November 2018 Microsoft Patch Tuesday
This month, Microsoft patches two issues that have already been disclosed publically. One is related to BitLocker trusting SSDs with faulty encryption. If an SSD offers its own hardware-based encryption, BitLocker will not add its own software encryption on top of it, to save CPU cycles. But last month, it became known that SSD hardware encryption is often implemented badly and can easily be bypassed. As a result, Microsoft releases a patch and also an advisory with details regarding Bitlocker's behavior and how to override it.
The second publicly disclosed vulnerability is the ALPC elevation of privilege issue that was disclosed by SandboxEscaper via Twitter. ScandboxEscaper disclosed a very similar issue a couple months ago. Microsoft patched the issue, but apparently not completely.
Finally, these updates address a Win32k elevation of privilege vulnerability (cve:2018-8589) which has been exploited in the wild.
For a more detailed breakdown, see Renato's dashboard:
Description | |||||||
---|---|---|---|---|---|---|---|
CVE | Disclosed | Exploited | Exploitability (old versions) | current version | Severity | CVSS Base (AVG) | CVSS Temporal (AVG) |
.NET Core Tampering Vulnerability | |||||||
CVE-2018-8416 | No | No | Less Likely | Less Likely | Moderate | ||
Active Directory Federation Services XSS Vulnerability | |||||||
CVE-2018-8547 | No | No | Less Likely | Less Likely | Important | 6.5 | 5.9 |
Azure App Service Cross-site Scripting Vulnerability | |||||||
CVE-2018-8600 | No | No | - | - | Important | ||
BitLocker Security Feature Bypass Vulnerability | |||||||
CVE-2018-8566 | Yes | No | Less Likely | Less Likely | Important | 4.6 | 4.6 |
Chakra Scripting Engine Memory Corruption Vulnerability | |||||||
CVE-2018-8588 | No | No | - | - | Critical | 4.2 | 3.8 |
CVE-2018-8541 | No | No | - | - | Critical | 4.2 | 3.8 |
CVE-2018-8542 | No | No | - | - | Critical | 4.2 | 3.8 |
CVE-2018-8543 | No | No | - | - | Critical | 4.2 | 3.8 |
CVE-2018-8551 | No | No | - | - | Critical | 4.2 | 3.8 |
CVE-2018-8555 | No | No | - | - | Critical | 4.2 | 3.8 |
CVE-2018-8556 | No | No | - | - | Critical | 4.2 | 3.8 |
CVE-2018-8557 | No | No | - | - | Critical | 4.2 | 3.8 |
DirectX Elevation of Privilege Vulnerability | |||||||
CVE-2018-8485 | No | No | Less Likely | Less Likely | Important | 7.0 | 6.3 |
CVE-2018-8554 | No | No | More Likely | More Likely | Important | 7.0 | 6.3 |
CVE-2018-8561 | No | No | Less Likely | Less Likely | Important | 7.0 | 6.3 |
DirectX Information Disclosure Vulnerability | |||||||
CVE-2018-8563 | No | No | - | - | Important | 4.7 | 4.2 |
Guidance for configuring BitLocker to enforce software encryption | |||||||
ADV180028 | Yes | No | - | - | |||
Internet Explorer Memory Corruption Vulnerability | |||||||
CVE-2018-8570 | No | No | - | - | Important | 6.4 | 5.8 |
Latest Servicing Stack Updates | |||||||
ADV990001 | No | No | - | - | |||
MSRPC Information Disclosure Vulnerability | |||||||
CVE-2018-8407 | No | No | Less Likely | Less Likely | Important | 3.3 | 3.3 |
Microsoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability | |||||||
CVE-2018-8605 | No | No | - | - | Important | ||
CVE-2018-8606 | No | No | - | - | Important | ||
CVE-2018-8607 | No | No | - | - | Important | ||
CVE-2018-8608 | No | No | - | - | Important | ||
Microsoft Dynamics 365 (on-premises) version 8 Remote Code Execution Vulnerability | |||||||
CVE-2018-8609 | No | No | - | - | Critical | ||
Microsoft Edge Elevation of Privilege Vulnerability | |||||||
CVE-2018-8567 | No | No | - | - | Important | 5.4 | 4.9 |
Microsoft Edge Information Disclosure Vulnerability | |||||||
CVE-2018-8545 | No | No | - | - | Important | 4.3 | 3.9 |
Microsoft Edge Spoofing Vulnerability | |||||||
CVE-2018-8564 | No | No | - | - | Important | 4.3 | 3.9 |
Microsoft Excel Remote Code Execution Vulnerability | |||||||
CVE-2018-8574 | No | No | More Likely | More Likely | Important | ||
CVE-2018-8577 | No | No | More Likely | More Likely | Important | ||
Microsoft Exchange Server Elevation of Privilege Vulnerability | |||||||
CVE-2018-8581 | No | No | Less Likely | Less Likely | Important | ||
