Posts

Microsoft Security Bulletin Coverage for May 2018

Sonicwall Capture Labs Threats Research Team has analyzed and addressed Microsoft’s security advisories for the month of May 2018. A list of issues reported, along with SonicWall coverage information are as follows:

CVE-2018-0765 .NET and .NET Core Denial Of Service Vulnerability
There are no known exploits in the wild.

CVE-2018-0824 Microsoft COM for Windows Remote Code Execution Vulnerability
There are no known exploits in the wild.

CVE-2018-0854 Windows Security Feature Bypass Vulnerability
There are no known exploits in the wild.

CVE-2018-0905 Microsoft Edge Information Disclosure Vulnerability
There are no known exploits in the wild.

CVE-2018-0943 Chakra Scripting Engine Memory Corruption Vulnerability
There are no known exploits in the wild.

CVE-2018-0945 Scripting Engine Memory Corruption Vulnerability
There are no known exploits in the wild.

CVE-2018-0946 Scripting Engine Memory Corruption Vulnerability
IPS :13323 Scripting Engine Memory Corruption Vulnerability (MAY 18)

CVE-2018-0951 Scripting Engine Memory Corruption Vulnerability
IPS :13324 Scripting Engine Memory Corruption Vulnerability (MAY 18) 2

CVE-2018-0953 Scripting Engine Memory Corruption Vulnerability
IPS :13325 Scripting Engine Memory Corruption Vulnerability (MAY 18) 3

CVE-2018-0954 Scripting Engine Memory Corruption Vulnerability
IPS :13326 Scripting Engine Memory Corruption Vulnerability (MAY 18) 4

CVE-2018-0955 Scripting Engine Memory Corruption Vulnerability
IPS :13327 Scripting Engine Memory Corruption Vulnerability (MAY 18) 5

CVE-2018-0958 Windows Security Feature Bypass Vulnerability
There are no known exploits in the wild.

CVE-2018-0959 Hyper-V Remote Code Execution Vulnerability
There are no known exploits in the wild.

CVE-2018-0961 Hyper-V vSMB Remote Code Execution Vulnerability
There are no known exploits in the wild.

CVE-2018-1021 Microsoft Edge Information Disclosure Vulnerability
There are no known exploits in the wild.

CVE-2018-1022 Scripting Engine Memory Corruption Vulnerability
There are no known exploits in the wild.

CVE-2018-1025 Microsoft Browser Information Disclosure Vulnerability
There are no known exploits in the wild.

CVE-2018-1039 .NET Framework Device Guard Security Feature Bypass Vulnerability
There are no known exploits in the wild.

CVE-2018-8112 Microsoft Edge Security Feature Bypass Vulnerability
There are no known exploits in the wild.

CVE-2018-8114 Scripting Engine Memory Corruption Vulnerability
IPS :13328 Scripting Engine Memory Corruption Vulnerability (MAY 18) 6

CVE-2018-8115 Windows Host Compute Service Shim Remote Code Execution Vulnerability
There are no known exploits in the wild.

CVE-2018-8119 Azure IoT SDK Spoofing Vulnerability
There are no known exploits in the wild.

CVE-2018-8120 Win32k Elevation of Privilege Vulnerability
ASPY :5145 Malformed-File exe.MP.35

CVE-2018-8122 Scripting Engine Memory Corruption Vulnerability
IPS :13329 Scripting Engine Memory Corruption Vulnerability (MAY 18) 7

CVE-2018-8123 Microsoft Edge Memory Corruption Vulnerability
ASPY: 5049 Malformed-File html.MP.71

CVE-2018-8124 Win32k Elevation of Privilege Vulnerability
ASPY: 5145 Malformed-File exe.MP.35

CVE-2018-8126 Internet Explorer Security Feature Bypass Vulnerability
There are no known exploits in the wild.

CVE-2018-8127 Windows Kernel Information Disclosure Vulnerability
There are no known exploits in the wild.

