Jump to content

Microsoft September 2018 Patch Tuesday Fixes 16 Critical Vulnerabilities


zoran

Recommended Posts

Every second Tuesday of the month, Microsoft releases updates for the Windows operating systems and other programs such as Microsoft Office and Edge. These updates fix known bugs and security vulnerabilities found within Microsoft's products.

This article will cover the security updates released today as part of the September 2018 Patch Tuesday. These updates resolve 62 known vulnerabilities in Microsoft products as well as an update for Adobe Flash Player that resolves an information disclosure vulnerability.

For information about the non-security Windows updates, you can read about today's Cumulative Updates KB4457128 and KB4457142 for Windows 10 and Cumulative Updates KB4457144 & KB4457129 for Windows 7 and 8.1.

Security Update resolves ALPC Zero-day vulnerability

Included in these updates is a patch for the Task Scheduler ALPC vulnerability that was recently disclosed and later discovered to be used in malware by the PowerPool group.

While a temporary patch was created by a third-party for this vulnerability, it is always recommended that you instead use the patches that are released by Microsoft.

Critical Vulnerabilities fixed in the September 2018 Patch Tuesday updates

This Patch Tuesday fixes 17 Critical security vulnerabilities that when exploited could lead to code execution. These vulnerabilities are the most dangerous as if they are exploited could allow a remote attacker to execute commands on a vulnerable computer and essentially take full control.

 

CVE-2018-0965 - Windows Hyper-V Remote Code Execution Vulnerability: is a remote code execution vulnerability in Windows Hyper-V that would allow an attacker to craft a malicious application that could escape the guest virtual machine and execute commands on the host machine.

CVE-2018-8465 - Chakra Scripting Engine Memory Corruption Vulnerability is a vulnerability is in the Chakra scripting engine in Microsoft Edge that could allow malicious web sites to exploit the vulnerability and execute code under the security level of the logged in user. 

CVE-2018-8420 - MS XML Remote Code Execution Vulnerability is a vulnerability in the Microsoft XML Core Services that could allow an attack to perform remote code execution.

CVE-2018-8461 - Internet Explorer Memory Corruption Vulnerability is a vulnerability in Internet Explorer 11 that would allow a malicious web site to perform remote code execution.

CVE-2018-8475 - Windows Remote Code Execution Vulnerability affects all Windows versions from Windows 10 through Windows Server and could allow an attacker to create a malicious image file that would execute code when opened.

CVE-2018-8332 - Win32k Graphics Remote Code Execution Vulnerability affects all Windows versions from Windows 10 through Windows Server that could allow an attacker to create a malicious font, which when viewed could cause remote code execution.

CVE-2018-8391 - Scripting Engine Memory Corruption Vulnerability is a vulnerability is in the Chakra scripting engine in Microsoft Edge that could allow a malicious web site to perform remote code execution.

CVE-2018-8421 - .NET Framework Remote Code Execution Vulnerability is a remote code execution vulnerability in .NET Framework that could allow an attacker to execute code when a users opens a malicious document or application.

CVE-2018-8439 - Windows Hyper-V Remote Code Execution Vulnerability is a remote code execution vulnerability in Windows Hyper-V that could allow an attacker to craft a malicious application that could escape the guest virtual machine and execute commands on the host machine.

CVE-2018-8456 - Scripting Engine Memory Corruption Vulnerability allows attackers to perform remote code execution under the security context of the logged in user.

CVE-2018-8457 - Scripting Engine Memory Corruption Vulnerability allows attackers to perform remote code execution under the security context of the logged in user.

CVE-2018-8459 - Scripting Engine Memory Corruption Vulnerability allows attackers to perform remote code execution under the security context of the logged in user.

CVE-2018-8464 - Microsoft Edge PDF Remote Code Execution Vulnerability is a vulnerability in Microsoft Edge that could allow a malicious PDF to execute code on the vulnerable machine.

CVE-2018-8465 - Chakra Scripting Engine Memory Corruption Vulnerability is a vulnerability is in the Chakra scripting engine in Microsoft Edge that could allow a malicious web site to perform remote code execution.

CVE-2018-8466 - Chakra Scripting Engine Memory Corruption Vulnerability is a vulnerability is in the Chakra scripting engine in Microsoft Edge that could allow a malicious web site to perform remote code execution.

CVE-2018-8467 - Chakra Scripting Engine Memory Corruption Vulnerability is a vulnerability is in the Chakra scripting engine in Microsoft Edge that could allow a malicious web site to perform remote code execution.

The September 2018 Patch Tuesday Security Updates

Below is the full list of vulnerabilities resolved by the September 2018 Patch Tuesday updates.  To access the full description of each vulnerability and the systems that it affects, you can view the full report here.

