Microsoft April 2018 Patch Tuesday
Microsoft today patched 66 different vulnerablities. In addition, Adobe patched 6 vulnerabilities in Adobe Flash.
24 of the vulnerabilities are characterized as "Critical" by Microsoft, and 42 are considered "Important"
Among all these vulnerabilities, there are a couple that stick out:
CVE-2018-1034: This one has already been made public before the patch was released. It is a XSS vulnerability in Sharepoint. XSS vulnerabilities in Sharepoint are very common and are patched pretty much every month.
CVE-2018-0956: Interesting because it affects HTTP/2. We have not yet seen many vulnerabilities in HTTP/2 implementations, but as people start deploying it more, I expect to see more vulnerabilities. HTTP.sys, the vulnerable component patched here, implements HTTP for Microsoft's web server (IIS).
CVE-2018-0986: This vulnerability in Microsoft's Malware Protection Engine was patched last week.
CVE-2018-0976: A denial of service in RDP, which is often exposed to the network.
CVE-2018-0967: Same for SNMP.
| Description | |||||
|---|---|---|---|---|---|
| CVE | Disclosed | Exploited | Exploitability (old versions) | current version | Severity |
| Microsoft Office Graphics Component Code Execution Vulnerability | |||||
| CVE-2018-1028 | No | No | More Likely | More Likely | Important |
| Active Directory Security Feature Bypass Vulnerability | |||||
| CVE-2018-0890 | No | No | - | - | Important |
| April 2018 Adobe Flash Security Update | |||||
| ADV180007 | No | No | - | - | Critical |
| Chakra Scripting Engine Memory Corruption Vulnerability | |||||
| CVE-2018-0990 | No | No | - | - | Critical |
| CVE-2018-0993 | No | No | - | - | Critical |
| CVE-2018-0994 | No | No | - | - | Critical |
| CVE-2018-0995 | No | No | - | - | Critical |
| CVE-2018-0979 | No | No | - | - | Critical |
| CVE-2018-0980 | No | No | - | - | Critical |
| CVE-2018-1019 | No | No | - | - | Critical |
| Device Guard Security Feature Bypass Vulnerability | |||||
| CVE-2018-0966 | No | No | Less Likely | Less Likely | Important |
| HTTP.sys Denial of Service Vulnerability | |||||
| CVE-2018-0956 | No | No | Unlikely | Unlikely | Important |
| Hyper-V Information Disclosure Vulnerability | |||||
| CVE-2018-0957 | No | No | - | - | Important |
| CVE-2018-0964 | No | No | - | - | Important |
| Internet Explorer Memory Corruption Vulnerability | |||||
| CVE-2018-0991 | No | No | More Likely | More Likely | Critical |
| CVE-2018-0997 | No | No | Less Likely | Less Likely | Important |
| CVE-2018-0870 | No | No | More Likely | More Likely | Critical |
| CVE-2018-1018 | No | No | More Likely | More Likely | Critical |
| CVE-2018-1020 | No | No | More Likely | More Likely | Critical |
| Microsoft Browser Memory Corruption Vulnerability | |||||
| CVE-2018-1023 | No | No | - | - | Critical |
| Microsoft DirectX Graphics Kernel Subsystem Elevation of Privilege Vulnerability | |||||
| CVE-2018-1009 | No | No | Less Likely | Less Likely | Important |
| Microsoft Edge Information Disclosure Vulnerability | |||||
| CVE-2018-0892 | No | No | - | - | Important |
| CVE-2018-0998 | No | No | - | - | Important |
| Microsoft Excel Remote Code Execution Vulnerability | |||||
| CVE-2018-0920 | No | No | More Likely | More Likely | Important |
| CVE-2018-1011 | No | No | More Likely | More Likely | Important |
| CVE-2018-1027 | No | No | More Likely | More Likely | Important |
| CVE-2018-1029 | No | No | More Likely | More Likely | Important |
| Microsoft Graphics Component Denial of Service Vulnerability | |||||
| CVE-2018-8116 | No | No | Unlikely | Unlikely | Moderate |
| Microsoft Graphics Remote Code Execution Vulnerability | |||||
| CVE-2018-1010 | No | No | More Likely | More Likely | Critical |