CVE-2018-8128 Scripting Engine Memory Corruption Vulnerability
There are no known exploits in the wild.

CVE-2018-8129 Windows Security Feature Bypass Vulnerability
There are no known exploits in the wild.

CVE-2018-8130 Chakra Scripting Engine Memory Corruption Vulnerability
There are no known exploits in the wild.

CVE-2018-8132 Windows Security Feature Bypass Vulnerability
There are no known exploits in the wild.

CVE-2018-8133 Chakra Scripting Engine Memory Corruption Vulnerability
ASPY: 5135 Malformed-File html.MP.76

CVE-2018-8134 Windows Elevation of Privilege Vulnerability
There are no known exploits in the wild.

CVE-2018-8136 Windows Remote Code Execution Vulnerability
There are no known exploits in the wild.

CVE-2018-8137 Scripting Engine Memory Corruption Vulnerability
There are no known exploits in the wild.

CVE-2018-8139 Scripting Engine Memory Corruption Vulnerability
There are no known exploits in the wild.

CVE-2018-8141 Windows Kernel Information Disclosure Vulnerability
There are no known exploits in the wild.

CVE-2018-8145 Chakra Scripting Engine Memory Corruption Vulnerability
There are no known exploits in the wild.

CVE-2018-8147 Microsoft Excel Remote Code Execution Vulnerability
ASPY: 5137 Malformed-File xls.MP.61

CVE-2018-8148 Microsoft Excel Remote Code Execution Vulnerability
ASPY: 5138 Malformed-File xls.MP.62

CVE-2018-8149 Microsoft SharePoint Elevation of Privilege Vulnerability
There are no known exploits in the wild.

CVE-2018-8150 Microsoft Outlook Security Feature Bypass Vulnerability
There are no known exploits in the wild.

CVE-2018-8151 Microsoft Exchange Memory Corruption Vulnerability
There are no known exploits in the wild.

CVE-2018-8152 Microsoft Exchange Server Elevation of Privilege Vulnerability
There are no known exploits in the wild.

CVE-2018-8153 Microsoft Exchange Spoofing Vulnerability
There are no known exploits in the wild.

CVE-2018-8154 Microsoft Exchange Memory Corruption Vulnerability
There are no known exploits in the wild.

CVE-2018-8155 Microsoft SharePoint Elevation of Privilege Vulnerability
There are no known exploits in the wild.

CVE-2018-8156 Microsoft SharePoint Elevation of Privilege Vulnerability
There are no known exploits in the wild.

CVE-2018-8157 Microsoft Office Remote Code Execution Vulnerability
ASPY: 5140 Malformed-File xls.MP.63

CVE-2018-8158 Microsoft Office Remote Code Execution Vulnerability
ASPY: 5141 Malformed-File rtf.MP.23

CVE-2018-8159 Microsoft Exchange Elevation of Privilege Vulnerability
There are no known exploits in the wild.

CVE-2018-8160 Microsoft Outlook Information Disclosure Vulnerability
There are no known exploits in the wild.

CVE-2018-8161 Microsoft Office Remote Code Execution Vulnerability
IPS: 13331 Microsoft Office Remote Code Execution (MAY 18) 1

CVE-2018-8162 Microsoft Excel Remote Code Execution Vulnerability
ASPY: 5138 Malformed-File xls.MP.63

CVE-2018-8163 Microsoft Excel Information Disclosure Vulnerability
There are no known exploits in the wild.

CVE-2018-8164 Win32k Elevation of Privilege Vulnerability
There are no known exploits in the wild.

CVE-2018-8165 DirectX Graphics Kernel Elevation of Privilege Vulnerability
There are no known exploits in the wild.

CVE-2018-8166 Win32k Elevation of Privilege Vulnerability
There are no known exploits in the wild.

CVE-2018-8167 Windows Common Log File System Driver Elevation of Privilege Vulnerability
There are no known exploits in the wild.