 

   
   
Tag CVE ID CVE Title
.NET Core CVE-2018-8409 System.IO.Pipelines Denial of Service
.NET Framework CVE-2018-8421 .NET Framework Remote Code Execution Vulnerability
Adobe Flash Player ADV180023 September 2018 Adobe Flash Security Update
Azure CVE-2018-8479 Azure IoT SDK Spoofing Vulnerability
Device Guard CVE-2018-8449 Device Guard Security Feature Bypass Vulnerability
Internet Explorer CVE-2018-8470 Internet Explorer Security Feature Bypass Vulnerability
Internet Explorer CVE-2018-8447 Internet Explorer Memory Corruption Vulnerability
Internet Explorer CVE-2018-8461 Internet Explorer Memory Corruption Vulnerability
Microsoft Edge CVE-2018-8366 Microsoft Edge Information Disclosure Vulnerability
Microsoft Edge CVE-2018-8469 Microsoft Edge Elevation of Privilege Vulnerability
Microsoft Edge CVE-2018-8463 Microsoft Edge Elevation of Privilege Vulnerability
Microsoft Edge CVE-2018-8425 Microsoft Edge Spoofing Vulnerability
Microsoft Edge CVE-2018-8464 Microsoft Edge PDF Remote Code Execution Vulnerability
Microsoft Graphics Component CVE-2018-8332 Win32k Graphics Remote Code Execution Vulnerability
Microsoft Graphics Component CVE-2018-8475 Windows Remote Code Execution Vulnerability
Microsoft Graphics Component CVE-2018-8462 DirectX Graphics Kernel Elevation of Privilege Vulnerability
Microsoft Graphics Component CVE-2018-8424 Windows GDI Information Disclosure Vulnerability
Microsoft Graphics Component CVE-2018-8433 Microsoft Graphics Component Information Disclosure Vulnerability
Microsoft Identity Services CVE-2018-8269 OData Denial of Service Vulnerability
Microsoft JET Database Engine CVE-2018-8392 Microsoft JET Database Engine Remote Code Execution Vulnerability
Microsoft JET Database Engine CVE-2018-8393 Microsoft JET Database Engine Remote Code Execution Vulnerability
Microsoft Office CVE-2018-8428 Microsoft SharePoint Elevation of Privilege Vulnerability
Microsoft Office CVE-2018-8426 Microsoft Office SharePoint XSS Vulnerability
Microsoft Office CVE-2018-8429 Microsoft Excel Information Disclosure Vulnerability
Microsoft Office CVE-2018-8431 Microsoft SharePoint Elevation of Privilege Vulnerability
Microsoft Office CVE-2018-8430 Word PDF Remote Code Execution Vulnerability
Microsoft Office CVE-2018-8474 Lync for Mac 2011 Security Feature Bypass Vulnerability
Microsoft Office CVE-2018-8331 Microsoft Excel Remote Code Execution Vulnerability
Microsoft Scripting Engine CVE-2018-8457 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8459 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8465 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8456 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8367 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8391 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8452 Scripting Engine Information Disclosure Vulnerability
Microsoft Scripting Engine CVE-2018-8315 Microsoft Scripting Engine Information Disclosure Vulnerability
Microsoft Scripting Engine CVE-2018-8354 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8466 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8467 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Windows CVE-2018-8438 Windows Hyper-V Denial of Service Vulnerability
Microsoft Windows CVE-2018-8271 Windows Information Disclosure Vulnerability
Microsoft Windows ADV180022 Windows Denial of Service Vulnerability
Microsoft Windows CVE-2018-8440 Windows ALPC Elevation of Privilege Vulnerability
Microsoft Windows CVE-2018-8410 Windows Registry Elevation of Privilege Vulnerability
Microsoft XML Core Services CVE-2018-8420 MS XML Remote Code Execution Vulnerability
Windows Hyper-V CVE-2018-0965 Windows Hyper-V Remote Code Execution Vulnerability
Windows Hyper-V CVE-2018-8435 Windows Hyper-V Security Feature Bypass Vulnerability
Windows Hyper-V CVE-2018-8436 Windows Hyper-V Denial of Service Vulnerability
Windows Hyper-V CVE-2018-8439 Windows Hyper-V Remote Code Execution Vulnerability
Windows Hyper-V CVE-2018-8437 Windows Hyper-V Denial of Service Vulnerability
Windows Hyper-V CVE-2018-8434 Windows Hyper-V Information Disclosure Vulnerability
Windows Kernel CVE-2018-8336 Windows Kernel Information Disclosure Vulnerability
Windows Kernel CVE-2018-8446 Windows Kernel Information Disclosure Vulnerability
Windows Kernel CVE-2018-8443 Windows Kernel Information Disclosure Vulnerability
Windows Kernel CVE-2018-8445 Windows Kernel Information Disclosure Vulnerability
Windows Kernel CVE-2018-8455 Windows Kernel Elevation of Privilege Vulnerability
Windows Kernel CVE-2018-8442 Windows Kernel Information Disclosure Vulnerability
Windows Media CVE-2018-8419 Windows Kernel Information Disclosure Vulnerability
Windows Shell CVE-2018-8468 Windows Elevation of Privilege Vulnerability
Windows SMB Server CVE-2018-8444 Windows SMB Information Disclosure Vulnerability
Windows SMB Server CVE-2018-8335 Windows SMB Denial of Service Vulnerability
Windows Subsystem for Linux CVE-2018-8441 Windows Subsystem for Linux Elevation of Privilege Vulnerability
Windows Subsystem for Linux CVE-2018-8337 Windows Subsystem for Linux Security Feature Bypass Vulnerability

Update 9/12/18: Microsoft misclassified the Adobe Flash Player as Critical and has been changed to Important. Article and title updated.

     
  source  
     
 
   
 
Link to comment
Share on other sites


  • Views 445
  • Created
  • Last Reply

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...