Microsoft Security Bulletin Coverage for April 2018
Description
SonicWall has analyzed and addressed Microsoft’s security advisories for the month of April 2018. A list of issues reported, along with SonicWall coverage information are as follows:
Microsoft Coverages:
- CVE-2018-0870 Internet Explorer Memory Corruption Vulnerability
There are no known exploits in the wild.
- CVE-2018-0887 Windows Kernel Information Disclosure Vulnerability
There are no known exploits in the wild.
- CVE-2018-0890 Active Directory Security Feature Bypass Vulnerability
There are no known exploits in the wild.
- CVE-2018-0892 Microsoft Edge Information Disclosure Vulnerability
There are no known exploits in the wild.
- CVE-2018-0920 Microsoft Excel Remote Code Execution Vulnerability
SPY:5124 Malformed-File xls.MP.60
- CVE-2018-0950 Microsoft Office Information Disclosure Vulnerability
There are no known exploits in the wild.
- CVE-2018-0956 HTTP.sys Denial of Service Vulnerability
There are no known exploits in the wild.
- CVE-2018-0957 Hyper-V Information Disclosure Vulnerability
There are no known exploits in the wild.
- CVE-2018-0959 Hyper-V Remote Code Execution Vulnerability
There are no known exploits in the wild.
- CVE-2018-0960 Windows Kernel Information Disclosure Vulnerability
There are no known exploits in the wild.
- CVE-2018-0963 Windows Kernel Elevation of Privilege Vulnerability
There are no known exploits in the wild.
- CVE-2018-0964 Hyper-V Information Disclosure Vulnerability
There are no known exploits in the wild.
- CVE-2018-0966 Device Guard Security Feature Bypass Vulnerability
There are no known exploits in the wild.
- CVE-2018-0967 Windows SNMP Service Denial of Service Vulnerability
There are no known exploits in the wild.
- CVE-2018-0968 Windows Kernel Information Disclosure Vulnerability
There are no known exploits in the wild.
- CVE-2018-0969 Windows Kernel Information Disclosure Vulnerability
There are no known exploits in the wild.
- CVE-2018-0970 Windows Kernel Information Disclosure Vulnerability
There are no known exploits in the wild.
- CVE-2018-0971 Windows Kernel Information Disclosure Vulnerability
There are no known exploits in the wild.
- CVE-2018-0972 Windows Kernel Information Disclosure Vulnerability
There are no known exploits in the wild.
- CVE-2018-0973 Windows Kernel Information Disclosure Vulnerability
There are no known exploits in the wild.
- CVE-2018-0974 Windows Kernel Information Disclosure Vulnerability
There are no known exploits in the wild.
- CVE-2018-0975 Windows Kernel Information Disclosure Vulnerability
There are no known exploits in the wild.
- CVE-2018-0976 Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability
There are no known exploits in the wild.
- CVE-2018-0979 Chakra Scripting Engine Memory Corruption Vulnerability
There are no known exploits in the wild.
- CVE-2018-0980 Chakra Scripting Engine Memory Corruption Vulnerability
IPS:13282 Chakra Scripting Engine Memory Corruption Vulnerability (APR 18) 1
- CVE-2018-0981 Scripting Engine Information Disclosure Vulnerability
There are no known exploits in the wild.
- CVE-2018-0986 Microsoft Malware Protection Engine Remote Code Execution Vulnerability
SPY:5123 Malformed-File rar.MP
- CVE-2018-0987 Scripting Engine Information Disclosure Vulnerability
There are no known exploits in the wild.
- CVE-2018-0988 Scripting Engine Memory Corruption Vulnerability
IPS:13283 Scripting Engine Memory Corruption Vulnerability (APR 18) 1
- CVE-2018-0989 Scripting Engine Information Disclosure Vulnerability
There are no known exploits in the wild.
- CVE-2018-0990 Chakra Scripting Engine Memory Corruption Vulnerability
SPY:5125 Malformed-File html.MP.74
- CVE-2018-0991 Internet Explorer Memory Corruption Vulnerability
SPY:5125 Malformed-File html.MP.74
- CVE-2018-0993 Chakra Scripting Engine Memory Corruption Vulnerability
IPS:13284 Chakra Scripting Engine Memory Corruption Vulnerability (APR 18) 2
- CVE-2018-0994 Chakra Scripting Engine Memory Corruption Vulnerability
SPY:3894 Malformed-File html.MP.73
- CVE-2018-0995 Chakra Scripting Engine Memory Corruption Vulnerability
IPS:13281 Internet Explorer Memory Corruption Vulnerability (APR 18) 1
- CVE-2018-0996 Scripting Engine Memory Corruption Vulnerability
IPS:7645 HTTP Client Shellcode Exploit 88
- CVE-2018-0997 Internet Explorer Memory Corruption Vulnerability
SPY:3894 Malformed-File html.MP.73
- CVE-2018-0998 Microsoft Edge Information Disclosure Vulnerability
SPY:4699 Malformed-File pdf.MP.304
- CVE-2018-1000 Scripting Engine Information Disclosure Vulnerability
There are no known exploits in the wild.
