803 for x64-based Systems | 4457128 (Security Update) | Critical | Remote Code Execution | 4343909 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
CVE ID | Acknowledgements |
CVE-2018-8459 | Yu Zhou of Ant-financial Light-Year Security Lab |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8463 MITRE NVD |
CVE Title: Microsoft Edge Elevation of Privilege Vulnerability
Description: An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to escape from the AppContainer sandbox in the browser. An attacker who successfully exploited this vulnerability could gain elevated privileges and break out of the Edge AppContainer sandbox. The vulnerability by itself does not allow arbitrary code to run. However, this vulnerability could be used in conjunction with one or more vulnerabilities (for example a remote code execution vulnerability and another elevation of privilege vulnerability) to take advantage of the elevated privileges when running. The security update addresses the vulnerability by modifying how Microsoft Edge handles sandboxing. FAQ: None Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Important | Elevation of Privilege |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
Exploitation More Likely | N/A | Not Applicable | No | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-8463 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
Microsoft Edge on Windows 10 Version 1803 for 32-bit Systems | 4457128 (Security Update) | Important | Elevation of Privilege | 4343909 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1803 for x64-based Systems | 4457128 (Security Update) | Important | Elevation of Privilege | 4343909 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C |
Yes |
CVE ID | Acknowledgements |
CVE-2018-8463 | Lokihardt of Google Project Zero https://www.google.com |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8464 MITRE NVD |
CVE Title: Microsoft Edge PDF Remote Code Execution Vulnerability
Description: An remote code execution vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit the vulnerability, in a web-based attack scenario, an attacker could host a website that contains malicious PDF content. In addition, compromised websites and websites that accept or host user-provided content could contain specially crafted PDF content that could exploit the vulnerability. However, in all cases an attacker would have no way to force a user to view the attacker-controlled content. Instead, an attacker would have to convince a user to take action. For example, an attacker could trick a user into clicking a link that takes the user to the attacker's site. The security update addresses the vulnerability by modifying how Microsoft Edge PDF Reader handles objects in memory. FAQ: None Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Critical | Remote Code Execution |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
Exploitation More Likely | N/A | Not Applicable | No | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-8464 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
Microsoft Edge on Windows 10 for 32-bit Systems | 4457132 (Security Update) | Critical | Remote Code Execution | 4343892 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 for x64-based Systems | 4457132 (Security Update) | Critical | Remote Code Execution | 4343892 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1607 for 32-bit Systems | 4457131 (Security Update) | Critical | Remote Code Execution | 4343887 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1607 for x64-based Systems | 4457131 (Security Update) | Critical | Remote Code Execution | 4343887 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1703 for 32-bit Systems | 4457138 (Security Update) | Critical | Remote Code Execution | 4343885 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1703 for x64-based Systems | 4457138 (Security Update) | Critical | Remote Code Execution | 4343885 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1709 for 32-bit Systems | 4457142 (Security Update) | Critical | Remote Code Execution | 4343897 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1709 for x64-based Systems | 4457142 (Security Update) | Critical | Remote Code Execution | 4343897 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1803 for 32-bit Systems | 4457128 (Security Update) | Critical | Remote Code Execution | 4343909 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1803 for x64-based Systems | 4457128 (Security Update) | Critical | Remote Code Execution | 4343909 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows Server 2016 | 4457131 (Security Update) | Moderate | Remote Code Execution | 4343887 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
CVE ID | Acknowledgements |
CVE-2018-8464 | Omri Herscovici of Check Point https://www.checkpoint.com/ |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8465 MITRE NVD |
CVE Title: Chakra Scripting Engine Memory Corruption Vulnerability
Description: A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory. FAQ: None Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Critical | Remote Code Execution |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
Exploitation More Likely | N/A | Not Applicable | No | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-8465 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
ChakraCore | Commit (Security Update) | Critical | Remote Code Execution | None | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Maybe |