CVE-2018-8168 Microsoft SharePoint Elevation of Privilege Vulnerability
There are no known exploits in the wild.

CVE-2018-8170 Windows Image Elevation of Privilege Vulnerability
There are no known exploits in the wild.

CVE-2018-8173 Microsoft InfoPath Remote Code Execution Vulnerability
There are no known exploits in the wild.

CVE-2018-8174 Windows VBScript Engine Remote Code Execution Vulnerability
IPS: 13321 Windows VBScript Engine Remote Code Execution Vulnerability (MAY 18)

CVE-2018-8177 Chakra Scripting Engine Memory Corruption Vulnerability
There are no known exploits in the wild.

CVE-2018-8178 Microsoft Browser Memory Corruption Vulnerability
There are no known exploits in the wild.

CVE-2018-8179 Microsoft Edge Memory Corruption Vulnerability
IPS: 13322 Microsoft Edge Memory Corruption Vulnerability (MAY 18)

CVE-2018-8897 Windows Kernel Elevation of Privilege Vulnerability
There are no known exploits in the wild.

Adobe Flash (APSB18-16) Coverage :

CVE-2018-4944 Type Confusion Vulnerability

ASPY: 5143 Malformed-File swf.MP.588

Following is the coverage for Adobe Acrobat Reader Bulletin APSB18-16
CVE-2018-4946 Use After Free vulnerability
There are no known exploits in the wild
CVE-2018-4947 Heap Overflow vulnerability
ASPY 1648 : Malformed-File pdf.MP.305
CVE-2018-4948 Heap Overflow vulnerability
ASPY 1647 : Malformed-File emf.MP.56
CVE-2018-4949 Out-of-bounds read vulnerability
ASPY 1649 : Malformed-File emf.MP.57
CVE-2018-4950 Out-of-bounds write vulnerability
There are no known exploits in the wild
CVE-2018-4951 Out-of-bounds read vulnerability
ASPY 1654 : Malformed-File emf.MP.58
CVE-2018-4952 Use After Free vulnerability
There are no known exploits in the wild
CVE-2018-4953 Type Confusion vulnerability
There are no known exploits in the wild
CVE-2018-4954 Use After Free vulnerability
There are no known exploits in the wild
CVE-2018-4955 Out-of-bounds read vulnerability
There are no known exploits in the wild
CVE-2018-4956 Out-of-bounds read vulnerability
There are no known exploits in the wild
CVE-2018-4957 Out-of-bounds read vulnerability
There are no known exploits in the wild
CVE-2018-4958 Use After Free vulnerability
ASPY 5131 : Malformed-File pdf.MP.307
CVE-2018-4959 Use After Free vulnerability
ASPY 5142 : Malformed-File pdf.MP.308
CVE-2018-4960 Out-of-bounds read vulnerability
There are no known exploits in the wild
CVE-2018-4961 Use After Free vulnerability
ASPY 5146 : Malformed-File pdf.MP.309
CVE-2018-4962 Out-of-bounds read vulnerability
