Microsoft today patched 66 different vulnerablities. In addition, Adobe patched 6 vulnerabilities in Adobe Flash.
24 of the vulnerabilities are characterized as "Critical" by Microsoft, and 42 are considered "Important"
Among all these vulnerabilities, there are a couple that stick out:
CVE-2018-1034: This one has already been made public before the patch was released. It is a XSS vulnerability in Sharepoint. XSS vulnerabilities in Sharepoint are very common and are patched pretty much every month.
CVE-2018-0956: Interesting because it affects HTTP/2. We have not yet seen many vulnerabilities in HTTP/2 implementations, but as people start deploying it more, I expect to see more vulnerabilities. HTTP.sys, the vulnerable component patched here, implements HTTP for Microsoft's web server (IIS).
CVE-2018-0986: This vulnerability in Microsoft's Malware Protection Engine was patched last week.
CVE-2018-0976: A denial of service in RDP, which is often exposed to the network.
CVE-2018-0967: Same for SNMP.
| Description |
| CVE |
Disclosed |
Exploited |
Exploitability (old versions) |
current version |
Severity |
| Microsoft Office Graphics Component Code Execution Vulnerability |
| CVE-2018-1028 |
No |
No |
More Likely |
More Likely |
Important |
| Active Directory Security Feature Bypass Vulnerability |
| CVE-2018-0890 |
No |
No |
- |
- |
Important |
| April 2018 Adobe Flash Security Update |
| ADV180007 |
No |
No |
- |
- |
Critical |
| Chakra Scripting Engine Memory Corruption Vulnerability |
| CVE-2018-0990 |
No |
No |
- |
- |
Critical |
| CVE-2018-0993 |
No |
No |
- |
- |
Critical |
| CVE-2018-0994 |
No |
No |
- |
- |
Critical |
| CVE-2018-0995 |
No |
No |
- |
- |
Critical |
| CVE-2018-0979 |
No |
No |
- |
- |
Critical |
| CVE-2018-0980 |
No |
No |
- |
- |
Critical |
| CVE-2018-1019 |
No |
No |
- |
- |
Critical |
| Device Guard Security Feature Bypass Vulnerability |
| CVE-2018-0966 |
No |
No |
Less Likely |
Less Likely |
Important |
| HTTP.sys Denial of Service Vulnerability |
| CVE-2018-0956 |
No |
No |
Unlikely |
Unlikely |
Important |
| Hyper-V Information Disclosure Vulnerability |
| CVE-2018-0957 |
No |
No |
- |
- |
Important |
| CVE-2018-0964 |
No |
No |
- |
- |
Important |
| Internet Explorer Memory Corruption Vulnerability |
| CVE-2018-0991 |
No |
No |
More Likely |
More Likely |
Critical |
| CVE-2018-0997 |
No |
No |
Less Likely |
Less Likely |
Important |
| CVE-2018-0870 |
No |
No |
More Likely |
More Likely |
Critical |
| CVE-2018-1018 |
No |
No |
More Likely |
More Likely |
Critical |
| CVE-2018-1020 |
No |
No |
More Likely |
More Likely |
Critical |
| Microsoft Browser Memory Corruption Vulnerability |
| CVE-2018-1023 |
No |
No |
- |
- |
Critical |
| Microsoft DirectX Graphics Kernel Subsystem Elevation of Privilege Vulnerability |
| CVE-2018-1009 |
No |
No |
Less Likely |
Less Likely |
Important |
| Microsoft Edge Information Disclosure Vulnerability |
| CVE-2018-0892 |
No |
No |
- |
- |
Important |
| CVE-2018-0998 |
No |
No |
- |
- |
Important |
| Microsoft Excel Remote Code Execution Vulnerability |
| CVE-2018-0920 |
No |
No |
More Likely |
More Likely |
Important |
| CVE-2018-1011 |
No |
No |
More Likely |
More Likely |
Important |
| CVE-2018-1027 |
No |
No |
More Likely |
More Likely |
Important |
| CVE-2018-1029 |
No |
No |
More Likely |
More Likely |
Important |
| Microsoft Graphics Component Denial of Service Vulnerability |
| CVE-2018-8116 |
No |
No |
Unlikely |
Unlikely |
Moderate |
| Microsoft Graphics Remote Code Execution Vulnerability |
| CVE-2018-1010 |
No |
No |
More Likely |
More Likely |
Critical |
| CVE-2018-1012 |
No |
No |
