Microsoft May 2018 Patch Tuesday

Published: 2018-05-08
Last Updated: 2018-05-08 18:11:38 UTC
by Johannes Ullrich (Version: 1)
1 comment(s)

Microsoft patched to vulnerabilities that have already been exploited in the wild:

CVE-2018-8174, a remote code execution vulnerability in the VBScript Engine.

CVE-2018-8120, a privilege escalation vulnerability in Win32k..

CVE-2018-8170. another privilege escalation vulnerabilty patched this month was known publicly, but has not been detected in exploits so far.

In addtion, CVE-2018-8115, which was already patched last week, is included in this months patch round-up.

 

 

 

Description
CVE Disclosed Exploited Exploitability (old versions) current version Severity CVSS Base (AVG) CVSS Temporal (AVG)
.NET Framework Device Guard Security Feature Bypass Vulnerability
CVE-2018-1039 No No Less Likely Less Likely Important    
.NET and .NET Core Denial of Service Vulnerability
CVE-2018-0765 No No Unlikely Unlikely Important    
Azure IoT SDK Spoofing Vulnerability
CVE-2018-8119 No No - - Important    
Chakra Scripting Engine Memory Corruption Vulnerability
CVE-2018-8130 No No - - Critical 4.2 3.8
CVE-2018-8133 No No - - Critical 4.2 3.8
CVE-2018-8145 No No Unlikely Unlikely Important 2.4 2.2
CVE-2018-8177 No No - - Critical 4.2 3.8
CVE-2018-0943 No No - - Critical 4.2 3.8
DirectX Graphics Kernel Elevation of Privilege Vulnerability
CVE-2018-8165 No No More Likely More Likely Important 7.0 6.3
Hyper-V Remote Code Execution Vulnerability
CVE-2018-0959 No No Less Likely Less Likely Critical 7.6 6.8
Hyper-V vSMB Remote Code Execution Vulnerability
CVE-2018-0961 No No Less Likely Less Likely Critical 7.6 6.8
Internet Explorer Security Feature Bypass Vulnerability
CVE-2018-8126 No No Less Likely Less Likely Important 5.3 4.8
May 2018 Adobe Flash Security Update
ADV180008 No No - - Critical    
Microsoft Browser Information Disclosure Vulnerability
CVE-2018-1025 No No More Likely More Likely Important 4.3 3.9
Microsoft Browser Memory Corruption Vulnerability
CVE-2018-8178 No No More Likely More Likely Critical 6.4 5.8
Microsoft COM for Windows Remote Code Execution Vulnerability
CVE-2018-0824 No No Less Likely Less Likely Important 7.5 6.7
Microsoft Edge Information Disclosure Vulnerability
CVE-2018-1021 No No - - Important 4.3 3.9
Microsoft Edge Memory Corruption Vulnerability
CVE-2018-8123 No No - - Important 4.2 3.8
CVE-2018-8179 No No - - Important 4.2 3.8
Microsoft Edge Security Feature Bypass Vulnerability
CVE-2018-8112 No No - - Important 4.3 3.9
Microsoft Excel Information Disclosure Vulnerability
CVE-2018-8163 No No More Likely More Likely Important    
Microsoft Excel Remote Code Execution Vulnerability
CVE-2018-8162 No No More Likely More Likely Important    
CVE-2018-8147 No No More Likely More Likely Important    
CVE-2018-8148 No No More Likely More Likely Important    
Microsoft Exchange Elevation of Privilege Vulnerability
CVE-2018-8159 No No Less Likely Less Likely Important    
Microsoft Exchange Memory Corruption Vulnerability
CVE-2018-8151 No No Less Likely Less Likely Important    
CVE-2018-8154 No No Less Likely Less Likely Critical    
Microsoft Exchange Server Elevation of Privilege Vulnerability
CVE-2018-8152 No No Less Likely Less Likely Important    
Microsoft Exchange Spoofing Vulnerability
CVE-2018-8153 No No Less Likely Less Likely Low    
Microsoft InfoPath Remote Code Execution Vulnerability
CVE-2018-8173 No No - - Important    
Microsoft Office Remote Code Execution Vulnerability
CVE-2018-8161 No No Less Likely Less Likely Important    
CVE-2018-8157 No No More Likely More Likely Important    
CVE-2018-8158 No No More Likely More Likely Important    
Microsoft Outlook Information Disclosure Vulnerability
CVE-2018-8160 No No - - Important    
Microsoft Outlook Security Feature Bypass Vulnerability
CVE-2018-8150 No No - - Important    
Microsoft SharePoint Elevation of Privilege Vulnerability
CVE-2018-8155 No No Less Likely Less Likely Important    
CVE-2018-8156 No No Less Likely Less Likely Important    
CVE-2018-8168 No No - - Important    
CVE-2018-8149 No No Less Likely Less Likely Important    
Scripting Engine Memory Corruption Vulnerability
CVE-2018-8122 No No More Likely More Likely Critical 6.4 5.8
CVE-2018-8128 No No - - Critical 4.2 3.8
CVE-2018-8137 No No - - Critical 4.2 3.8
CVE-2018-8139 No No - - Critical 4.2 3.8
CVE-2018-0945 No No - - Critical 4.2 3.8
CVE-2018-0946 No No - - Critical 4.2 3.8
CVE-2018-0951 No No - - Critical 4.2 3.8
CVE-2018-0953 No No - - Critical 4.2 3.8
CVE-2018-0954 No No More Likely More Likely Critical 4.2 3.8
CVE-2018-0955 No No More Likely More Likely Critical 6.4 5.8
CVE-2018-1022 No No More Likely More Likely Critical 6.4 5.8
CVE-2018-8114 No No More Likely More Likely Critical 6.4 5.8
Win32k Elevation of Privilege Vulnerability
CVE-2018-8124 No No More Likely More Likely Important 7.0 6.3
CVE-2018-8164 No No More Likely More Likely Important 7.0 6.3
CVE-2018-8166 No No More Likely More Likely Important 7.0 6.3
CVE-2018-8120 No Yes - - Important 7.0 6.3
Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2018-8167 No No More Likely More Likely Important 7.0 6.7
Windows Elevation of Privilege Vulnerability
CVE-2018-8134 No No More Likely More Likely Important 7.0 6.3
Windows Host Compute Service Shim Remote Code Execution Vulnerability
CVE-2018-8115 No No Unlikely Unlikely Critical    
Windows Image Elevation of Privilege Vulnerability
CVE-2018-8170 Yes No More Likely More Likely Important 7.0 6.3
Windows Kernel Elevation of Privilege Vulnerability
CVE-2018-8897 No No Unlikely Unlikely Important 7.0 6.3
Windows Kernel Information Disclosure Vulnerability
CVE-2018-8127 No No More Likely More Likely Important 4.7 4.2
CVE-2018-8141 Yes No - - Important 4.7 4.2
Windows Remote Code Execution Vulnerability
CVE-2018-8136 No No Less Likely Less Likely Low 6.5 5.9
Windows Security Feature Bypass Vulnerability
CVE-2018-0854 No No Unlikely Unlikely Important 2.4 2.2
CVE-2018-0958 No No Less Likely Less Likely Important 5.3 4.8
CVE-2018-8129 No No Less Likely Less Likely Important 5.3 4.8
CVE-2018-8132 No No Less Likely Less Likely Important 5.3 4.8
Windows VBScript Engine Remote Code Execution Vulnerability
CVE-2018-8174 No Yes Detected Detected Critical 7.5 7.0