ASPY 5147 : Malformed-File pdf.MP.310
CVE-2018-4963 Out-of-bounds read vulnerability
There are no known exploits in the wild
CVE-2018-4964 Out-of-bounds read vulnerability
There are no known exploits in the wild
CVE-2018-4965 Buffer Errors vulnerability
There are no known exploits in the wild
CVE-2018-4966 Heap Overflow vulnerability
There are no known exploits in the wild
CVE-2018-4967 Out-of-bounds write vulnerability
There are no known exploits in the wild
CVE-2018-4968 Heap Overflow vulnerability
ASPY 5152 : Malformed-File emf.MP.62
CVE-2018-4969 Out-of-bounds read vulnerability
There are no known exploits in the wild
CVE-2018-4970 Out-of-bounds read vulnerability
There are no known exploits in the wild
CVE-2018-4971 Use After Free vulnerability
There are no known exploits in the wild
CVE-2018-4972 Out-of-bounds read vulnerability
There are no known exploits in the wild
CVE-2018-4973 Out-of-bounds read vulnerability
There are no known exploits in the wild
CVE-2018-4974 Use After Free vulnerability
ASPY 5151 : Malformed-File pdf.MP.313
CVE-2018-4975 Out-of-bounds read vulnerability
There are no known exploits in the wild
CVE-2018-4976 Out-of-bounds read vulnerability
There are no known exploits in the wild
CVE-2018-4977 Use After Free vulnerability
ASPY 5151 : Malformed-File pdf.MP.313
CVE-2018-4978 Heap Overflow vulnerability
ASPY 5150 : Malformed-File emf.MP.61
CVE-2018-4979 Security bypass vulnerability
There are no known exploits in the wild
CVE-2018-4980 Use After Free vulnerability
There are no known exploits in the wild
CVE-2018-4981 Out-of-bounds read vulnerability
ASPY 1649 : Malformed-File emf.MP.57
CVE-2018-4982 Heap Overflow vulnerability
ASPY 5150 : Malformed-File emf.MP.59
CVE-2018-4983 Use After Free vulnerability
ASPY 5149 : Malformed-File pdf.MP.312
CVE-2018-4984 Heap Overflow vulnerability
There are no known exploits in the wild
CVE-2018-4985 Out-of-bounds read vulnerability
There are no known exploits in the wild
CVE-2018-4986 Out-of-bounds read vulnerability
There are no known exploits in the wild
CVE-2018-4987 Untrusted pointer dereference vulnerability
ASPY 5148 : Malformed-File pdf.MP.311
CVE-2018-4988 Use After Free vulnerability
There are no known exploits in the wild
CVE-2018-4989 Use After Free vulnerability
There are no known exploits in the wild
CVE-2018-4990 Double Free vulnerability
There are no known exploits in the wild
CVE-2018-4993 Data leakage (sensitive) vulnerability
ASPY 1650 : Malformed-File pdf.MP.306

