13 June 2018

Microsoft patches for June 2018

Microsoft patches for June 2018

This month Microsoft fixed 50 vulnerabilities in IE/Edge browsers, ChakraCore, Office applications, Hyper-V, Office servers and operating system components. We all have used to vulnerabilities in IE/Edge, usual privilege escalations, Office bugs. Let’s have a closer look at the most interesting and not common ones.

Remote code execution in Microsoft Outlook (CVE-2018-8244)

Microsoft has rated this vulnerability as important. Based on the initial description, if you receive a malicious email with a hidden attachment and accidently click on any link in this email, the attachment gets executed. This bug is ideal for any APT and affects all versions of Microsoft Office.

Two vulnerabilities in HTTP.sys (CVE-2018-8226, CVE-2018-8231)

The vulnerabilities allow remote code execution and remote denial of service. Very dangerous vulnerabilities for Internet facing services, especially CVE-2018-8231 that cal lead to RCE.

Remote code execution in DNSAPI (CVE-2018-8225)

A very rare and dangerous flaw in DNSAPI implementation in all versions of Microsoft Windows. This vulnerability is hard to exploit as the attacker should have the ability to directly interact with the affected system, e.g. send a malicious response to the request. The attacker can perform however a MitM attack to exploit it. Given that the vulnerability leads to remote code execution with Local System Account privileges it should be patched ASAP.

Here are some stats for this patch Tuesday:

As usual, the majority of vulnerabilities are related to buffer errors.

Most of the vulnerabilities can be exploited remotely.

32 vulnerabilities can lead to system compromise.

And here is the complete list of all patches:

Software Severity CVE/CVSS Known exploits
SB2018061235: Privilege escalation in Microsoft Windows Kernel API (1)
Windows
Windows Server
Low CVE-2018-0982
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Not available
SB2018061234: Local denial of service in Microsoft Windows (1)
Windows
Windows Server
Low CVE-2018-8205
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
Not available
SB2018061233: Information disclosure in Microsoft Windows Wireless (1)
Windows
Windows Server
Low CVE-2018-8209
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Not available
SB2018061232: Remote code execution in Microsoft Outlook (1)
Microsoft Outlook
Microsoft Office
High CVE-2018-8244
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Not available
SB2018061231: Multiple vulnerabilities in Microsoft Hyper-V (2)
Windows
Windows Server
Low CVE-2018-8218
CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
CVE-2018-8219
CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
Not available
SB2018061230: Privilege escalation in Microsoft Windows (1)
Windows
Windows Server
Low CVE-2018-8213
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Not available
SB2018061229: Privilege escalation in Microsoft Windows Desktop Bridge (2)
Windows
Windows Server
Low CVE-2018-8208
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
CVE-2018-8214
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Not available
SB2018061228: Device Guard Code Integrity Policy bypass in Microsoft Windows (8)
Windows
Windows Server
Low CVE-2018-8201
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
CVE-2018-8212
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
CVE-2018-8215
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
CVE-2018-8216
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
CVE-2018-8214
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
CVE-2018-8217
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
CVE-2018-8221
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
CVE-2018-8211
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Not available
SB2018061227: Multiple vulnerabilities in Microsoft Excel (2)
Microsoft Office
Microsoft Excel
Microsoft Office Compatibility Pack
High CVE-2018-8248
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
CVE-2018-8246
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N/E:U/RL:O/RC:C
Not available
SB2018061226: Information disclosure in Microsoft Windows GDI component (1)
Windows
Windows Server
Low CVE-2018-8239
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
Not available
SB2018061225: Remote code execution in Microsoft Publisher (1)
Microsoft Publisher High CVE-2018-8245
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Not available
SB2018061224: Denial of service in Microsoft Windows Code Integrity Module (1)
Windows
Windows Server
Medium CVE-2018-1040
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
Not available
SB2018061223: Cross-site scripting in Microsoft Office Sever (1)
Office Online Server
Microsoft Office Web Apps Server
Low CVE-2018-8247
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C
Not available
SB2018061222: Privilege escalation in HIDParser on Microsoft Windows (1)
Windows
Windows Server
Low CVE-2018-8169
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Not available
SB2018061221: Remote code execution in Microsoft Windows Media Foundation (1)
Windows
Windows Server
High CVE-2018-8251
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Not available
SB2018061220: Multiple vulnerabilities in Microsoft Windows Kernel (3)
Windows Server
Windows
Low CVE-2018-8224
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
CVE-2018-8207
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
CVE-2018-8121
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
Not available
SB2018061219: Multiple vulnerabilities in HTTP.sys implementation in Microsoft Windows (2)
Windows
Windows Server
High CVE-2018-8226
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
CVE-2018-8231
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Not available
SB2018061218: Remote code execution in Windows DNSAPI (1)
Windows
Windows Server
High CVE-2018-8225
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Not available
SB2018061217: Privilege escalation in Microsoft Windows Win32k (1)
Windows
Windows Server
Low CVE-2018-8233
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Not available
SB2018061216: Privilege escalation in NTFS implementation on Microsoft Windows (1)
Windows
Windows Server
Low CVE-2018-1036
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Not available
SB2018061215: Privilege escalation in Microsoft Windows (1)
Windows
Windows Server
Low CVE-2018-8210
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Not available
SB2018061214: Multiple vulnerabilities in Microsoft ChakraCore (3)
ChakraCore High CVE-2018-8243
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
CVE-2018-8227
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
CVE-2018-8229
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Not available
SB2018061213: Multiple vulnerabilities in Microsoft Internet Explorer (4)
Microsoft Internet Explorer High CVE-2018-8267
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
CVE-2018-8249
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
CVE-2018-0978
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
CVE-2018-8113
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C
Public exploit code for vulnerability #1 is available.
SB2018061212: Multiple vulnerabilities in Microsoft Edge (8)
Microsoft Edge High CVE-2018-8236
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
CVE-2018-8110
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
CVE-2018-8111
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
CVE-2018-8234
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
CVE-2018-0871
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
CVE-2018-8235
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C
CVE-2018-8227
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
CVE-2018-8229
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Not available
SB2018061211: Two XSS vulnerabilities in Microsoft SharePoint (2)
Microsoft SharePoint Server
Microsoft SharePoint Foundation
Microsoft Project Server
Low CVE-2018-8254
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C
CVE-2018-8252
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C
Not available
SB2018061210: Privilege escalation in Cortana in Microsoft Windows (1)
Windows
Windows Server
Low CVE-2018-8140
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Not available
SB2018061209: Denial of service when processing WEBDAV in Micorosft Windows (1)
Windows
Windows Server
Medium CVE-2018-8175
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
Not available

Back to the list

Latest Posts

Patch Tuesday: 60 vulnerabilities, 2 zero-days and good old LNK bugs

Patch Tuesday: 60 vulnerabilities, 2 zero-days and good old LNK bugs

Today Microsoft has released security fixes for 60 vulnerabilities in total. Among them 2 zero-days in Windows Shell and Internet Explorer.
15 August 2018
Microsoft patches for June 2018

Microsoft patches for June 2018

50 vulnerabilities patched, some of them are potentially wormable.
13 June 2018
VPNFilter, attacks on routers and why external scanning is essential for security

VPNFilter, attacks on routers and why external scanning is essential for security

How to protect your router from VPNFilter and other attacks.
8 June 2018
Featured vulnerabilities
Debian update for drupal7
High Patched | 20 Oct, 2018
Backdoor in Vesta Control Panel
Сritical Patched | 19 Oct, 2018
Multiple vulnerabilities in FreeRTOS
High Patched | 19 Oct, 2018
Privilege escalation in Linux Kernel
Low Patched | 19 Oct, 2018