Microsoft Edge on Windows 10 Version 1607 for 32-bit Systems | 4457131 (Security Update) | Critical | Remote Code Execution | 4343887 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1607 for x64-based Systems | 4457131 (Security Update) | Critical | Remote Code Execution | 4343887 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1703 for 32-bit Systems | 4457138 (Security Update) | Critical | Remote Code Execution | 4343885 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1703 for x64-based Systems | 4457138 (Security Update) | Critical | Remote Code Execution | 4343885 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1709 for 32-bit Systems | 4457142 (Security Update) | Critical | Remote Code Execution | 4343897 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1709 for x64-based Systems | 4457142 (Security Update) | Critical | Remote Code Execution | 4343897 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1803 for 32-bit Systems | 4457128 (Security Update) | Critical | Remote Code Execution | 4343909 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1803 for x64-based Systems | 4457128 (Security Update) | Critical | Remote Code Execution | 4343909 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows Server 2016 | 4457131 (Security Update) | Moderate | Remote Code Execution | 4343887 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
CVE ID | Acknowledgements |
CVE-2018-8465 | None |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8466 MITRE NVD |
CVE Title: Chakra Scripting Engine Memory Corruption Vulnerability
Description: A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory. FAQ: None Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Critical | Remote Code Execution |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
Exploitation More Likely | N/A | Not Applicable | No | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-8466 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
ChakraCore | Commit (Security Update) | Critical | Remote Code Execution | None | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Maybe |
Microsoft Edge on Windows 10 for 32-bit Systems | 4457132 (Security Update) | Critical | Remote Code Execution | 4343892 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 for x64-based Systems | 4457132 (Security Update) | Critical | Remote Code Execution | 4343892 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1607 for 32-bit Systems | 4457131 (Security Update) | Critical | Remote Code Execution | 4343887 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1607 for x64-based Systems | 4457131 (Security Update) | Critical | Remote Code Execution | 4343887 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1703 for 32-bit Systems | 4457138 (Security Update) | Critical | Remote Code Execution | 4343885 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1703 for x64-based Systems | 4457138 (Security Update) | Critical | Remote Code Execution | 4343885 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1709 for 32-bit Systems | 4457142 (Security Update) | Critical | Remote Code Execution | 4343897 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1709 for x64-based Systems | 4457142 (Security Update) | Critical | Remote Code Execution | 4343897 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1803 for 32-bit Systems | 4457128 (Security Update) | Critical | Remote Code Execution | 4343909 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1803 for x64-based Systems | 4457128 (Security Update) | Critical | Remote Code Execution | 4343909 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows Server 2016 | 4457131 (Security Update) | Moderate | Remote Code Execution | 4343887 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
CVE ID | Acknowledgements |
CVE-2018-8466 | Lokihardt of Google Project Zero https://www.google.com |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8467 MITRE NVD |
CVE Title: Chakra Scripting Engine Memory Corruption Vulnerability
Description: A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory. FAQ: None Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Critical | Remote Code Execution |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
Exploitation More Likely | N/A | Not Applicable | No | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-8467 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
ChakraCore | Commit (Security Update) | Critical | Remote Code Execution | None | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Maybe |
Microsoft Edge on Windows 10 for 32-bit Systems | 4457132 (Security Update) | Critical | Remote Code Execution | 4343892 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 for x64-based Systems | 4457132 (Security Update) | Critical | Remote Code Execution | 4343892 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1607 for 32-bit Systems | 4457131 (Security Update) | Critical | Remote Code Execution | 4343887 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1607 for x64-based Systems | 4457131 (Security Update) | Critical | Remote Code Execution | 4343887 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1703 for 32-bit Systems | 4457138 (Security Update) | Critical | Remote Code Execution | 4343885 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1703 for x64-based Systems | 4457138 (Security Update) | Critical | Remote Code Execution | 4343885 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1709 for 32-bit Systems | 4457142 (Security Update) | Critical | Remote Code Execution | 4343897 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1709 for x64-based Systems | 4457142 (Security Update) | Critical | Remote Code Execution | 4343897 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1803 for 32-bit Systems | 4457128 (Security Update) | Critical | Remote Code Execution | 4343909 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1803 for x64-based Systems | 4457128 (Security Update) | Critical | Remote Code Execution | 4343909 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows Server 2016 | 4457131 (Security Update) | Moderate | Remote Code Execution | 4343887 | Base: 4.20 Temporal: 3.80 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C |
