Microsoft Patch Tuesday - April 2018

Microsoft Patch Tuesday - April 2018


Today, Microsoft has released its monthly set of security advisories for vulnerabilities that have been identified and addressed in various products. This month's advisory release addresses 65 new vulnerabilities and one advisory, with 25 of them rated critical, 39 of them rated important and one of them rated moderate. These vulnerabilities impact Microsoft Windows, Internet Explorer, Microsoft Edge, Microsoft Office, Windows kernel, Windows Hyper-V, Microsoft Scripting Engine and more.

In addition, an update for Adobe Flash Player was released.



Critical Vulnerabilities


This month, Microsoft is addressing 25 vulnerabilities that are rated "critical".

The vulnerabilities rated as "critical" are listed below:

CVE-2018-0870 - Internet Explorer Memory Corruption Vulnerability
CVE-2018-0959 - Hyper-V Remote Code Execution Vulnerability
CVE-2018-0979 - Chakra Scripting Engine Memory Corruption Vulnerability
CVE-2018-0980 - Chakra Scripting Engine Memory Corruption Vulnerability
CVE-2018-0981 - Scripting Engine Information Disclosure Vulnerability
CVE-2018-0986 - Microsoft Malware Protection Engine Remote Code Execution Vulnerability
CVE-2018-0988 - Scripting Engine Memory Corruption Vulnerability
CVE-2018-0990 - Chakra Scripting Engine Memory Corruption Vulnerability
CVE-2018-0991 - Internet Explorer Memory Corruption Vulnerability
CVE-2018-0993 - Chakra Scripting Engine Memory Corruption Vulnerability
CVE-2018-0994 - Chakra Scripting Engine Memory Corruption Vulnerability
CVE-2018-0995 - Chakra Scripting Engine Memory Corruption Vulnerability
CVE-2018-0996 - Scripting Engine Memory Corruption Vulnerability
CVE-2018-1000 - Scripting Engine Information Disclosure Vulnerability
CVE-2018-1004 - Windows VBScript Engine Remote Code Execution Vulnerability
CVE-2018-1010 - Microsoft Graphics Remote Code Execution Vulnerability
CVE-2018-1012 - Microsoft Graphics Remote Code Execution Vulnerability
CVE-2018-1013 - Microsoft Graphics Remote Code Execution Vulnerability
CVE-2018-1015 - Microsoft Graphics Remote Code Execution Vulnerability
CVE-2018-1016 - Microsoft Graphics Remote Code Execution Vulnerability
CVE-2018-1018 - Internet Explorer Memory Corruption Vulnerability
CVE-2018-1019 - Chakra Scripting Engine Memory Corruption Vulnerability
CVE-2018-1020 - Internet Explorer Memory Corruption Vulnerability
CVE-2018-1023 - Microsoft Browser Memory Corruption Vulnerability
ADV180007 - Adobe Flash Player April 2018 Adobe Flash Security Update

Important Vulnerabilities


This month, Microsoft is addressing 38 vulnerabilities that are rated "important". Talos believes six of these are notable and require prompt attention.

CVE-2018-1011 - Microsoft Excel Remote Code Execution Vulnerability

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs, view, change, or delete data, or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative rights.


CVE-2018-1026 - Microsoft Office Remote Code Execution Vulnerability

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploits the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs, view, change, or delete data, or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.


CVE-2018-1027 - Microsoft Excel Remote Code Execution Vulnerability

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.


CVE-2018-1028 - Microsoft Office Graphics Remote Code Execution Vulnerability

A remote code execution vulnerability exists when Office graphics improperly handles specially crafted embedded fonts. An attacker who successfully exploits this vulnerability could take control of the affected system. An attacker could then install programs, view, change, or delete data, or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.


CVE-2018-1029 - Microsoft Excel Remote Code Execution Vulnerability

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploits the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs, view, change, or delete data, or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.


CVE-2018-1030 - Microsoft Office Remote Code Execution Vulnerability

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs, view, change, or delete data, or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.


Other vulnerabilities deemed "important" are listed below:

CVE-2018-0887 - Windows Kernel Information Disclosure Vulnerability
CVE-2018-0890 - Active Directory Security Feature Bypass Vulnerability
CVE-2018-0892 - Microsoft Edge Information Disclosure Vulnerability
CVE-2018-0920 - Microsoft Excel Remote Code Execution Vulnerability
CVE-2018-0950 - Microsoft Office Information Disclosure Vulnerability
CVE-2018-0956 - HTTP.sys Denial of Service Vulnerability
CVE-2018-0957 - Hyper-V Information Disclosure Vulnerability
CVE-2018-0960 - Windows Kernel Information Disclosure Vulnerability
CVE-2018-0963 - Windows Kernel Elevation of Privilege Vulnerability
CVE-2018-0964 - Hyper-V Information Disclosure Vulnerability
CVE-2018-0966 - Device Guard Security Feature Bypass Vulnerability
CVE-2018-0967 - Windows SNMP Service Denial of Service Vulnerability
CVE-2018-0968 - Windows Kernel Information Disclosure Vulnerability
CVE-2018-0969 - Windows Kernel Information Disclosure Vulnerability
CVE-2018-0970 - Windows Kernel Information Disclosure Vulnerability
CVE-2018-0971 - Windows Kernel Information Disclosure Vulnerability
CVE-2018-0972 - Windows Kernel Information Disclosure Vulnerability
CVE-2018-0973 - Windows Kernel Information Disclosure Vulnerability
CVE-2018-0974 - Windows Kernel Information Disclosure Vulnerability
CVE-2018-0975 - Windows Kernel Information Disclosure Vulnerability
CVE-2018-0976 - Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability
CVE-2018-0987 - Scripting Engine Information Disclosure Vulnerability
CVE-2018-0989 - Scripting Engine Information Disclosure Vulnerability
CVE-2018-0997 - Internet Explorer Memory Corruption Vulnerability
CVE-2018-0998 - Microsoft Edge Information Disclosure Vulnerability
CVE-2018-1001 - Scripting Engine Memory Corruption Vulnerability
CVE-2018-1003 - Microsoft JET Database Engine Remote Code Execution Vulnerability
CVE-2018-1005 - Microsoft SharePoint Elevation of Privilege Vulnerability
CVE-2018-1008 - OpenType Font Driver Elevation of Privilege Vulnerability
CVE-2018-1009 - Microsoft DirectX Graphics Kernel Subsystem Elevation of Privilege Vulnerability
CVE-2018-1014 - Microsoft SharePoint Elevation of Privilege Vulnerability
CVE-2018-1032 - Microsoft SharePoint Elevation of Privilege Vulnerability
CVE-2018-1034 - Microsoft SharePoint Elevation of Privilege Vulnerability

