Multiple vulnerabilities in Microsoft Windows

Beschreibung

Multiple serious vulnerabilities have been found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, bypass security restrictions, cause denial of service or gain privileges.

Below is a complete list of vulnerabilities:

1. An incorrect input data handling in Cortana can be exploited locally via specially designed commands to gain privileges;
2. An improper parsing of HTTP 2.0 requests in HTTP.sys can be exploited remotely via specially designed HTTP packet to cause denial of service;
3. Incorrect operation of the hashing algorithm in Windows Code Integrity Module can be exploited remotely via a specially designed e-mail message to cause denial of service;
4. Multiple security bypass vulnerabilities in Device Guard can be exploited locally to bypass security restrictions;
5. Improper handling of objects in memory in Microsoft Windows can be exploited locally via a specially crafted application to cause denial of service;
6. Incorrect privilege levels enforcing in Windows Hyper-V can be exploited locally via unspecified attack vector to gain privileges;
7. Improper handling of objects in memory in Win32k can be exploited locally via a specially crafted application to gain privileges;
8. Improper handling of objects in memory in HID Parser Library driver can be exploited locally via a specially crafted application to gain privileges;
9. Memory corruption vulnerability in Windows GDI can be exploited locally via a specially crafted application to gain sensitive information;
10. Multiple vulnerabilities in Windows kernel can be exploited locally via a specially crafted application to gain privileges or obtain sensitive information;
11. An incorrect access checking in NTFS can be exploited locally via a specially crafted application to gain privileges;
12. Improper handling of objects in memory in Http.sysr can be exploited locally via a specially crafted request to execute arbitrary code;
13. Improper handling of objects in memory in Windows Media Foundation can be exploited locally via a specially designed document to execute arbitrary code;
14. An incorrect permissions enforcing in Windows Kernel API can be exploited locally via a specially crafted application to gain privileges;
15. Improper virtual registry management in Desktop Bridge can be exploited locally via a specially crafted application to gain privileges;
16. An incorrect DNS responses handling in DNSAPI.dll can be exploited remotely via a specially designed DNS request to execute arbitrary code.

---

Technical details

Vulnerability (4) could allow an attacker to inject malicious code into into a trusted PowerShell process and bypass the Device Guard Code Integrity policy.

Ursprüngliche Informationshinweise

• CVE-2018-8140

• CVE-2018-8226
• CVE-2018-1040
• CVE-2018-8212
• CVE-2018-8201
• CVE-2018-8205
• CVE-2018-8221
• CVE-2018-8213
• CVE-2018-8219
• CVE-2018-8217
• CVE-2018-8210
• CVE-2018-8233
• CVE-2018-8169
• CVE-2018-8239
• CVE-2018-8224
• CVE-2018-1036
• CVE-2018-8121
• CVE-2018-8231
• CVE-2018-8207
• CVE-2018-8251
• CVE-2018-0982
• CVE-2018-8215
• CVE-2018-8211
• CVE-2018-8214
• CVE-2018-8218
• CVE-2018-8225
• CVE-2018-8209
• CVE-2018-8208
• CVE-2018-8175
• CVE-2018-8216

CVE Liste

• CVE-2018-8140
  critical
• CVE-2018-8226
  critical
• CVE-2018-1040
  critical
• CVE-2018-8212
  critical
• CVE-2018-8201
  critical
• CVE-2018-8205
  critical
• CVE-2018-8221
  critical
• CVE-2018-8213
  critical
• CVE-2018-8219
  critical
• CVE-2018-8217
  critical
• CVE-2018-8210
  critical
• CVE-2018-8233
  critical
• CVE-2018-8169
  critical
• CVE-2018-8239
  critical
• CVE-2018-8224
  critical
• CVE-2018-1036
  critical
• CVE-2018-8121
  critical
• CVE-2018-8231
  critical
• CVE-2018-8207
  critical
• CVE-2018-8251
  critical
• CVE-2018-0982
  critical
• CVE-2018-8215
  critical
• CVE-2018-8211
  critical
• CVE-2018-8214
  critical
• CVE-2018-8218
  critical
• CVE-2018-8225
  critical
• CVE-2018-8209
  critical
• CVE-2018-8208
  critical
• CVE-2018-8175
  critical
• CVE-2018-8216
  critical

KB Liste

• 4284867
• 4284860
• 4284874
• 4284826
• 4284835
• 4284880
• 4284819
• 4284855
• 4284815
• 4284878
• 4230467
• 4234459
• 4284846
• 4294413

Mehr erfahren

Informieren Sie sich über die Statistiken der in Ihrer Region verbreiteten Sicherheitslücken statistics.securelist.com