Yes |
CVE ID | Acknowledgements |
CVE-2018-8467 | Qixun Zhao of Qihoo 360 Vulcan Team https://twitter.com/S0rryMybad,http://www.360.com/ Lokihardt of Google Project Zero https://www.google.com |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8468 MITRE NVD |
CVE Title: Windows Elevation of Privilege Vulnerability
Description: An elevation of privilege vulnerability exists when Windows, allowing a sandbox escape. An attacker who successfully exploited the vulnerability could use the sandbox escape to elevate privileges on an affected system. This vulnerability by itself does not allow arbitrary code execution. However, the vulnerability could allow arbitrary code to run if an attacker uses it in combination with another vulnerability, such as a remote code execution vulnerability or another elevation of privilege vulnerability, that can leverage the elevated privileges when code execution is attempted. The security update addresses the vulnerability by correcting how Windows parses files. FAQ: None Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Important | Elevation of Privilege, Remote Code Execution |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
Exploitation More Likely | Exploitation More Likely | Not Applicable | No | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-8468 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
Windows 10 for 32-bit Systems | 4457132 (Security Update) | Important | Elevation of Privilege | 4343892 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 for x64-based Systems | 4457132 (Security Update) | Important | Elevation of Privilege | 4343892 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1607 for 32-bit Systems | 4457131 (Security Update) | Important | Elevation of Privilege | 4343887 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1607 for x64-based Systems | 4457131 (Security Update) | Important | Elevation of Privilege | 4343887 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1703 for 32-bit Systems | 4457138 (Security Update) | Important | Elevation of Privilege | 4343885 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1703 for x64-based Systems | 4457138 (Security Update) | Important | Elevation of Privilege | 4343885 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1709 for 32-bit Systems | 4457142 (Security Update) | Important | Elevation of Privilege | 4343897 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1709 for x64-based Systems | 4457142 (Security Update) | Important | Elevation of Privilege | 4343897 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1803 for 32-bit Systems | 4457128 (Security Update) | Important | Elevation of Privilege | 4343909 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Windows 10 Version 1803 for x64-based Systems | 4457128 (Security Update) | Important | Elevation of Privilege | 4343909 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Windows 7 for 32-bit Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Elevation of Privilege | 4343900 |
Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Windows 7 for x64-based Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Elevation of Privilege | 4343900 |
Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Windows 8.1 for 32-bit systems | 4457143 (Security Only) 4457129 (Monthly Rollup) |
Important | Elevation of Privilege | 4343898 |
Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Windows 8.1 for x64-based systems | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Important | Elevation of Privilege | 4343898 |
Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Windows RT 8.1 | 4457129 (Monthly Rollup) | Important | Elevation of Privilege | 4343898 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2008 for 32-bit Systems Service Pack 2 | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Elevation of Privilege | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Elevation of Privilege | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 for Itanium-Based Systems Service Pack 2 | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Elevation of Privilege | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 for x64-based Systems Service Pack 2 | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Elevation of Privilege | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 4457984 (Security Only) 4458010 (Monthly Rollup) |
Important | Elevation of Privilege | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C |
Yes | |
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Elevation of Privilege | 4343900 |
Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Elevation of Privilege | 4343900 |
Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 4457144 (Monthly Rollup) 4457145 (Security Only) |
Important | Elevation of Privilege | 4343900 |
Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 | 4457135 (Monthly Rollup) 4457140 (Security Only) |
Important | Elevation of Privilege | 4343901 |
Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 (Server Core installation) | 4457135 (Monthly Rollup) 4457140 (Security Only) |
