Today, Microsoft and Adobe have released their monthly set of security advisories for vulnerabilities that have been identified and addressed in various products. This month’s advisory release addresses 72 new vulnerabilities and one advisory, with 22 of them rated critical, 48 are rated Important, 2 are listed as Low in severity and 3 are under active attack. These vulnerabilities impact Windows, Office, Internet Explorer, Edge, Visual Studio, Web Apps, ChakraCore, Hyper-V Server, Adobe Flash, Adobe Connect, Adobe Creative cloud and Azure IoT SDK. The major patch is for Windows 10 VBScript engine which can be triggered when a victim visits a malicious website.
In-The-Wild and Disclosed vulnerabilities
CVE-2018-8174: A vulnerability in VBScript could allow attackers to execute code in the context of the logged in user. This vulnerability could be exploited via certain web browsers or Microsoft Office documents. Microsoft has reported active exploitation of this vulnerability. According to Microsoft, the security hole exists due to the way the VBScript engine handles objects in memory. The weakness can be exploited through Internet Explorer by getting the targeted user to visit a malicious website (including via malvertising) or by embedding an ActiveX control marked “safe for initialization” in an application or an office document that hosts the Internet Explorer rendering engine. This technique, until fixed, allowed criminals to force Internet Explorer to load, no matter which browser one normally used – further increasing an already huge attack surface.
CVE-2018-8170: A privilege escalation vulnerability affecting Windows 10 versions 1703 and 1709 as well as Windows Server, version 1709 has been publicly disclosed. A malicious application could take advantage of a flaw in the way the Windows kernel image handles objects in memory in order to execute code with higher privileges.
CVE-2018-8141: According to Microsoft, this vulnerability only impacts Windows 10 Version 1709 and Windows Server, version 1709 and could lead to information disclosure. While this vulnerability alone will not allow for system compromise, it could provide useful information that would further enable compromise.
CVE-2018-8120: This privilege escalation vulnerability affecting Win32k could allow an attacker to execute code in kernel mode. According to Microsoft, the newest OS releases aren’t affected but this is being actively exploited on Windows 7, Windows Server 2008, and Windows Server 2008 R2. An attacker could then install programs; view, change or delete data; or create new accounts with full user rights.
These updates also includes Adobe Flash player, Internet Explorer 11, Microsoft Edge, ChakraCore, Windows Server 2008 R2 for x64-based Systems Service Pack 1, Windows Server 2012 R2 (Server Core installation), Windows Server 2008 for x64-based Systems Service Pack 2, Creative Cloud Desktop Application, Windows 8.1 for x64-based systems and Windows Server 2012 which deal with the critical Remote Code Execution vulnerability.
May 2018 Patch Tuesday release consists of security updates for the following softwares:
- Internet Explorer
- Microsoft Edge
- Microsoft Windows
- Microsoft Office and Microsoft Office Services and Web Apps
- ChakraCore
- Adobe Flash Player
- Microsoft Exchange Server
- Creative Cloud Desktop Application
- Adobe Connect
Microsoft security bulletin summary for May 2018:
Product : Internet Explorer
CVE’s/Advisory : CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-1025, CVE-2018-8114, CVE-2018-8122, CVE-2018-8126, CVE-2018-8145, CVE-2018-8178
Severity : Critical
Impact : Information Disclosure, Remote Code Execution, Security Feature Bypass
KB’s : 4103716, 4103718, 4103721, 4103723, 4103725, 4103727, 4103730, 4103731, 4103768
Product : Microsoft Edge
CVE’s/Advisory : CVE-2018-0943, CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-1021, CVE-2018-1022, CVE-2018-1025, CVE-2018-8112, CVE-2018-8123, CVE-2018-8128, CVE-2018-8130, CVE-2018-8133, CVE-2018-8137, CVE-2018-8139, CVE-2018-8145, CVE-2018-8178, CVE-2018-8179
Severity : Critical
Impact : Information Disclosure, Remote Code Execution, Security Feature Bypass
KB’s : 4103716, 4103721, 4103723, 4103727, 4103731
Product : Microsoft Windows
CVE’s/Advisory : CVE-2018-0824, CVE-2018-0854, CVE-2018-0958, CVE-2018-0959, CVE-2018-0961, CVE-2018-1035, CVE-2018-8120, CVE-2018-8124, CVE-2018-8127, CVE-2018-8129, CVE-2018-8132, CVE-2018-8134, CVE-2018-8136, CVE-2018-8141, CVE-2018-8142, CVE-2018-8164, CVE-2018-8165, CVE-2018-8166, CVE-2018-8167, CVE-2018-8170, CVE-2018-8174, CVE-2018-8897
Severity : Critical
Impact : Elevation of Privilege, Information Disclosure, Remote Code Execution, Security Feature Bypass
KB’s : 4093107, 4093112, 4093119, 4094079, 4101477, 4103712, 4103715, 4103716, 4103718, 4103721, 4103723, 4103725, 4103726, 4103727, 4103730, 4103731, 4130944, 4131188, 4134651
Product : Microsoft Office and Microsoft Office Services and Web Apps
CVE’s/Advisory : CVE-2018-8147, CVE-2018-8148, CVE-2018-8149, CVE-2018-8150, CVE-2018-8155, CVE-2018-8156, CVE-2018-8157, CVE-2018-8158, CVE-2018-8160, CVE-2018-8161, CVE-2018-8162, CVE-2018-8163, CVE-2018-8168, CVE-2018-8173
Severity : Important
Impact : Elevation of Privilege, Information Disclosure, Remote Code Execution, Security Feature Bypass
KB’s : 2899590, 3114889, 3162075, 3172436, 4018308, 4018327, 4018381, 4018382, 4018383, 4018388, 4018390, 4018393, 4018396, 4018398, 4018399, 4022130, 4022135, 4022137, 4022139, 4022141, 4022142, 4022145, 4022146, 4022150
Product : ChakraCore
CVE’s/Advisory : CVE-2018-0943, CVE-2018-0945, CVE-2018-0946, CVE-2018-0953, CVE-2018-0954, CVE-2018-1022, CVE-2018-8128, CVE-2018-8130, CVE-2018-8133, CVE-2018-8137, CVE-2018-8139, CVE-2018-8145, CVE-2018-8177, CVE-2018-8178
Severity : Critical
Impact : Information Disclosure, Remote Code Execution
Product : Adobe Flash Player
CVE’s/Advisory : ADV180008
Severity : Critical
Impact : Remote Code Execution
KB’s : 4103729
Product : Microsoft Exchange Server
CVE’s/Advisory : CVE-2018-8151, CVE-2018-8152, CVE-2018-8153, CVE-2018-8154, CVE-2018-8159
Severity : Critical
Impact : Elevation of Privilege, Information Disclosure, Remote Code Execution, Spoofing
KB’s : 4091243, 4092041
Product : Creative Cloud Desktop Application
CVE’s/Advisory : CVE-2018-4992, CVE-2018-4991, CVE-2018-4873
Severity : Critical
Impact : Privilege Escalation, Security bypass, Privilege Escalation
Product : Adobe Connect
CVE’s/Advisory : CVE-2018-4994
Severity : Important
Impact : Sensitive Information disclosure
SecPod Saner detects these vulnerabilities and automatically fixes it by applying security updates. Download Saner now and keep your systems updated and secure.