Advisory Date: 14 de marca de 2018

  DESCRIPTION

Microsoft addresses 75 vulnerabilities in its March security bulletin. Trend Micro Deep Security covers the following:

  • CVE-2018-0934 - Chakra Scripting Engine Memory Corruption Vulnerability
    Risk Rating: Critical

    This remote code execution vulnerability exists in the Chakra scripting engine of Microsoft Edge. Objects in memory may be corrupted by an attacker, causing the vulnerability.


  • CVE-2018-0872 - Chakra Scripting Engine Memory Corruption Vulnerability
    Risk Rating: Critical

    This remote code execution vulnerability exists in the Chakra scripting engine of Microsoft Edge. Objects in memory may be corrupted by an attacker, causing the vulnerability.


  • CVE-2018-0930 - Chakra Scripting Engine Memory Corruption Vulnerabilit
    Risk Rating: Critical

    This remote code execution vulnerability exists in the Chakra scripting engine of Microsoft Edge. Objects in memory may be corrupted by an attacker, causing the vulnerability.


  • CVE-2018-0903 - Microsoft Access Remote Code Execution Vulnerability
    Risk Rating: Important

    The vulnerability exists in the way Microsoft Access handles objects in memory. This remote code execution vulnerability, when exploited successfully, gives attackers rights equal to the rights of the logged on user.


  • CVE-2018-0935 - Scripting Engine Memory Corruption Vulnerability
    Risk Rating: Important

    This remote code execution vulnerability exists in the scripting engine of several versions of Internet Explorer. In particular, the vulnerability lies in the way said browsers handles objects in memory.


  • CVE-2018-0855 - Windows EOT Font Engine Information Disclosure Vulnerability
    Risk Rating: Important

    This information disclosure vulnerability is addressed in the current security update from Microsoft. This vulnerbaility exists in the way Microsoft Windows Embedded OpenType (EOT) font engine processes specially crafted embedded fonts.


  • CVE-2018-0893 - Scripting Engine Memory Corruption Vulnerability
    Risk Rating: Critical

    This remote code execution vulnerability is addressed in the current security update from Microsoft. This vulnerability exists in the way the scripting engine handles objects in memory.


  • CVE-2018-0770 - Scripting Engine Memory Corruption Vulnerability
    Risk Rating: Critical

    This remote code execution vulnerability is addressed in the current security update from Microsoft. This vulnerability exists in the way the scripting engine handles objects in memory.


  • CVE-2018-0933 - Chakra Scripting Engine Memory Corruption Vulnerability
    Risk Rating: Critical

    The vulnerability exists in the way the Chakra scripting engine in Microsoft Edge handles objects in memory. This remote code execution vulnerability, when exploited successfully, gives attackers rights equal to the rights of the logged on user.


  • CVE-2018-0889 - Scripting Engine Memory Corruption Vulnerability
    Risk Rating: Critical

    The vulnerability exists in the way the scripting engine handles objects in memory. This remote code execution vulnerability, when exploited successfully, gives attackers rights equal to the rights of the logged on user.


  • CVE-2018-0817 - Windows GDI Elevation of Privilege Vulnerability
    Risk Rating: Important

    This elevation of privilege vulnerability in the Windows Graphics Device Interface (GDI) exists in the way it handles objects in memory. Attackers looking to exploit this vulnerability must be logged on to the system.


  • CVE-2018-0877 - Windows Desktop Bridge VFS Elevation of Privilege Vulnerability
    Risk Rating: Important

    The vulnerability exists in the way Windows Desktop Bridge VFS manages file paths. Attackers looking to exploit this elevation of privilege vulnerability must be logged on to the system.


  • CVE-2018-0882 - Windows Desktop Bridge Elevation of Privilege Vulnerability
    Risk Rating: Important

    The vulnerability exists in the way Windows Desktop Bridge VFS manages the virtual registry. Attackers looking to exploit this elevation of privilege vulnerability must be logged on to the system.


  • CVE-2018-0874 - Chakra Scripting Engine Memory Corruption Vulnerability
    Risk Rating: Critical

    This remote code execution vulnerability exists in the Chakra scripting engine in Microsoft Edge. It is resolved by the update that modifies the way the said scripting engine handles objects in memory.


  • CVE-2018-0922 - Microsoft Office Memory Corruption Vulnerability
    Risk Rating: Important

    This remote code execution vulnerability exists in Microsoft Office. It is resolved by the update that corrects the way Microsoft Office handles objects in memory.


  INFORMATION EXPOSURE

Trend Micro Deep Security shields networks through the following Deep Packet Inspection (DPI) rules. Trend Micro customers using the Vulnerability Protection product or OfficeScan with Intrusion Defense Firewall (IDF) plugin are also protected from attacks using these vulnerabilities.

Vulnerability ID DPI Rule Number DPI Rule Name Release Date Vulnerability Protection Compatibility
CVE-2018-09345 1008934 Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2018-0934) 13-Mar-18 YES
CVE-2018-0872 1008922 Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2018-0872) 13-Mar-18 YES
CVE-2018-0930 1008932 Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2018-0930) 13-Mar-18 YES
CVE-2018-0903 1008930 Microsoft Access Remote Code Execution Vulnerability (CVE-2018-0903) 13-Mar-18 YES
CVE-2018-0935 1008935 Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2018-0935) 13-Mar-18 YES
CVE-2018-0855 1008897 Microsoft Windows EOT Font Engine Information Disclosure Vulnerability (CVE-2018-0855) 13-Mar-18 YES
CVE-2018-0893 1008929 Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2018-0893) 13-Mar-18 YES
CVE-2018-0770 1008900 Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2018-0770) 13-Mar-18 YES
CVE-2018-0933 1008933 Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2018-0933) 13-Mar-18 YES
CVE-2018-0889 1008928 Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2018-0889) 13-Mar-18 YES
CVE-2018-0817, CVE-2018-0877, CVE-2018-0882 1008936 Microsoft Windows Multiple Elevation Of Privilege Vulnerabilities (March-2018) 13-Mar-18 YES
CVE-2018-0874 1008923 Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2018-0889) 13-Mar-18 YES
CVE-2018-0922 1008931 Microsoft Office Memory Corruption Vulnerability (CVE-2018-0922) 13-Mar-18 YES

  SOLUTION