| CVE-2018-1012 | No | No | Less Likely | Less Likely | Critical |
| CVE-2018-1013 | No | No | More Likely | More Likely | Critical |
| CVE-2018-1015 | No | No | More Likely | More Likely | Critical |
| CVE-2018-1016 | No | No | More Likely | More Likely | Critical |
| Microsoft JET Database Engine Remote Code Execution Vulnerability | |||||
| CVE-2018-1003 | No | No | More Likely | More Likely | Important |
| Microsoft Malware Protection Engine Remote Code Execution Vulnerability | |||||
| CVE-2018-0986 | No | No | Less Likely | Less Likely | Critical |
| Microsoft Office Information Disclosure Vulnerability | |||||
| CVE-2018-0950 | No | No | More Likely | More Likely | Important |
| CVE-2018-1007 | No | No | Less Likely | Less Likely | Important |
| Microsoft Office Remote Code Execution Vulnerability | |||||
| CVE-2018-1026 | No | No | More Likely | More Likely | Important |
| CVE-2018-1030 | No | No | More Likely | More Likely | Important |
| Microsoft SharePoint Elevation of Privilege Vulnerability | |||||
| CVE-2018-1032 | No | No | Unlikely | Unlikely | Important |
| CVE-2018-1005 | No | No | Unlikely | Unlikely | Important |
| CVE-2018-1014 | No | No | Unlikely | Unlikely | Important |
| CVE-2018-1034 | Yes | No | Unlikely | Unlikely | Important |
| Microsoft Visual Studio Information Disclosure Vulnerability | |||||
| CVE-2018-1037 | No | No | Unlikely | Unlikely | Important |
| Microsoft Wireless Keyboard 850 Security Feature Bypass Vulnerability | |||||
| CVE-2018-8117 | No | No | Less Likely | Less Likely | Important |
| OpenType Font Driver Elevation of Privilege Vulnerability | |||||
| CVE-2018-1008 | No | No | More Likely | More Likely | Important |
| Scripting Engine Information Disclosure Vulnerability | |||||
| CVE-2018-0987 | No | No | More Likely | More Likely | Important |
| CVE-2018-0989 | No | No | More Likely | More Likely | Important |
| CVE-2018-1000 | No | No | More Likely | More Likely | Critical |
| CVE-2018-0981 | No | No | More Likely | More Likely | Critical |
| Scripting Engine Memory Corruption Vulnerability | |||||
| CVE-2018-0988 | No | No | More Likely | More Likely | Critical |
| CVE-2018-0996 | No | No | More Likely | More Likely | Critical |
| CVE-2018-1001 | No | No | More Likely | More Likely | Important |
| Windows Kernel Elevation of Privilege Vulnerability | |||||
| CVE-2018-0963 | No | No | Less Likely | Less Likely | Important |
| Windows Kernel Information Disclosure Vulnerability | |||||
| CVE-2018-0887 | No | No | Less Likely | Less Likely | Important |
| CVE-2018-0960 | No | No | Less Likely | Less Likely | Important |
| CVE-2018-0968 | No | No | Less Likely | Less Likely | Important |
| CVE-2018-0969 | No | No | Less Likely | Less Likely | Important |
| CVE-2018-0970 | No | No | Less Likely | Less Likely | Important |
| CVE-2018-0971 | No | No | More Likely | More Likely | Important |
| CVE-2018-0972 | No | No | Less Likely | Less Likely | Important |
| CVE-2018-0973 | No | No | More Likely | More Likely | Important |
| CVE-2018-0974 | No | No | Less Likely | Less Likely | Important |
| CVE-2018-0975 | No | No | Less Likely | Less Likely | Important |
| Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability | |||||
| CVE-2018-0976 | No | No | - | - | Important |
| Windows SNMP Service Denial of Service Vulnerability | |||||
| CVE-2018-0967 | No | No | Unlikely | Unlikely | Important |
| Windows VBScript Engine Remote Code Execution Vulnerability | |||||
| CVE-2018-1004 | No | No | More Likely | More Likely | Critical |
---
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS Technology Institute
Twitter|
Keywords:
0 comment(s)
My next class:
| Network Monitoring and Threat Detection In-Depth | Singapore | Nov 18th - Nov 23rd 2024 |
×
![modal content]()
Diary Archives
Comments