Less Likely |
Less Likely |
Critical |
| CVE-2018-1013 |
No |
No |
More Likely |
More Likely |
Critical |
| CVE-2018-1015 |
No |
No |
More Likely |
More Likely |
Critical |
| CVE-2018-1016 |
No |
No |
More Likely |
More Likely |
Critical |
| Microsoft JET Database Engine Remote Code Execution Vulnerability |
| CVE-2018-1003 |
No |
No |
More Likely |
More Likely |
Important |
| Microsoft Malware Protection Engine Remote Code Execution Vulnerability |
| CVE-2018-0986 |
No |
No |
Less Likely |
Less Likely |
Critical |
| Microsoft Office Information Disclosure Vulnerability |
| CVE-2018-0950 |
No |
No |
More Likely |
More Likely |
Important |
| CVE-2018-1007 |
No |
No |
Less Likely |
Less Likely |
Important |
| Microsoft Office Remote Code Execution Vulnerability |
| CVE-2018-1026 |
No |
No |
More Likely |
More Likely |
Important |
| CVE-2018-1030 |
No |
No |
More Likely |
More Likely |
Important |
| Microsoft SharePoint Elevation of Privilege Vulnerability |
| CVE-2018-1032 |
No |
No |
Unlikely |
Unlikely |
Important |
| CVE-2018-1005 |
No |
No |
Unlikely |
Unlikely |
Important |
| CVE-2018-1014 |
No |
No |
Unlikely |
Unlikely |
Important |
| CVE-2018-1034 |
Yes |
No |
Unlikely |
Unlikely |
Important |
| Microsoft Visual Studio Information Disclosure Vulnerability |
| CVE-2018-1037 |
No |
No |
Unlikely |
Unlikely |
Important |
| Microsoft Wireless Keyboard 850 Security Feature Bypass Vulnerability |
| CVE-2018-8117 |
No |
No |
Less Likely |
Less Likely |
Important |
| OpenType Font Driver Elevation of Privilege Vulnerability |
| CVE-2018-1008 |
No |
No |
More Likely |
More Likely |
Important |
| Scripting Engine Information Disclosure Vulnerability |
| CVE-2018-0987 |
No |
No |
More Likely |
More Likely |
Important |
| CVE-2018-0989 |
No |
No |
More Likely |
More Likely |
Important |
| CVE-2018-1000 |
No |
No |
More Likely |
More Likely |
Critical |
| CVE-2018-0981 |
No |
No |
More Likely |
More Likely |
Critical |
| Scripting Engine Memory Corruption Vulnerability |
| CVE-2018-0988 |
No |
No |
More Likely |
More Likely |
Critical |
| CVE-2018-0996 |
No |
No |
More Likely |
More Likely |
Critical |
| CVE-2018-1001 |
No |
No |
More Likely |
More Likely |
Important |
| Windows Kernel Elevation of Privilege Vulnerability |
| CVE-2018-0963 |
No |
No |
Less Likely |
Less Likely |
Important |
| Windows Kernel Information Disclosure Vulnerability |
| CVE-2018-0887 |
No |
No |
Less Likely |
Less Likely |
Important |
| CVE-2018-0960 |
No |
No |
Less Likely |
Less Likely |
Important |
| CVE-2018-0968 |
No |
No |
Less Likely |
Less Likely |
Important |
| CVE-2018-0969 |
No |
No |
Less Likely |
Less Likely |
Important |
| CVE-2018-0970 |
No |
No |
Less Likely |
Less Likely |
Important |
| CVE-2018-0971 |
No |
No |
More Likely |
More Likely |
Important |
| CVE-2018-0972 |
No |
No |
Less Likely |
Less Likely |
Important |
| CVE-2018-0973 |
No |
No |
More Likely |
More Likely |
Important |
| CVE-2018-0974 |
No |
No |
Less Likely |
Less Likely |
Important |
| CVE-2018-0975 |
No |
No |
Less Likely |
Less Likely |
Important |
| Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability |
| CVE-2018-0976 |
No |
No |
- |
- |
Important |
| Windows SNMP Service Denial of Service Vulnerability |
| CVE-2018-0967 |
No |
No |
Unlikely |
Unlikely |
Important |
| Windows VBScript Engine Remote Code Execution Vulnerability |
| CVE-2018-1004 |
No |
No |
More Likely |
More Likely |
Critical |
---
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS Technology Institute
Twitter|
I will be teaching next:
Defending Web Applications Security Essentials - SANS San Francisco Winter 2019