Important | Elevation of Privilege | 4343901 |
Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 R2 | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Important | Elevation of Privilege | 4343898 |
Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2012 R2 (Server Core installation) | 4457129 (Monthly Rollup) 4457143 (Security Only) |
Important | Elevation of Privilege | 4343898 |
Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2016 | 4457131 (Security Update) | Important | Elevation of Privilege | 4343887 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server 2016 (Server Core installation) | 4457131 (Security Update) | Important | Elevation of Privilege | 4343887 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server, version 1709 (Server Core Installation) | 4457142 (Security Update) | Important | Remote Code Execution | 4343897 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Windows Server, version 1803 (Server Core Installation) | 4457128 (Security Update) | Important | Elevation of Privilege | 4343909 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C |
Yes |
CVE ID | Acknowledgements |
CVE-2018-8468 | Lokihardt of Google Project Zero https://www.google.com |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8469 MITRE NVD |
CVE Title: Microsoft Edge Elevation of Privilege Vulnerability
Description: An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to escape from the AppContainer sandbox in the browser. An attacker who successfully exploited this vulnerability could gain elevated privileges and break out of the Edge AppContainer sandbox. The vulnerability by itself does not allow arbitrary code to run. However, this vulnerability could be used in conjunction with one or more vulnerabilities (for example a remote code execution vulnerability and another elevation of privilege vulnerability) to take advantage of the elevated privileges when running. The security update addresses the vulnerability by modifying how Microsoft Edge handles sandboxing. FAQ: None Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Important | Elevation of Privilege |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
Exploitation More Likely | N/A | Not Applicable | No | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-8469 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
Microsoft Edge on Windows 10 for 32-bit Systems | 4457132 (Security Update) | Important | Elevation of Privilege | 4343892 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 for x64-based Systems | 4457132 (Security Update) | Important | Elevation of Privilege | 4343892 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1607 for 32-bit Systems | 4457131 (Security Update) | Important | Elevation of Privilege | 4343887 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1607 for x64-based Systems | 4457131 (Security Update) | Important | Elevation of Privilege | 4343887 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1703 for 32-bit Systems | 4457138 (Security Update) | Important | Elevation of Privilege | 4343885 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1703 for x64-based Systems | 4457138 (Security Update) | Important | Elevation of Privilege | 4343885 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1709 for 32-bit Systems | 4457142 (Security Update) | Important | Elevation of Privilege | 4343897 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1709 for x64-based Systems | 4457142 (Security Update) | Important | Elevation of Privilege | 4343897 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1803 for 32-bit Systems | 4457128 (Security Update) | Important | Elevation of Privilege | 4343909 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows 10 Version 1803 for x64-based Systems | 4457128 (Security Update) | Important | Elevation of Privilege | 4343909 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C |
Yes |
Microsoft Edge on Windows Server 2016 | 4457131 (Security Update) | Low | Elevation of Privilege | 4343887 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C |
Yes |
CVE ID | Acknowledgements |
CVE-2018-8469 | Lokihardt of Google Project Zero https://www.google.com |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8470 MITRE NVD |
CVE Title: Internet Explorer Security Feature Bypass Vulnerability
Description: A security feature bypass vulnerability exists in Internet Explorer due to how scripts are handled that allows a universal cross-site scripting (UXSS) condition. An attacker could use the UXSS vulnerability to access any session belonging to web pages currently opened (or cached) by the browser at the time the attack is triggered. To exploit the UXSS vulnerability, a user must be logged on and running an affected version of Internet Explorer. The user would then need to browse to a malicious website or a website serving the malicious code. The security update addresses the UXSS vulnerability by helping to ensure that Internet Explorer properly handles scripts. FAQ: None Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Important | Security Feature Bypass |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
Exploitation More Likely | N/A | Not Applicable | No | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-8470 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