- CVE-2018-1001 Scripting Engine Memory Corruption Vulnerability
IPS:7645 HTTP Client Shellcode Exploit 88
- CVE-2018-1003 Microsoft JET Database Engine Remote Code Execution Vulnerability
SPY:1745 Malformed-File xls.MP.58
- CVE-2018-1004 Windows VBScript Engine Remote Code Execution Vulnerability
IPS:11663 Scripting Engine Memory Corruption Vulnerability (MS16-063) 1
- CVE-2018-1005 Microsoft SharePoint Elevation of Privilege Vulnerability
There are no known exploits in the wild.
- CVE-2018-1008 OpenType Font Driver Elevation of Privilege Vulnerability
There are no known exploits in the wild.
- CVE-2018-1009 Microsoft DirectX Graphics Kernel Subsystem Elevation of Privilege Vulnerability
There are no known exploits in the wild.
- CVE-2018-1010 Microsoft Graphics Remote Code Execution Vulnerability
SPY:1754 Malformed-File ttf.MP.20
- CVE-2018-1011 Microsoft Excel Remote Code Execution Vulnerability
There are no known exploits in the wild.
- CVE-2018-1012 Microsoft Graphics Remote Code Execution Vulnerability
SPY:1755 Malformed-File ttf.MP.21
- CVE-2018-1013 Microsoft Graphics Remote Code Execution Vulnerability
SPY:5121 Malformed-File ttf.MP.24
- CVE-2018-1014 Microsoft SharePoint Elevation of Privilege Vulnerability
There are no known exploits in the wild.
- CVE-2018-1015 Microsoft Graphics Remote Code Execution Vulnerability
SPY:5122 Malformed-File ttf.MP.25
- CVE-2018-1016 Microsoft Graphics Remote Code Execution Vulnerability
SPY:4792 Malformed-File ttf.MP.23
- CVE-2018-1018 Internet Explorer Memory Corruption Vulnerability
IPS:13281 Internet Explorer Memory Corruption Vulnerability (APR 18) 1
- CVE-2018-1019 Chakra Scripting Engine Memory Corruption Vulnerability
There are no known exploits in the wild.
- CVE-2018-1020 Internet Explorer Memory Corruption Vulnerability
There are no known exploits in the wild.
- CVE-2018-1023 Microsoft Browser Memory Corruption Vulnerability
There are no known exploits in the wild.
- CVE-2018-1026 Microsoft Office Remote Code Execution Vulnerability
There are no known exploits in the wild.
- CVE-2018-1027 Microsoft Excel Remote Code Execution Vulnerability
There are no known exploits in the wild.
- CVE-2018-1028 Microsoft Office Graphics Remote Code Execution Vulnerability
There are no known exploits in the wild.
- CVE-2018-1029 Microsoft Excel Remote Code Execution Vulnerability
There are no known exploits in the wild.
- CVE-2018-1030 Microsoft Office Remote Code Execution Vulnerability
There are no known exploits in the wild.
- CVE-2018-1032 Microsoft SharePoint Elevation of Privilege Vulnerability
There are no known exploits in the wild.
- CVE-2018-1034 Microsoft SharePoint Elevation of Privilege Vulnerability
There are no known exploits in the wild.
- CVE-2018-1037 Microsoft Visual Studio Information Disclosure Vulnerability
There are no known exploits in the wild.
- CVE-2018-8116 Microsoft Graphics Component Denial of Service Vulnerability
There are no known exploits in the wild.
- CVE-2018-8117 Microsoft Wireless Keyboard 850 Security Feature Bypass Vulnerability
There are no known exploits in the wild.
Adobe Coverages:
APSB18-08:
- CVE-2018-4932
Spy:1765 Malformed-File swf.MP.583
- CVE-2018-4933
Spy:1776 Malformed-File html.MP.75
- CVE-2018-4934
Spy:1787 Malformed-File swf.MP.584
- CVE-2018-4935
Spy:2145 Malformed-File swf.MP.585
- CVE-2018-4936
Spy:2146 Malformed-File swf.MP.586
- CVE-2018-4937
Spy:2147 Malformed-File swf.MP.587