This month Microsoft fixed 50 vulnerabilities in IE/Edge browsers, ChakraCore, Office applications, Hyper-V, Office servers and operating system components. We all have used to vulnerabilities in IE/Edge, usual privilege escalations, Office bugs. Let’s have a closer look at the most interesting and not common ones.
Remote code execution in Microsoft Outlook (CVE-2018-8244)
Microsoft has rated this vulnerability as important. Based on the initial description, if you receive a malicious email with a hidden attachment and accidently click on any link in this email, the attachment gets executed. This bug is ideal for any APT and affects all versions of Microsoft Office.
Two vulnerabilities in HTTP.sys (CVE-2018-8226, CVE-2018-8231)
The vulnerabilities allow remote code execution and remote denial of service. Very dangerous vulnerabilities for Internet facing services, especially CVE-2018-8231 that cal lead to RCE.
Remote code execution in DNSAPI (CVE-2018-8225)
A very rare and dangerous flaw in DNSAPI implementation in all versions of Microsoft Windows. This vulnerability is hard to exploit as the attacker should have the ability to directly interact with the affected system, e.g. send a malicious response to the request. The attacker can perform however a MitM attack to exploit it. Given that the vulnerability leads to remote code execution with Local System Account privileges it should be patched ASAP.
Here are some stats for this patch Tuesday:
As usual, the majority of vulnerabilities are related to buffer errors.
Most of the vulnerabilities can be exploited remotely.
32 vulnerabilities can lead to system compromise.
And here is the complete list of all patches:
Software | Severity | CVE/CVSS | Known exploits |
SB2018061235: Privilege escalation in Microsoft Windows Kernel API (1) | |||
Windows Windows Server |
Low |
CVE-2018-0982 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
Not available |
SB2018061234: Local denial of service in Microsoft Windows (1) | |||
Windows Windows Server |
Low |
CVE-2018-8205 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C |
Not available |
SB2018061233: Information disclosure in Microsoft Windows Wireless (1) | |||
Windows Windows Server |
Low |
CVE-2018-8209 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
Not available |
SB2018061232: Remote code execution in Microsoft Outlook (1) | |||
Microsoft Outlook Microsoft Office |
High |
CVE-2018-8244 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
Not available |
SB2018061231: Multiple vulnerabilities in Microsoft Hyper-V (2) | |||
Windows Windows Server |
Low |
CVE-2018-8218 CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C CVE-2018-8219 CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C |
Not available |
SB2018061230: Privilege escalation in Microsoft Windows (1) | |||
Windows Windows Server |
Low |
CVE-2018-8213 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
Not available |
SB2018061229: Privilege escalation in Microsoft Windows Desktop Bridge (2) | |||
Windows Windows Server |
Low |
CVE-2018-8208 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C CVE-2018-8214 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
Not available |
SB2018061228: Device Guard Code Integrity Policy bypass in Microsoft Windows (8) | |||
Windows Windows Server |
Low |
CVE-2018-8201 CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C CVE-2018-8212 CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C CVE-2018-8215 CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C CVE-2018-8216 CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C CVE-2018-8214 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C CVE-2018-8217 CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C CVE-2018-8221 CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C CVE-2018-8211 CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
Not available |
SB2018061227: Multiple vulnerabilities in Microsoft Excel (2) | |||
Microsoft Office Microsoft Excel Microsoft Office Compatibility Pack |
High |
CVE-2018-8248 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C CVE-2018-8246 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N/E:U/RL:O/RC:C |
Not available |
SB2018061226: Information disclosure in Microsoft Windows GDI component (1) | |||
Windows Windows Server |
Low |
CVE-2018-8239 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C |
Not available |
SB2018061225: Remote code execution in Microsoft Publisher (1) | |||
Microsoft Publisher | High |
CVE-2018-8245 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
Not available |
SB2018061224: Denial of service in Microsoft Windows Code Integrity Module (1) | |||
Windows Windows Server |
Medium |
CVE-2018-1040 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C |
Not available |
SB2018061223: Cross-site scripting in Microsoft Office Sever (1) | |||
Office Online Server Microsoft Office Web Apps Server |
Low |
CVE-2018-8247 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C |
Not available |
SB2018061222: Privilege escalation in HIDParser on Microsoft Windows (1) | |||
Windows Windows Server |
Low |
CVE-2018-8169 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
Not available |
SB2018061221: Remote code execution in Microsoft Windows Media Foundation (1) | |||
Windows Windows Server |
High |
CVE-2018-8251 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
Not available |
SB2018061220: Multiple vulnerabilities in Microsoft Windows Kernel (3) | |||
Windows Server Windows |
Low |
CVE-2018-8224 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C CVE-2018-8207 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C CVE-2018-8121 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C |
Not available |
SB2018061219: Multiple vulnerabilities in HTTP.sys implementation in Microsoft Windows (2) | |||
Windows Windows Server |
High |
CVE-2018-8226 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C CVE-2018-8231 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
Not available |
SB2018061218: Remote code execution in Windows DNSAPI (1) | |||
Windows Windows Server |
High |
CVE-2018-8225 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
Not available |
SB2018061217: Privilege escalation in Microsoft Windows Win32k (1) | |||
Windows Windows Server |
Low |
CVE-2018-8233 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
Not available |
SB2018061216: Privilege escalation in NTFS implementation on Microsoft Windows (1) | |||
Windows Windows Server |
Low |
CVE-2018-1036 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
Not available |
SB2018061215: Privilege escalation in Microsoft Windows (1) | |||
Windows Windows Server |
Low |
CVE-2018-8210 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
Not available |
SB2018061214: Multiple vulnerabilities in Microsoft ChakraCore (3) | |||
ChakraCore | High |
CVE-2018-8243 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C CVE-2018-8227 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C CVE-2018-8229 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
Not available |
SB2018061213: Multiple vulnerabilities in Microsoft Internet Explorer (4) | |||
Microsoft Internet Explorer | High |
CVE-2018-8267 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C CVE-2018-8249 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C CVE-2018-0978 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C CVE-2018-8113 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C |
Public exploit code for vulnerability #1 is available. |
SB2018061212: Multiple vulnerabilities in Microsoft Edge (8) | |||
Microsoft Edge | High |
CVE-2018-8236 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C CVE-2018-8110 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C CVE-2018-8111 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C CVE-2018-8234 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C CVE-2018-0871 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C CVE-2018-8235 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C CVE-2018-8227 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C CVE-2018-8229 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
Not available |
SB2018061211: Two XSS vulnerabilities in Microsoft SharePoint (2) | |||
Microsoft SharePoint Server Microsoft SharePoint Foundation Microsoft Project Server |
Low |
CVE-2018-8254 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C CVE-2018-8252 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C |
Not available |
SB2018061210: Privilege escalation in Cortana in Microsoft Windows (1) | |||
Windows Windows Server |
Low |
CVE-2018-8140 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
Not available |
SB2018061209: Denial of service when processing WEBDAV in Micorosft Windows (1) | |||
Windows Windows Server |
Medium |
CVE-2018-8175 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C |
Not available |