Coverage

In response to these vulnerability disclosures, Talos is releasing the following Snort rules that detect attempts to exploit them. Please note that additional rules may be released at a future date and current rules are subject to change pending additional information. Firepower customers should use the latest update to their ruleset by updating their SRU. Open Source Snort Subscriber Rule Set customers can stay up to date by downloading the latest rule pack available for purchase on Snort.org.

Snort Rules:

45628-45629
46163-46164
46176-46189
46192-46201
46204-46209
46212-46215
46218-36221
46226-46231
46233-46234
46243-46246


Tags: ,,
Share: Email, ReBlog, Twitter, Facebook, Pinterest, Google+
Newer Post: Newer Post
Older Post: Older Post
Date:
Edit this post

Discussion

Powered by Manual Template
Name

.NET 0-day 0day ACDSee Adobe advisory adwind AMP Android Antenna House antivirus apple APT arbitrary code execution Attribution Automation Bahamut BASS beers with talos bitcoin Bitvote Black Hat botnet Brazil BRKSEC-2010 CASC chrome cisco Cisco Live Cisco Security Clam AV ClamAV Cobalt group code injection command injection conferences Coverage cryptocurrency cryptomining CSV CTA CVE-2016-8610 CVE-2017-0199 cve-2017-11882 CVE-2017-5638 CVE-2018-3857 CVE-2018-3858 CVE-2018-3859 CVE-2018-3860 CVE-2018-3870 CVE-2018-3871 CVE-2018-8506 cybercrime dark cloud DDE Decryptor Def Con detection dispute DOC DoS Excel Exploit exploit kits RTF fast flux Flash formbook Foscam Foxit Fuzzing gandcrab google GoScanSSH gozi gplayed GravityRAT Group123 Hangul healthcare HWP Hyland IcedID ICS IDA Pro IMAP incident response India inesap infostealer intel iOS IoT iot malware iPhone IR isfb jRAT JScript kernel mode KevDroid Korea Linux macros MalDoc Malware Malware Analysis Malware Research MDM meltdown meraki Microsoft Microsoft Patch Tuesday Middle East miners mining mobile device management monero Moxa ms tuesday natus NavRAT new router malware NordVPN North Korea nvidia Office office router attack Olympic Destoryer Olympic Destroyer Olympics opsec password stealer patch tuesday PDF phishing PhotoLine PLC podcast pony Powershell privilege escalation ProntoVPN PTEX PubNub PubNubRAT py2exe Pyeongchang pyrebox python Qatar ransomware RAT remcos remote access tool remote code execution research research spotlight reven ReversingLabs Rocke Rockwell Automation ROKRAT rootkit rtf ruby ryptoShuffler samsam samsung Scriptlets security updates sennoma signatures SimpleDirect Media Layer smartthings Smoke Loader Snort Snort Rules Sony South Korea spam spectre spyeye stealer steam struts support Talos TALOS-2017-0507 talosintelligence.com telegrab telegram Tetrane Thanatos ThanatosDecryptor threat intelligence Threat Research Threat Research Summit Threat Round-up Threat Roundup ThreatGrid threats TIFF trickbot trojan TTRS Umbrella ursnif VBScript VMI vpn filter attack VPNFiler VPNFilter VPNFilter malware vuln dev vulndev vulnerabilities Vulnerability vulnerability analysis Vulnerability Report Vulnerability Research vulnerability spotlight vulnerabillity vulnerable routers Whitepaper Windows WindowsCodecs.dll wipers xamarin XSS
false
ltr
item
materialize material: Microsoft Patch Tuesday - April 2018
Microsoft Patch Tuesday - April 2018
materialize material
https://materialize-material.blogspot.com/2018/04/microsoft-patch-tuesday-april-2018.html
https://materialize-material.blogspot.com/
http://materialize-material.blogspot.com/
http://materialize-material.blogspot.com/2018/04/microsoft-patch-tuesday-april-2018.html
true
1816414542238562206
UTF-8
Not found any posts Not found any related posts VIEW ALL Readmore Reply Cancel reply Delete By Home PAGES POSTS View All RECOMMENDED FOR YOU Tag ARCHIVE SEARCH ALL POSTS Not found any post match with your request Back Home Contents See also related Sunday Monday Tuesday Wednesday Thursday Friday Saturday Sun Mon Tue Wed Thu Fri Sat January February March April May June July August September October November December Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec just now 1 minute ago $$1$$ minutes ago 1 hour ago $$1$$ hours ago Yesterday $$1$$ days ago $$1$$ weeks ago more than 5 weeks ago Followers Follow THIS CONTENT IS PREMIUM Please share to unlock Copy All Code Select All Code All codes were copied to your clipboard Can not copy the codes / texts, please press [CTRL]+[C] (or CMD+C with Mac) to copy