Kaspersky Threats — KLA11167

KLA11167
Multiple vulnerabilities in Microsoft Development Tools

Обновлено: 18/06/2020

Дата обнаружения	03/01/2018
Уровень угрозы	High
Описание	Multiple serious vulnerabilities have been found in Microsoft ChakraCore. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions and obtain sensitive information. Below is a complete list of vulnerabilities: An improper handling of objects in memory in Microsoft Edge can be exploited remotely via a specially crafted website to obtain sensitive information; Memory corruption vulnerability in Microsoft browsers can be exploited remotely via a specially designed website to execute arbitrary code; An unspecified vulnerability in Control Flow Guard (CFG) component of Microsoft ChakraCore can be exploited remotely via a specially designed website to bypass security restrictions and possibly to execute arbitrary code.
Пораженные продукты	ChakraCore
Решение	Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Первичный источник обнаружения	CVE-2018-0758 CVE-2018-0762 CVE-2018-0767 CVE-2018-0768 CVE-2018-0769 CVE-2018-0770 CVE-2018-0772 CVE-2018-0773 CVE-2018-0774 CVE-2018-0775 CVE-2018-0776 CVE-2018-0777 CVE-2018-0778 CVE-2018-0780 CVE-2018-0781 CVE-2018-0800 CVE-2018-0818
Оказываемое влияние ?	ACE [?] OSI [?] PE [?]
Связанные продукты	Microsoft Internet Explorer Microsoft Edge
CVE-IDS	CVE-2018-07580.0Unknown CVE-2018-07620.0Unknown CVE-2018-07670.0Unknown CVE-2018-07680.0Unknown CVE-2018-07690.0Unknown CVE-2018-07700.0Unknown CVE-2018-07720.0Unknown CVE-2018-07730.0Unknown CVE-2018-07740.0Unknown CVE-2018-07750.0Unknown CVE-2018-07760.0Unknown CVE-2018-07770.0Unknown CVE-2018-07780.0Unknown CVE-2018-07800.0Unknown CVE-2018-07810.0Unknown CVE-2018-08000.0Unknown CVE-2018-08180.0Unknown
Microsoft official advisories	Microsoft Security Update Guide
Эксплуатация	The following public exploits exists for this vulnerability: https://www.exploit-db.com/exploits/43491 https://www.exploit-db.com/exploits/43522 https://www.exploit-db.com/exploits/43710 https://www.exploit-db.com/exploits/44075 https://www.exploit-db.com/exploits/43715 https://www.exploit-db.com/exploits/43717 https://www.exploit-db.com/exploits/43723 https://www.exploit-db.com/exploits/43718 https://www.exploit-db.com/exploits/43720 Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.