Microsoft Graphics Components Remote Code Execution Vulnerability | |||||||
CVE-2018-8553 | No | No | - | - | Critical | 7.4 | 6.7 |
Microsoft JScript Security Feature Bypass Vulnerability | |||||||
CVE-2018-8417 | No | No | More Likely | More Likely | Important | 4.5 | 4.5 |
Microsoft Outlook Information Disclosure Vulnerability | |||||||
CVE-2018-8558 | No | No | Less Likely | Less Likely | Important | ||
CVE-2018-8579 | No | No | Less Likely | Less Likely | Important | ||
Microsoft Outlook Remote Code Execution Vulnerability | |||||||
CVE-2018-8522 | No | No | More Likely | More Likely | Important | ||
CVE-2018-8576 | No | No | More Likely | More Likely | Important | ||
CVE-2018-8524 | No | No | Less Likely | Less Likely | Important | ||
CVE-2018-8582 | No | No | More Likely | More Likely | Important | ||
Microsoft PowerShell Remote Code Execution Vulnerability | |||||||
CVE-2018-8256 | No | No | Less Likely | Less Likely | Important | 6.3 | 6.3 |
Microsoft PowerShell Tampering Vulnerability | |||||||
CVE-2018-8415 | No | No | Less Likely | Less Likely | Important | 3.3 | 3.3 |
Microsoft Project Remote Code Execution Vulnerability | |||||||
CVE-2018-8575 | No | No | Less Likely | Less Likely | Important | ||
Microsoft RemoteFX Virtual GPU miniport driver Elevation of Privilege Vulnerability | |||||||
CVE-2018-8471 | No | No | Less Likely | Less Likely | Important | 7.0 | 7.0 |
Microsoft SharePoint Elevation of Privilege Vulnerability | |||||||
CVE-2018-8572 | No | No | Less Likely | Less Likely | Important | ||
CVE-2018-8568 | No | No | Less Likely | Less Likely | Important | ||
Microsoft SharePoint Information Disclosure Vulnerability | |||||||
CVE-2018-8578 | No | No | - | - | Important | ||
Microsoft Skype for Business Denial of Service Vulnerability | |||||||
CVE-2018-8546 | No | No | Unlikely | Unlikely | Low | ||
Microsoft Word Remote Code Execution Vulnerability | |||||||
CVE-2018-8539 | No | No | - | - | Important | ||
CVE-2018-8573 | No | No | More Likely | More Likely | Important | ||
November 2018 Adobe Flash Security Update | |||||||
ADV180025 | No | No | - | - | Important | ||
Team Foundation Server Cross-site Scripting Vulnerability | |||||||
CVE-2018-8602 | No | No | - | - | Important | ||
Win32k Elevation of Privilege Vulnerability | |||||||
CVE-2018-8562 | No | No | More Likely | More Likely | Important | 7.0 | 6.3 |
Win32k Information Disclosure Vulnerability | |||||||
CVE-2018-8565 | No | No | - | - | Important | 4.7 | 4.2 |
Windows ALPC Elevation of Privilege Vulnerability | |||||||
CVE-2018-8584 | Yes | No | More Likely | More Likely | Important | 7.8 | 7.5 |
Windows Audio Service Information Disclosure Vulnerability | |||||||
CVE-2018-8454 | No | No | Less Likely | Less Likely | Important | 2.5 | 2.5 |
Windows COM Elevation of Privilege Vulnerability | |||||||
CVE-2018-8550 | No | No | Less Likely | Less Likely | Important | 7.0 | 6.3 |
Windows Deployment Services TFTP Server Remote Code Execution Vulnerability | |||||||
CVE-2018-8476 | No | No | More Likely | More Likely | Critical | 8.1 | 8.1 |
Windows Elevation Of Privilege Vulnerability | |||||||
CVE-2018-8592 | No | No | Less Likely | Less Likely | Important | 6.4 | 6.1 |
Windows Kernel Information Disclosure Vulnerability | |||||||
CVE-2018-8408 | No | No | More Likely | More Likely | Important | 3.3 | 3.3 |
Windows Scripting Engine Memory Corruption Vulnerability | |||||||
CVE-2018-8552 | No | No | More Likely | More Likely | Important | 2.4 | 2.2 |
Windows Search Remote Code Execution Vulnerability | |||||||
CVE-2018-8450 | No | No | More Likely | More Likely | Important | 7.5 | 6.7 |
Windows Security Feature Bypass Vulnerability | |||||||
CVE-2018-8549 | No | No | Less Likely | Less Likely | Important | 5.5 | 5.0 |
Windows VBScript Engine Remote Code Execution Vulnerability | |||||||
CVE-2018-8544 | No | No | More Likely | More Likely | Critical | 6.4 | 5.8 |
Windows Win32k Elevation of Privilege Vulnerability | |||||||
CVE-2018-8589 | No | Yes | Detected | More Likely | Important | 7.8 | 7.5 |
---
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS Technology Institute
Twitter|
Comments