Internet Explorer 11 on Windows 10 for 32-bit Systems | 4457132 (Security Update) | Important | Security Feature Bypass | 4343892 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows 10 for x64-based Systems | 4457132 (Security Update) | Important | Security Feature Bypass | 4343892 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows 10 Version 1607 for 32-bit Systems | 4457131 (Security Update) | Important | Security Feature Bypass | 4343887 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows 10 Version 1607 for x64-based Systems | 4457131 (Security Update) | Important | Security Feature Bypass | 4343887 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows 10 Version 1703 for 32-bit Systems | 4457138 (Security Update) | Important | Security Feature Bypass | 4343885 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows 10 Version 1703 for x64-based Systems | 4457138 (Security Update) | Important | Security Feature Bypass | 4343885 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows 10 Version 1709 for 32-bit Systems | 4457142 (Security Update) | Important | Security Feature Bypass | 4343897 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows 10 Version 1709 for x64-based Systems | 4457142 (Security Update) | Important | Security Feature Bypass | 4343897 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows 10 Version 1803 for 32-bit Systems | 4457128 (Security Update) | Important | Security Feature Bypass | 4343909 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows 10 Version 1803 for x64-based Systems | 4457128 (Security Update) | Important | Security Feature Bypass | 4343909 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows 7 for 32-bit Systems Service Pack 1 | 4457426 (IE Cumulative) 4457144 (Monthly Rollup) |
Important | Security Feature Bypass | 4343205 4343900 |
Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows 7 for x64-based Systems Service Pack 1 | 4457426 (IE Cumulative) 4457144 (Monthly Rollup) |
Important | Security Feature Bypass | 4343205 4343900 |
Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows 8.1 for 32-bit systems | 4457426 (IE Cumulative) 4457129 (Monthly Rollup) |
Important | Security Feature Bypass | 4343205 4343898 |
Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows 8.1 for x64-based systems | 4457426 (IE Cumulative) 4457129 (Monthly Rollup) |
Important | Security Feature Bypass | 4343205 4343898 |
Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows RT 8.1 | 4457129 (Monthly Rollup) | Important | Security Feature Bypass | 4343898 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 4457426 (IE Cumulative) 4457144 (Monthly Rollup) |
Low | Security Feature Bypass | 4343205 4343900 |
Base: 2.40 Temporal: 2.20 Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows Server 2012 R2 | 4457426 (IE Cumulative) 4457129 (Monthly Rollup) |
Low | Security Feature Bypass | 4343205 4343898 |
Base: 2.40 Temporal: 2.20 Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C |
Yes |
Internet Explorer 11 on Windows Server 2016 | 4457131 (Security Update) | Low | Security Feature Bypass | 4343887 | Base: 4.30 Temporal: 3.90 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C |
Yes |
CVE ID | Acknowledgements |
CVE-2018-8470 | Masato Kinugawa of Cure53 https://twitter.com/kinugawamasato,https://cure53.de/ |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8331 MITRE NVD |
CVE Title: Microsoft Excel Remote Code Execution Vulnerability
Description: A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Exploitation of the vulnerability requires that a user open a specially crafted file with an affected version of Microsoft Excel. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) containing a specially crafted file designed to exploit the vulnerability. An attacker would have no way to force users to visit the website. Instead, an attacker would have to convince users to click a link, typically by way of an enticement in an email or instant message, and then convince them to open the specially crafted file. The security update addresses the vulnerability by correcting how Microsoft Excel handles objects in memory. FAQ: I am being offered this update for software that is not specifically indicated as being affected in the Affected Software and Vulnerability Severity Ratings table. Why am I being offered this update? When updates address vulnerable code that exists in a component that is shared between multiple Microsoft Office products or shared between multiple versions of the same Microsoft Office product, the update is considered to be applicable to all supported products and versions that contain the vulnerable component. For example, when an update applies to Microsoft Office 2007 products, only Microsoft Office 2007 may be specifically listed in the Affected Software table. However, the update could apply to Microsoft Word 2007, Microsoft Excel 2007, Microsoft Visio 2007, Microsoft Compatibility Pack, Microsoft Excel Viewer, or any other Microsoft Office 2007 product that is not specifically listed in the Affected Software table. Furthermore, when an update applies to Microsoft Office 2010 products, only Microsoft Office 2010 may be specifically listed in the Affected Software table. However, the update could apply to Microsoft Word 2010, Microsoft Excel 2010, Microsoft Visio 2010, Microsoft Visio Viewer, or any other Microsoft Office 2010 product that is not specifically listed in the Affected Software table. For more information on this behavior and recommended actions, see Microsoft Knowledge Base Article 830335. For a list of Microsoft Office products that an update may apply to, refer to the Microsoft Knowledge Base Article associated with the specific update. Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Important | Remote Code Execution |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
