Multiple vulnerabilities in Microsoft Products (ESU)

Beschreibung

Multiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service, bypass security restrictions, gain privileges, spoof user interface, execute arbitrary code.

Below is a complete list of vulnerabilities:

1. An elevation of privilege vulnerability in Windows can be exploited remotely to gain privileges.
2. A memory corruption vulnerability in Scripting Engine can be exploited remotely to execute arbitrary code.
3. A security feature bypass vulnerability in Internet Explorer can be exploited remotely to bypass security restrictions.
4. A denial of service vulnerability in Windows Firewall can be exploited remotely to cause denial of service.
5. A denial of service vulnerability in Windows can be exploited remotely to cause denial of service.
6. An elevation of privilege vulnerability in Windows Kernel can be exploited remotely to gain privileges.
7. A security feature bypass vulnerability in WordPad can be exploited remotely to bypass security restrictions.
8. A denial of service vulnerability in Windows DNSAPI can be exploited remotely to cause denial of service.
9. An elevation of privilege vulnerability in Win32k can be exploited remotely to gain privileges.

Ursprüngliche Informationshinweise

• CVE-2018-8314

• CVE-2018-8242
• CVE-2018-0949
• CVE-2018-8206
• CVE-2018-8309
• CVE-2018-8308
• CVE-2018-8307
• CVE-2018-8304
• CVE-2018-8282

Ausnutzung

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Betroffene Produkte

• Microsoft-Internet-Explorer
• Microsoft-Windows
• Microsoft-Windows-Server
• Microsoft-Windows-7
• Microsoft-Windows-Server-2008

CVE Liste

• CVE-2018-8282
  critical
• CVE-2018-8314
  warning
• CVE-2018-8307
  high
• CVE-2018-8309
  high
• CVE-2018-8304
  high
• CVE-2018-8308
  high
• CVE-2018-8206
  critical
• CVE-2018-0949
  high
• CVE-2018-8242
  critical

KB Liste

• 4340583
• 4338818
• 4293756
• 4339503
• 4339291
• 4339854
• 4295656
• 4338823
• 4291391
• 4345459
• 4338821
• 4345397
• 4339093

Mehr erfahren

Informieren Sie sich über die Statistiken der in Ihrer Region verbreiteten Sicherheitslücken statistics.securelist.com