Over 60 Vulnerabilities Patched In Microsoft September Updates

219

Tripwire’s Vulnerability and Exposure Research Team (VERT) have uncovered and investigated many of the vulnerabilities found within the Microsoft September 2018 Security Updates. Tripwire identified three vulnerabilities as critical with exploitation more likely. One of these is the vulnerability CVE-2018-8440, which takes advantage of a flaw in the task scheduler ALPC (Advanced Local Procedure Call) to escalate privileges.

VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-796 on Wednesday, September 12th.

Tyler Reguly, Manager of Software Development at Tripwire:

In-The-Wild & Disclosed CVEs

CVE-2018-8440

This vulnerability was disclosed on Twitter on August 27th, and a high level analysis was published on August 28th. More recently, ESET published a write-up on the vulnerability after it was used in malware. The vulnerability takes advantage of a flaw in the task scheduler ALPC (Advanced Local Procedure Call) to escalate privileges.

Microsoft has rated this as a 1 on the Exploitability Index (Exploitation More Likely)

CVE-2018-8475

Microsoft has stated that this vulnerability has already been publicly disclosed, and it appears to present significant risk. A vulnerability in how Windows handles image files means that exploitation can occur simply by viewing the image.

Microsoft has rated this as a 1 on the Exploitability Index (Exploitation More Likely)

CVE-2018-8457

A vulnerability exists in the scripting engine found in Microsoft browsers around their method of handling objects in memory. Successful exploitation of the vulnerability could lead to code execution in the context of the current user. The update changes how the scripting engine handles objects in memory.

Microsoft has rated this as a 1 on the Exploitability Index (Exploitation More Likely)

CVE-2018-8409

This denial-of-service vulnerability impacts System.IO.Piplines available in .NET Core and ASP.NET Core. Microsoft has released a detailed write-up as part of the ASP.NET Core project.

Microsoft has rated this as a 2 on the Exploitability Index (Exploitation Less Likely)

Other Information

In addition to the Microsoft vulnerabilities included in the September Security Guidance, a pair of security advisories were also made available.

Windows Denial of Service Vulnerability [ADV180022]

Microsoft has released an advisory for CVE-2018-5391 (“FragmentSmack”), which allows attackers to perform a denial-of-service attack against Windows by sending many 8-byte IP fragments with random starting offsets but never sending the final fragment. Microsoft has provided a workaround in the advisory and stated that they are working on a fix for this issue.

September 2018 Adobe Flash Security Update [ADV180023]

Microsoft has released updates for Adobe Flash. These correspond with Adobe Update APSB18-31. This includes a fix for CVE-2018-15967.

CVE Breakdown by Tag

While historical Microsoft Security Bulletin groupings are gone, Microsoft vulnerabilities are tagged with an identifier. This list provides a breakdown of the CVEs on a per-tag basis.

Tag CVE Count CVEs
.NET Framework 1 CVE-2018-8421
Windows Hyper-V 6 CVE-2018-0965, CVE-2018-8434, CVE-2018-8435, CVE-2018-8436, CVE-2018-8437, CVE-2018-8439
Windows Subsystem for Linux 2 CVE-2018-8337, CVE-2018-8441
Microsoft JET Database Engine 2 CVE-2018-8392, CVE-2018-8393
Windows SMB Server 2 CVE-2018-8335, CVE-2018-8444
Microsoft Identity Services 1 CVE-2018-8269
Microsoft Windows 4 CVE-2018-8271, CVE-2018-8410, CVE-2018-8438, CVE-2018-8440
Microsoft Edge 5 CVE-2018-8425, CVE-2018-8366, CVE-2018-8463, CVE-2018-8464, CVE-2018-8469
Windows Media 1 CVE-2018-8419
.NET Core 1 CVE-2018-8409
Device Guard 1 CVE-2018-8449
Windows Kernel 6 CVE-2018-8336, CVE-2018-8442, CVE-2018-8443, CVE-2018-8445, CVE-2018-8446, CVE-2018-8455
Microsoft Graphics Component 5 CVE-2018-8424, CVE-2018-8433, CVE-2018-8462, CVE-2018-8475, CVE-2018-8332
Microsoft XML Core Services 1 CVE-2018-8420
Azure 1 CVE-2018-8479
Internet Explorer 3 CVE-2018-8461, CVE-2018-8447, CVE-2018-8470
Windows Shell 1 CVE-2018-8468
Microsoft Office 7 CVE-2018-8426, CVE-2018-8428, CVE-2018-8429, CVE-2018-8430, CVE-2018-8431, CVE-2018-8331, CVE-2018-8474
Microsoft Scripting Engine 11 CVE-2018-8315, CVE-2018-8367, CVE-2018-8354, CVE-2018-8391, CVE-2018-8452, CVE-2018-8456, CVE-2018-8457, CVE-2018-8459, CVE-2018-8465, CVE-2018-8466, CVE-2018-8467