Security News

Microsoft Security Bulletin Coverage for April 2018

By

Description

SonicWall has analyzed and addressed Microsoft’s security advisories for the month of April 2018. A list of issues reported, along with SonicWall coverage information are as follows:

Microsoft Coverages:

  • CVE-2018-0870 Internet Explorer Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0887 Windows Kernel Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0890 Active Directory Security Feature Bypass Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0892 Microsoft Edge Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0920 Microsoft Excel Remote Code Execution Vulnerability
    SPY:5124 Malformed-File xls.MP.60
  • CVE-2018-0950 Microsoft Office Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0956 HTTP.sys Denial of Service Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0957 Hyper-V Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0959 Hyper-V Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0960 Windows Kernel Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0963 Windows Kernel Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0964 Hyper-V Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0966 Device Guard Security Feature Bypass Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0967 Windows SNMP Service Denial of Service Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0968 Windows Kernel Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0969 Windows Kernel Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0970 Windows Kernel Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0971 Windows Kernel Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0972 Windows Kernel Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0973 Windows Kernel Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0974 Windows Kernel Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0975 Windows Kernel Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0976 Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0979 Chakra Scripting Engine Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0980 Chakra Scripting Engine Memory Corruption Vulnerability
    IPS:13282 Chakra Scripting Engine Memory Corruption Vulnerability (APR 18) 1
  • CVE-2018-0981 Scripting Engine Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0986 Microsoft Malware Protection Engine Remote Code Execution Vulnerability
    SPY:5123 Malformed-File rar.MP
  • CVE-2018-0987 Scripting Engine Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0988 Scripting Engine Memory Corruption Vulnerability
    IPS:13283 Scripting Engine Memory Corruption Vulnerability (APR 18) 1
  • CVE-2018-0989 Scripting Engine Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0990 Chakra Scripting Engine Memory Corruption Vulnerability
    SPY:5125 Malformed-File html.MP.74
  • CVE-2018-0991 Internet Explorer Memory Corruption Vulnerability
    SPY:5125 Malformed-File html.MP.74
  • CVE-2018-0993 Chakra Scripting Engine Memory Corruption Vulnerability
    IPS:13284 Chakra Scripting Engine Memory Corruption Vulnerability (APR 18) 2
  • CVE-2018-0994 Chakra Scripting Engine Memory Corruption Vulnerability
    SPY:3894 Malformed-File html.MP.73
  • CVE-2018-0995 Chakra Scripting Engine Memory Corruption Vulnerability
    IPS:13281 Internet Explorer Memory Corruption Vulnerability (APR 18) 1
  • CVE-2018-0996 Scripting Engine Memory Corruption Vulnerability
    IPS:7645 HTTP Client Shellcode Exploit 88
  • CVE-2018-0997 Internet Explorer Memory Corruption Vulnerability
    SPY:3894 Malformed-File html.MP.73
  • CVE-2018-0998 Microsoft Edge Information Disclosure Vulnerability
    SPY:4699 Malformed-File pdf.MP.304
  • CVE-2018-1000 Scripting Engine Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-1001 Scripting Engine Memory Corruption Vulnerability
    IPS:7645 HTTP Client Shellcode Exploit 88
  • CVE-2018-1003 Microsoft JET Database Engine Remote Code Execution Vulnerability
    SPY:1745 Malformed-File xls.MP.58
  • CVE-2018-1004 Windows VBScript Engine Remote Code Execution Vulnerability
    IPS:11663 Scripting Engine Memory Corruption Vulnerability (MS16-063) 1
  • CVE-2018-1005 Microsoft SharePoint Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-1008 OpenType Font Driver Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-1009 Microsoft DirectX Graphics Kernel Subsystem Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-1010 Microsoft Graphics Remote Code Execution Vulnerability
    SPY:1754 Malformed-File ttf.MP.20
  • CVE-2018-1011 Microsoft Excel Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-1012 Microsoft Graphics Remote Code Execution Vulnerability
    SPY:1755 Malformed-File ttf.MP.21
  • CVE-2018-1013 Microsoft Graphics Remote Code Execution Vulnerability
    SPY:5121 Malformed-File ttf.MP.24
  • CVE-2018-1014 Microsoft SharePoint Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-1015 Microsoft Graphics Remote Code Execution Vulnerability
    SPY:5122 Malformed-File ttf.MP.25
  • CVE-2018-1016 Microsoft Graphics Remote Code Execution Vulnerability
    SPY:4792 Malformed-File ttf.MP.23
  • CVE-2018-1018 Internet Explorer Memory Corruption Vulnerability
    IPS:13281 Internet Explorer Memory Corruption Vulnerability (APR 18) 1
  • CVE-2018-1019 Chakra Scripting Engine Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-1020 Internet Explorer Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-1023 Microsoft Browser Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-1026 Microsoft Office Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-1027 Microsoft Excel Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-1028 Microsoft Office Graphics Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-1029 Microsoft Excel Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-1030 Microsoft Office Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-1032 Microsoft SharePoint Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-1034 Microsoft SharePoint Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-1037 Microsoft Visual Studio Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-8116 Microsoft Graphics Component Denial of Service Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-8117 Microsoft Wireless Keyboard 850 Security Feature Bypass Vulnerability
    There are no known exploits in the wild.

Adobe Coverages:

APSB18-08:

  • CVE-2018-4932
    Spy:1765 Malformed-File swf.MP.583
  • CVE-2018-4933
    Spy:1776 Malformed-File html.MP.75
  • CVE-2018-4934
    Spy:1787 Malformed-File swf.MP.584
  • CVE-2018-4935
    Spy:2145 Malformed-File swf.MP.585
  • CVE-2018-4936
    Spy:2146 Malformed-File swf.MP.586
  • CVE-2018-4937
    Spy:2147 Malformed-File swf.MP.587
Security News
The SonicWall Capture Labs Threat Research Team gathers, analyzes and vets cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 200 countries and territories. The research team identifies, analyzes, and mitigates critical vulnerabilities and malware daily through in-depth research, which drives protection for all SonicWall customers. In addition to safeguarding networks globally, the research team supports the larger threat intelligence community by releasing weekly deep technical analyses of the most critical threats to small businesses, providing critical knowledge that defenders need to protect their networks.
Recommended Cyber Security Stories
The Android Zazdi botnet uses FCM to communicate with its infected bots
Multiple Exploits for CVE-2015-5119 Observed in the Wild (Sept 18, 2015)
HP Data Protector Express Stack BO (Oct 1st, 2010)
.NET Trojan: Yubby v1.6 w/[CRM Service]...
Microsoft Security Bulletin Coverage (July 12, 2011)
US Postal Service Email Spam (Oct 21, 2011)
Dew18 banker for Android targets Korean financial institutions
GlobeImposter Ransomware renders system unbootable