Tuesday, July 10, 2018

Microsoft Patch Tuesday - July 2018

Microsoft released its monthly set of security advisories today for vulnerabilities that have been identified and addressed in various products. This month's release addresses 53 new vulnerabilities, 17 of which are rated critical, 34 are rated important, one is rated moderate, and one is rated as low severity. These vulnerabilities impact Windows Operating System, Edge, Internet Explorer and more.

In addition to the 53 vulnerabilities referenced above, Microsoft has also released a critical update advisory, ADV180017, which addresses the vulnerabilities described in the Adobe security bulletin APSB18-24.

Critical vulnerabilities


This month, Microsoft is addressing 17 vulnerabilities that are rated as critical:


CVE-2018-8242 - Scripting Engine Memory Corruption Vulnerability
CVE-2018-8262 - Microsoft Edge Memory Corruption Vulnerability
CVE-2018-8274 - Microsoft Edge Memory Corruption Vulnerability
CVE-2018-8275 - Scripting Engine Memory Corruption Vulnerability
CVE-2018-8279 - Scripting Engine Memory Corruption Vulnerability
CVE-2018-8280 - Chakra Scripting Engine Memory Corruption Vulnerability
CVE-2018-8283 - Scripting Engine Memory Corruption Vulnerability
CVE-2018-8286 - Chakra Scripting Engine Memory Corruption Vulnerability
CVE-2018-8288 - Scripting Engine Memory Corruption Vulnerability
CVE-2018-8290 - Chakra Scripting Engine Memory Corruption Vulnerability
CVE-2018-8291 - Scripting Engine Memory Corruption Vulnerability
CVE-2018-8294 - Chakra Scripting Engine Memory Corruption Vulnerability
CVE-2018-8296 - Scripting Engine Memory Corruption Vulnerability
CVE-2018-8298 - Chakra Scripting Engine Memory Corruption Vulnerability
CVE-2018-8301 - Microsoft Edge Memory Corruption Vulnerability
CVE-2018-8324 - Microsoft Edge Information Disclosure Vulnerability
CVE-2018-8327 - PowerShell Editor Services Remote Code Execution Vulnerability

Important vulnerabilities


This month, Microsoft is addressing 34 vulnerabilities that are rated as important.


CVE-2018-0949 - Internet Explorer Security Feature Bypass Vulnerability
CVE-2018-8125 - Chakra Scripting Engine Memory Corruption Vulnerability
CVE-2018-8171 - ASP.NET Core Security Feature Bypass Vulnerability
CVE-2018-8172 - Visual Studio Remote Code Execution Vulnerability
CVE-2018-8202 - .NET Framework Elevation of Privilege Vulnerability
CVE-2018-8206 - Windows FTP Server Denial of Service Vulnerability
CVE-2018-8222 - Device Guard Code Integrity Policy Security Feature Bypass Vulnerability
CVE-2018-8238 - Skype for Business and Lync Security Feature Bypass Vulnerability
CVE-2018-8260 - .NET Framework Remote Code Execution Vulnerability
CVE-2018-8276 - Scripting Engine Security Feature Bypass Vulnerability
CVE-2018-8278 - Microsoft Edge Spoofing Vulnerability
CVE-2018-8281 - Microsoft Office Remote Code Execution Vulnerability
CVE-2018-8282 - Win32k Elevation of Privilege Vulnerability
CVE-2018-8284 - .NET Framework Remote Code Injection Vulnerability
CVE-2018-8287 - Scripting Engine Memory Corruption Vulnerability
CVE-2018-8289 - Microsoft Edge Information Disclosure Vulnerability
CVE-2018-8297 - Microsoft Edge Information Disclosure Vulnerability
CVE-2018-8299 - Microsoft SharePoint Elevation of Privilege Vulnerability
CVE-2018-8300 - Microsoft SharePoint Remote Code Execution Vulnerability
CVE-2018-8304 - Windows DNSAPI Denial of Service Vulnerability
CVE-2018-8305 - Windows Mail Client Information Disclosure Vulnerability
CVE-2018-8306 - Microsoft Wireless Display Adapter Command Injection Vulnerability
CVE-2018-8307 - WordPad Security Feature Bypass Vulnerability
CVE-2018-8308 - Windows Kernel Elevation of Privilege Vulnerability
CVE-2018-8309 - Windows Denial of Service Vulnerability
CVE-2018-8311 - Remote Code Execution Vulnerability in Skype For Business and Lync
CVE-2018-8312 - Microsoft Access Remote Code Execution Use After Free Vulnerability
CVE-2018-8313 - Windows Elevation of Privilege Vulnerability
CVE-2018-8314 - Windows Elevation of Privilege Vulnerability
CVE-2018-8319 - MSR JavaScript Cryptography Library Security Feature Bypass Vulnerability
CVE-2018-8323 - Microsoft SharePoint Elevation of Privilege Vulnerability
CVE-2018-8325 - Microsoft Edge Information Disclosure Vulnerability
CVE-2018-8326 - Open Source Customization for Active Directory Federation Services XSS Vulnerability
CVE-2018-8356 - .NET Framework Security Feature Bypass Vulnerability

Coverage



In response to these vulnerability disclosures, Talos is releasing the following Snort rules that detect attempts to exploit them. Please note that additional rules may be released at a future date and current rules are subject to change pending additional information. Firepower customers should use the latest update to their ruleset by updating their SRU. Open Source Snort Subscriber Rule Set customers can stay up-to-date by downloading the latest rule pack available for purchase on Snort.org.

Snort Rules:

47111-47112
47109-47110
47102-47103
47091-47092
47113-47114
47107-47108
47100-47101
47098-47099
47096-47097

No comments:

Post a Comment