Exploits & Vulnerabilities
July Patch Tuesday: Large Adobe Security Update
Patch Tuesday for July addresses 53 Microsoft and 107 Adobe vulnerabilities.
July’s Patch Tuesday addresses 53 vulnerabilities, including 18 critical ones, most of which involve Microsoft’s browsers. These include CVE-2018-8280, CVE-2018-8286, CVE-2018-8290, CVE-2018-8294, and CVE-2018-8298, all of which are corruption bugs in the Chakra Javascript Engine that exist in the way it handles objects in memory in Microsoft Edge. An attacker could then use a specially crafted website that could potentially provide administrative rights to the perpetrator.
CVE-2018-8304, a Windows DNSAPI Denial of Service Vulnerability, is another noteworthy vulnerability addressed this month. An attacker who successfully exploits the vulnerability could cause the shutdown of a DNS server, which could disrupt an organization’s operations. However, this vulnerability does not allow attackers to execute code or change user privileges.
The following vulnerabilities were disclosed via Trend Micro’s Zero Day Initiative (ZDI):
In addition to Microsoft’s regular patch cycle, this month’s Patch Tuesday features a massive round of updates from Adobe addressing 107 vulnerabilities across different Adobe products, including Flash, Reader, Acrobat and Adobe Experience Manager. Of these, 68 came from Trend Micro’s ZDI. CVE-2018-5007, a Flash Player type confusion vulnerability that could lead to remote code execution, is a notable vulnerability patched this month.
Trend Micro™ Deep Security and Vulnerability Protection protect user systems from any threats that may target the vulnerabilities mentioned above via the following DPI rules:
- 1009115-Microsoft Windows SNMP Service Denial of Service Vulnerability (CVE-2018-0967)
- 1009181-Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2018-8283)
- 1009182-Microsoft Internet Explorer And Edge Scripting Engine Memory Corruption Vulnerability (CVE-2018-8288)
- 1009183-Microsoft Edge Information Disclosure Vulnerability (CVE-2018-8289)
- 1009184-Microsoft Internet Explorer And Edge Scripting Engine Memory Corruption Vulnerability (CVE-2018-8291)
- 1009185-Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2018-8296)
- 1009186-Microsoft Edge Information Disclosure Vulnerability (CVE-2018-8297)
- 1009187-Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2018-8298)
- 1009188-Microsoft Internet Explorer Security Feature Bypass Vulnerability (CVE-2018-0949)
- 1009189-Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2018-8125)
- 1009190-Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2018-8242)
- 1009191-Microsoft Edge Memory Corruption Vulnerability (CVE-2018-8262)
- 1009192-Microsoft Edge Memory Corruption Vulnerability (CVE-2018-8274)
- 1009193-Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2018-8275)
- 1009194-Microsoft Edge Spoofing Vulnerability (CVE-2018-8278)
- 1009195-Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2018-8279)
- 1009196-Microsoft Edge Information Disclosure Vulnerability (CVE-2018-8324)
- 1009095 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB18-09)
- 1009158 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB18-02)
- 1009167 - Adobe Acrobat And Reader Out-Of-Bounds Read Vulnerability (CVE-2018-4949)
- 1009174 - Adobe Acrobat And Reader Out-Of-Bounds Read Vulnerability (CVE-2018-4956)
Trend Micro™ TippingPoint™ customers are protected from threats that may exploit the vulnerabilities via these MainlineDV filters:
- 32358: HTTP: Microsoft Edge Spoofing Vulnerability
- 32359: HTTP: Microsoft Edge Memory Corruption Vulnerability
- 32360: HTTP: Microsoft Edge CopyFrom Type Confusion Vulnerability
- 32361: HTTP: Microsoft Edge Scripting Engine Memory Corruption Vulnerability
- 32478: HTTP: Microsoft Internet Explorer Array Type Confusion Vulnerability
- 32479: HTTP: Microsoft Edge Intl Type Confusion Vulnerability
- 32486: HTTP: Chakra Scripting Engine Type Confusion Vulnerability
- 32487: HTTP: Scripting Engine SafeArray Memory Corruption Vulnerability
- 32488: HTTP: Microsoft Edge Scripting Engine Type Confusion Vulnerability
- 32490: HTTP: Microsoft Edge Information Disclosure Vulnerability
- 32491: HTTP: Microsoft Edge Vertex Shader Buffer Overflow Vulnerability
- 32492: HTTP: Microsoft Edge Use-After-Free Vulnerability
- 32493: HTTP: Microsoft Edge TryArraySplice Use-After-Free Vulnerability
- 32494: HTTP: Microsoft Internet Explorer UNC Path Security Zone Bypass Vulnerability
- 32551: HTTP: Microsoft Edge Information Disclosure Vulnerability
- 32558: HTTP: Microsoft Edge SVG Type Confusion Vulnerability