---
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS Technology Institute
Twitter|

Keywords:
1 comment(s)
ISC Stormcast For Tuesday, May 8th 2018 https://isc.sans.edu/podcastdetail.html?id=5987

Comments

What's this all about ..?

Anonymous

Dec 3rd 2022
9 months ago

password reveal .

Anonymous

Dec 3rd 2022
9 months ago

<a hreaf="https://technolytical.com/">the social network</a> is described as follows because they respect your privacy and keep your data secure:

<a hreaf="https://technolytical.com/">the social network</a> is described as follows because they respect your privacy and keep your data secure. The social networks are not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go.

<a hreaf="https://technolytical.com/">the social network</a> is not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go. The social networks only collect the minimum amount of information required for the service that they provide. Your personal information is kept private, and is never shared with other companies without your permission

Anonymous

Dec 26th 2022
8 months ago

https://thehomestore.com.pk/

Anonymous

Dec 26th 2022
8 months ago

<a hreaf="https://defineprogramming.com/the-public-bathroom-near-me-find-nearest-public-toilet/"> public bathroom near me</a>
<a hreaf="https://defineprogramming.com/the-public-bathroom-near-me-find-nearest-public-toilet/"> nearest public toilet to me</a>
<a hreaf="https://defineprogramming.com/the-public-bathroom-near-me-find-nearest-public-toilet/"> public bathroom near me</a>

Anonymous

Dec 26th 2022
8 months ago

<a hreaf="https://defineprogramming.com/the-public-bathroom-near-me-find-nearest-public-toilet/"> public bathroom near me</a>
<a hreaf="https://defineprogramming.com/the-public-bathroom-near-me-find-nearest-public-toilet/"> nearest public toilet to me</a>
<a hreaf="https://defineprogramming.com/the-public-bathroom-near-me-find-nearest-public-toilet/"> public bathroom near me</a>

Anonymous

Dec 26th 2022
8 months ago

https://defineprogramming.com/

Anonymous

Dec 26th 2022
8 months ago

https://defineprogramming.com/

https://defineprogramming.com/

Dec 26th 2022
8 months ago

Enter comment here... a fake TeamViewer page, and that page led to a different type of malware. This week's infection involved a downloaded JavaScript (.js) file that led to Microsoft Installer packages (.msi files) containing other script that used free or open source programs.
distribute malware. Even if the URL listed on the ad shows a legitimate website, subsequent ad traffic can easily lead to a fake page. Different types of malware are distributed in this manner. I've seen IcedID (Bokbot), Gozi/ISFB, and various information stealers distributed through fake software websites that were provided through Google ad traffic. I submitted malicious files from this example to VirusTotal and found a low rate of detection, with some files not showing as malware at all. Additionally, domains associated with this infection frequently change. That might make it hard to detect.
https://clickercounter.org/

https://defineprogramming.com/

Dec 26th 2022
8 months ago

Enter corthrthmment here...

rthrth

Jan 2nd 2023
8 months ago

Login here to join the discussion.


Diary Archives