Blogs & Stories

SpiderLabs Blog

Attracting more than a half-million annual readers – is the security community’s go-to destination for technical breakdowns of the latest threats, critical vulnerability disclosures and cutting-edge research.

Microsoft Patch Tuesday, November 2018

The second to last Patch Tuesday of 2018 is here with patches for 55 CVEs. This includes 11 rated "Critical", 42 rated "Important" and one each rated "Moderate" and "Low". The release also contains three advisories including the standard patch rollup for Adobe Flash, an advisory rated "Important" covering an elevation of privilege vulnerability in Microsoft Surface devices and a final, unrated advisory to provide guidance for configuring BitLocker for file encryption.

Our old friend the Microsoft Scripting Engine is back with Remote Code Execution (RCE) vulnerabilities taking up the majority of the "Critical" CVE list, but also pay attention to CVE-2018-8476 which is a RCE vulnerability in the Windows TFTP server. Among the CVEs rated as "Important" are RCE vulnerabilities that affect client side software like Excel, Word, Project, Powershell and Outlook. Microsoft Exchange Server and Microsoft SharePoint are also on the list with Elevation of Privilege so make sure these servers get patched, especially if they're public facing.

Here in the US, November is a time to give thanks, so let's be thankful for patches that plug security holes.

Critical

Chakra Scripting Engine Memory Corruption Vulnerability
CVE-2018-8541, CVE-2018-8542, CVE-2018-8543, CVE-2018-8551, CVE-2018-8555, CVE-2018-8556, CVE-2018-8557, CVE-2018-8588
Remote Code Execution

Microsoft Graphics Components Remote Code Execution Vulnerability
CVE-2018-8553
Remote Code Execution

Windows Deployment Services TFTP Server Remote Code Execution Vulnerability
CVE-2018-8476
Remote Code Execution

Windows VBScript Engine Remote Code Execution Vulnerability
CVE-2018-8544
Remote Code Execution

November 2018 Adobe Flash Security Update
ADV180025
Remote Code Execution

Important

Active Directory Federation Services XSS Vulnerability
CVE-2018-8547
Spoofing

Azure App Service Cross-site Scripting Vulnerability
CVE-2018-8600
Spoofing

BitLocker Security Feature Bypass Vulnerability
CVE-2018-8566
Security Feature Bypass

DirectX Elevation of Privilege Vulnerability
CVE-2018-8485, CVE-2018-8554, CVE-2018-8561
Elevation of Privilege

DirectX Information Disclosure Vulnerability
CVE-2018-8563
Information Disclosure

Internet Explorer Memory Corruption Vulnerability
CVE-2018-8570
Remote Code Execution

Microsoft Edge Elevation of Privilege Vulnerability
CVE-2018-8567
Elevation of Privilege

Microsoft Edge Information Disclosure Vulnerability
CVE-2018-8545
Information Disclosure

Microsoft Edge Spoofing Vulnerability
CVE-2018-8564
Spoofing

Microsoft Excel Remote Code Execution Vulnerability
CVE-2018-8574, CVE-2018-8577
Remote Code Execution

Microsoft Exchange Server Elevation of Privilege Vulnerability
CVE-2018-8581
Elevation of Privilege

Microsoft JScript Security Feature Bypass Vulnerability
CVE-2018-8417
Security Feature Bypass

Microsoft Outlook Information Disclosure Vulnerability
CVE-2018-8558, CVE-2018-8579
Information Disclosure

Microsoft Outlook Remote Code Execution Vulnerability
CVE-2018-8522, CVE-2018-8524, CVE-2018-8576, CVE-2018-8582
Remote Code Execution

Microsoft PowerShell Remote Code Execution Vulnerability
CVE-2018-8256
Remote Code Execution

Microsoft Powershell Tampering Vulnerability
CVE-2018-8415
Tampering

Microsoft Project Remote Code Execution Vulnerability
CVE-2018-8575
Remote Code Execution

Microsoft RemoteFX Virtual GPU miniport driver Elevation of Privilege Vulnerability
CVE-2018-8471
Elevation of Privilege

Microsoft SharePoint Elevation of Privilege Vulnerability
CVE-2018-8568, CVE-2018-8572
Elevation of Privilege

Microsoft SharePoint Information Disclosure Vulnerability
CVE-2018-8578
Information Disclosure

Microsoft Word Remote Code Execution Vulnerability
CVE-2018-8539, CVE-2018-8573
Remote Code Execution

MSRPC Information Disclosure Vulnerability
CVE-2018-8407
Information Disclosure

Win32k Elevation of Privilege Vulnerability
CVE-2018-8562
Elevation of Privilege

Win32k Information Disclosure Vulnerability
CVE-2018-8565
Information Disclosure

Windows ALPC Elevation of Privilege Vulnerability
CVE-2018-8584
Elevation of Privilege

Windows Audio Service Information Disclosure Vulnerability
CVE-2018-8454
Information Disclosure

Windows COM Elevation of Privilege Vulnerability
CVE-2018-8550
Elevation of Privilege

Windows Elevation Of Privilege Vulnerability
CVE-2018-8592
Elevation of Privilege

Windows Kernel Information Disclosure Vulnerability
CVE-2018-8408
Information Disclosure

Windows Scripting Engine Memory Corruption Vulnerability
CVE-2018-8552
Information Disclosure

Windows Search Remote Code Execution Vulnerability
CVE-2018-8450
Remote Code Execution

Windows Security Feature Bypass Vulnerability
CVE-2018-8549
Security Feature Bypass

Windows Win32k Elevation of Privilege Vulnerability
CVE-2018-8589
Elevation of Privilege

Microsoft Surface Devices Elevation of Privilege Vulnerability
ADV180027
Security Feature Bypass

Moderate

.NET Core Tampering Vulnerability
CVE-2018-8416
Tampering

Low

Microsoft Skype for Business Denial of Service Vulnerability
CVE-2018-8546
Denial of Service

Not Rated

Guidance for configuring BitLocker to enforce software encryption
ADV180028

Recent SpiderLabs Blog Posts