Exploitation More Likely | N/A | Not Applicable | No | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-8331 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
Microsoft Office 2016 Click-to-Run (C2R) for 32-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | None | Base: N/A Temporal: N/A Vector: N/A |
No |
Microsoft Office 2016 Click-to-Run (C2R) for 64-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | None | Base: N/A Temporal: N/A Vector: N/A |
Maybe |
Microsoft Office 2016 for Mac | Release Notes (Security Update) | Important | Remote Code Execution | None | Base: N/A Temporal: N/A Vector: N/A |
No |
CVE ID | Acknowledgements |
CVE-2018-8331 | Nicolas Joly of Microsoft Corporation https://twitter.com/n_joly |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
ADV180023 MITRE NVD |
CVE Title: September 2018 Adobe Flash Security Update
Description: This security update addresses the following vulnerabilities, which are described in Adobe Security Bulletin APSB18-31: CVE-2018-15967. FAQ: How could an attacker exploit these vulnerabilities? In a web-based attack scenario where the user is using Internet Explorer for the desktop, an attacker could host a specially crafted website that is designed to exploit any of these vulnerabilities through Internet Explorer and then convince a user to view the website. An attacker could also embed an ActiveX control marked "safe for initialization" in an application or Microsoft Office document that hosts the IE rendering engine. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit any of these vulnerabilities. In all cases, however, an attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by clicking a link in an email message or in an Instant Messenger message that takes users to the attacker's website, or by opening an attachment sent through email. In a web-based attack scenario where the user is using Internet Explorer in the Windows 8-style UI, an attacker would first need to compromise a website already listed in the Compatibility View (CV) list. An attacker could then host a website that contains specially crafted Flash content designed to exploit any of these vulnerabilities through Internet Explorer and then convince a user to view the website. An attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by clicking a link in an email message or in an Instant Messenger message that takes users to the attacker's website, or by opening an attachment sent through email. For more information about Internet Explorer and the CV List, please see the MSDN Article, Developer Guidance for websites with content for Adobe Flash Player in Windows 8. Mitigations: Workarounds: Workaround refers to a setting or configuration change that would help block known attack vectors before you apply the update. Prevent Adobe Flash Player from running You can disable attempts to instantiate Adobe Flash Player in Internet Explorer and other applications that honor the kill bit feature, such as Office 2007 and Office 2010, by setting the kill bit for the control in the registry. Warning If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. Use Registry Editor at your own risk. To set the kill bit for the control in the registry, perform the following steps:
Note You must restart Internet Explorer for your changes to take effect. Impact of workaround. There is no impact as long as the object is not intended to be used in Internet Explorer. How to undo the workaround. Delete the registry keys that were added in implementing this workaround. Prevent Adobe Flash Player from running in Internet Explorer through Group Policy Note The Group Policy MMC snap-in can be used to set policy for a machine, for an organizational unit, or for an entire domain. For more information about Group Policy, visit the following Microsoft Web sites: Group Policy Overview What is Group Policy Object Editor? Core Group Policy tools and settings To disable Adobe Flash Player in Internet Explorer through Group Policy, perform the following steps: Note This workaround does not prevent Flash from being invoked from other applications, such as Microsoft Office 2007 or Microsoft Office 2010.
To disable Adobe Flash Player in Office 2010 only, set the kill bit for the ActiveX control for Adobe Flash Player in the registry using the following steps:
To disable all ActiveX controls in Microsoft Office 2007 and Microsoft Office 2010, including Adobe Flash Player in Internet Explorer, perform the following steps:
To re-enable ActiveX controls in Microsoft Office 2007 and Microsoft Office 2010, perform the following steps:
To raise the browsing security level in Internet Explorer, perform the following steps:
You can help protect against exploitation of these vulnerabilities by changing your settings to prompt before running Active Scripting or to disable Active Scripting in the Internet and Local intranet security zone. To do this, perform the following steps:
To do this, perform the following steps:
Revision: 1.0    2018-09-11T07:00:00     Information published. |
Critical | Remote Code Execution |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
Not Found | Not Found | Not Applicable | No | No |
The following tables list the affected software details for the vulnerability.
ADV180023 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
Adobe Flash Player on Windows 10 for 32-bit Systems | 4457146 (Security Update) | Critical | Remote Code Execution | 4343902 | Base: N/A Temporal: N/A Vector: N/A |
Yes |
Adobe Flash Player on Windows 10 for x64-based Systems | 4457146 (Security Update) | Critical | Remote Code Execution | 4343902 | Base: N/A Temporal: N/A Vector: N/A |