Microsoft Security Bulletin Coverage for April 2018

Description

SonicWall has analyzed and addressed Microsoft’s security advisories for the month of April 2018. A list of issues reported, along with SonicWall coverage information are as follows:

Microsoft Coverages:

  • CVE-2018-0870 Internet Explorer Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0887 Windows Kernel Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0890 Active Directory Security Feature Bypass Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0892 Microsoft Edge Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0920 Microsoft Excel Remote Code Execution Vulnerability
    SPY:5124 Malformed-File xls.MP.60
  • CVE-2018-0950 Microsoft Office Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0956 HTTP.sys Denial of Service Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0957 Hyper-V Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0959 Hyper-V Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0960 Windows Kernel Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0963 Windows Kernel Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0964 Hyper-V Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0966 Device Guard Security Feature Bypass Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0967 Windows SNMP Service Denial of Service Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0968 Windows Kernel Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0969 Windows Kernel Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0970 Windows Kernel Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0971 Windows Kernel Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0972 Windows Kernel Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0973 Windows Kernel Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0974 Windows Kernel Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0975 Windows Kernel Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0976 Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0979 Chakra Scripting Engine Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0980 Chakra Scripting Engine Memory Corruption Vulnerability
    IPS:13282 Chakra Scripting Engine Memory Corruption Vulnerability (APR 18) 1
  • CVE-2018-0981 Scripting Engine Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0986 Microsoft Malware Protection Engine Remote Code Execution Vulnerability
    SPY:5123 Malformed-File rar.MP
  • CVE-2018-0987 Scripting Engine Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0988 Scripting Engine Memory Corruption Vulnerability
    IPS:13283 Scripting Engine Memory Corruption Vulnerability (APR 18) 1
  • CVE-2018-0989 Scripting Engine Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-0990 Chakra Scripting Engine Memory Corruption Vulnerability
    SPY:5125 Malformed-File html.MP.74
  • CVE-2018-0991 Internet Explorer Memory Corruption Vulnerability
    SPY:5125 Malformed-File html.MP.74
  • CVE-2018-0993 Chakra Scripting Engine Memory Corruption Vulnerability
    IPS:13284 Chakra Scripting Engine Memory Corruption Vulnerability (APR 18) 2
  • CVE-2018-0994 Chakra Scripting Engine Memory Corruption Vulnerability
    SPY:3894 Malformed-File html.MP.73
  • CVE-2018-0995 Chakra Scripting Engine Memory Corruption Vulnerability
    IPS:13281 Internet Explorer Memory Corruption Vulnerability (APR 18) 1
  • CVE-2018-0996 Scripting Engine Memory Corruption Vulnerability
    IPS:7645 HTTP Client Shellcode Exploit 88
  • CVE-2018-0997 Internet Explorer Memory Corruption Vulnerability
    SPY:3894 Malformed-File html.MP.73
  • CVE-2018-0998 Microsoft Edge Information Disclosure Vulnerability
    SPY:4699 Malformed-File pdf.MP.304
  • CVE-2018-1000 Scripting Engine Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-1001 Scripting Engine Memory Corruption Vulnerability
    IPS:7645 HTTP Client Shellcode Exploit 88
  • CVE-2018-1003 Microsoft JET Database Engine Remote Code Execution Vulnerability
    SPY:1745 Malformed-File xls.MP.58
  • CVE-2018-1004 Windows VBScript Engine Remote Code Execution Vulnerability
    IPS:11663 Scripting Engine Memory Corruption Vulnerability (MS16-063) 1
  • CVE-2018-1005 Microsoft SharePoint Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-1008 OpenType Font Driver Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-1009 Microsoft DirectX Graphics Kernel Subsystem Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-1010 Microsoft Graphics Remote Code Execution Vulnerability
    SPY:1754 Malformed-File ttf.MP.20
  • CVE-2018-1011 Microsoft Excel Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-1012 Microsoft Graphics Remote Code Execution Vulnerability
    SPY:1755 Malformed-File ttf.MP.21
  • CVE-2018-1013 Microsoft Graphics Remote Code Execution Vulnerability
    SPY:5121 Malformed-File ttf.MP.24
  • CVE-2018-1014 Microsoft SharePoint Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-1015 Microsoft Graphics Remote Code Execution Vulnerability
    SPY:5122 Malformed-File ttf.MP.25
  • CVE-2018-1016 Microsoft Graphics Remote Code Execution Vulnerability
    SPY:4792 Malformed-File ttf.MP.23
  • CVE-2018-1018 Internet Explorer Memory Corruption Vulnerability
    IPS:13281 Internet Explorer Memory Corruption Vulnerability (APR 18) 1
  • CVE-2018-1019 Chakra Scripting Engine Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-1020 Internet Explorer Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-1023 Microsoft Browser Memory Corruption Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-1026 Microsoft Office Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-1027 Microsoft Excel Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-1028 Microsoft Office Graphics Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-1029 Microsoft Excel Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-1030 Microsoft Office Remote Code Execution Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-1032 Microsoft SharePoint Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-1034 Microsoft SharePoint Elevation of Privilege Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-1037 Microsoft Visual Studio Information Disclosure Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-8116 Microsoft Graphics Component Denial of Service Vulnerability
    There are no known exploits in the wild.
  • CVE-2018-8117 Microsoft Wireless Keyboard 850 Security Feature Bypass Vulnerability
    There are no known exploits in the wild.

Adobe Coverages:

APSB18-08:

  • CVE-2018-4932
    Spy:1765 Malformed-File swf.MP.583
  • CVE-2018-4933
    Spy:1776 Malformed-File html.MP.75
  • CVE-2018-4934
    Spy:1787 Malformed-File swf.MP.584
  • CVE-2018-4935
    Spy:2145 Malformed-File swf.MP.585
  • CVE-2018-4936
    Spy:2146 Malformed-File swf.MP.586
  • CVE-2018-4937
    Spy:2147 Malformed-File swf.MP.587