Yes |
Adobe Flash Player on Windows 10 Version 1607 for 32-bit Systems | 4457146 (Security Update) | Critical | Remote Code Execution | 4343902 | Base: N/A Temporal: N/A Vector: N/A |
Yes |
Adobe Flash Player on Windows 10 Version 1607 for x64-based Systems | 4457146 (Security Update) | Critical | Remote Code Execution | 4343902 | Base: N/A Temporal: N/A Vector: N/A |
Yes |
Adobe Flash Player on Windows 10 Version 1703 for 32-bit Systems | 4457146 (Security Update) | Critical | Remote Code Execution | 4343902 | Base: N/A Temporal: N/A Vector: N/A |
Yes |
Adobe Flash Player on Windows 10 Version 1703 for x64-based Systems | 4457146 (Security Update) | Critical | Remote Code Execution | 4343902 | Base: N/A Temporal: N/A Vector: N/A |
Yes |
Adobe Flash Player on Windows 10 Version 1709 for 32-bit Systems | 4457146 (Security Update) | Critical | Remote Code Execution | 4343902 | Base: N/A Temporal: N/A Vector: N/A |
Yes |
Adobe Flash Player on Windows 10 Version 1709 for x64-based Systems | 4457146 (Security Update) | Critical | Remote Code Execution | 4343902 | Base: N/A Temporal: N/A Vector: N/A |
Yes |
Adobe Flash Player on Windows 10 Version 1803 for 32-bit Systems | 4457146 (Security Update) | Critical | Remote Code Execution | 4343902 | Base: N/A Temporal: N/A Vector: N/A |
Yes |
Adobe Flash Player on Windows 10 Version 1803 for x64-based Systems | 4457146 (Security Update) | Critical | Remote Code Execution | 4343902 | Base: N/A Temporal: N/A Vector: N/A |
Yes |
Adobe Flash Player on Windows 8.1 for 32-bit systems | 4457146 (Security Update) | Critical | Remote Code Execution | 4343902 | Base: N/A Temporal: N/A Vector: N/A |
Yes |
Adobe Flash Player on Windows 8.1 for x64-based systems | 4457146 (Security Update) | Critical | Remote Code Execution | 4343902 | Base: N/A Temporal: N/A Vector: N/A |
Yes |
Adobe Flash Player on Windows RT 8.1 | 4457146 (Security Update) | Critical | Remote Code Execution | 4343902 | Base: N/A Temporal: N/A Vector: N/A |
Yes |
Adobe Flash Player on Windows Server 2012 | 4457146 (Security Update) | Critical | Remote Code Execution | 4343902 | Base: N/A Temporal: N/A Vector: N/A |
Yes |
Adobe Flash Player on Windows Server 2012 R2 | 4457146 (Security Update) | Critical | Remote Code Execution | 4343902 | Base: N/A Temporal: N/A Vector: N/A |
Yes |
Adobe Flash Player on Windows Server 2016 | 4457146 (Security Update) | Critical | Remote Code Execution | 4343902 | Base: N/A Temporal: N/A Vector: N/A |
Yes |
CVE ID | Acknowledgements |
ADV180023 | None |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8474 MITRE NVD |
CVE Title: Lync for Mac 2011 Security Feature Bypass Vulnerability
Description: A security feature bypass vulnerability exists when Lync for Mac 2011 fails to properly sanitize specially crafted messages. An attacker who successfully exploited this vulnerability could cause a targeted Lync for Mac 2011 user's system to browse to an attacker-specified website or automatically download file types on the operating system's safe file type list. For an attacker to exploit the vulnerability, a specially crafted message needs to be sent to a targeted user. The targeted user does not need to take any actions after receiving the message. FAQ: Where do I find the update for Lync for Mac 2011? Microsoft is not planning on fixing this vulnerability in Microsoft Lync for Mac 2011. Microsoft recommends upgrading to Skype for Business on Mac. Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Moderate | Security Feature Bypass |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
N/A | Exploitation Less Likely | Not Applicable | No | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-8474 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
Microsoft Lync for Mac 2011 | Moderate | Security Feature Bypass | None | Base: N/A Temporal: N/A Vector: N/A |
Unknown |
CVE ID | Acknowledgements |
CVE-2018-8474 | Paul Burkeland of TrustedSec https://www.trustedsec.com |
CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
CVE-2018-8479 MITRE NVD |
CVE Title: Azure IoT SDK Spoofing Vulnerability
Description: A spoofing vulnerability exists for the Azure IoT Device Provisioning for the C SDK library using the HTTP protocol on Windows platform. An attacker who successfully exploited this vulnerability could impersonate a server used during the provisioning process. To exploit this vulnerability, an attacker would need to perform a man-in-the-middle (MitM) attack on the network that provisioning was taking place. This security update addresses the vulnerability by correcting how the HTTP transport library validates certificates. This vulnerability does NOT impact other Azure IoT SDK’s such as Java/Node/C#, does NOT impact the C SDK when running on Linux or embedded OS’s, and only impacts when using the HTTP transport and NOT MQTT or AMQP FAQ: None Mitigations: None Workarounds: None Revision: 1.0    2018-09-11T07:00:00     Information published. |
Important | Spoofing |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
Exploitability Assessment for Latest Software Release | Exploitability Assessment for Older Software Release | Denial of Service Exploitability Assessment | Publicly Disclosed | Exploited |
Not Found | Not Found | Not Applicable | No | No |
The following tables list the affected software details for the vulnerability.
CVE-2018-8479 | ||||||
Product | KB Article | Severity | Impact | Supersedence | CVSS Score Set | Restart Required |
C SDK for Azure IoT | Important | Spoofing | None | Base: N/A Temporal: N/A Vector: N/A |
Unknown |
CVE ID | Acknowledgements |
CVE-2018-8479 | None |