November 2018 - Microsoft Releases Security Patches
Advisory Date: 14 de listopada de 2018
DESCRIPTION
Microsoft addresses vulnerabilities in its November security bulletin. Trend Micro Deep Security covers the following:
- CVE-2018-8584 - Windows ALPC Elevation of Privilege Vulnerability
Risk Rating: Important
This elevation of privilege vulnerability exists in the way Windows handles calls to ALPC. Attackers looking to exploit this vulnerability must be able to log on to the system. - CVE-2018-8408 - Windows Kernel Information Disclosure Vulnerability
Risk Rating: Important
This information disclosure vulnerability exists in the failure to properly initialize objects in memory by the Windows kernel component. Attackers looking to exploit this vulnerability must run a specially crafted application. - CVE-2018-8522 - Microsoft Outlook Remote Code Execution Vulnerability
Risk Rating: Important
This remote code execution vulnerability exists Microsoft Outlook. The vulnerability exists in the way it handles objects in memory. - CVE-2018-8539 - Microsoft Word Remote Code Execution Vulnerability
Risk Rating: Important
This remote code execution vulnerability in Microsoft Word is resolved by this patch. Attackers looking to exploit this vulnerability must convince a user to open a specially crafted Word file. - CVE-2018-8542 - Chakra Scripting Engine Memory Corruption Vulnerability
Risk Rating: Critical
This remote code execution vulnerability exists in the handling of objects in memory by the Chakra scripting engine in Microsoft Edge. This handling is corrected by this specific patch. - CVE-2018-8544 - Windows VBScript Engine Remote Code Execution Vulnerability
Risk Rating: Critical
The remote code execution vulnerability exists in the improper handling of objects in memory by the VBScript Engine. This handling is corrected by this specific patch. - CVE-2018-8552 - Scripting Engine Memory Corruption Vulnerability
Risk Rating: Important
This remote code execution vulnerability exists in the improper handling of objects in memory by the scripting engine in Internet Explorer. This handling is corrected by this specific patch. - CVE-2018-8553 - Microsoft Graphics Components Remote Code Execution Vulnerability
Risk Rating: Critical
This remote code execution vulnerability exists in the improper handling of objects in memory by Microsoft Graphics Components. This handling is corrected by this specific patch. - CVE-2018-8555 - Chakra Scripting Engine Memory Corruption Vulnerability
Risk Rating: Critical
This remote code execution vulnerability exists in the improper access of objects in memory by the Chakra scripting engine in Microsoft Edge. This handling is corrected by this specific patch. - CVE-2018-8556 - Chakra Scripting Engine Memory Corruption Vulnerability
Risk Rating: Critical
This remote code execution vulnerability exists in the improper access of objects in memory by the Chakra scripting engine in Microsoft Edge. This handling is corrected by this specific patch. - CVE-2018-8557 - Chakra Scripting Engine Memory Corruption Vulnerability
Risk Rating: Critical
This remote code execution vulnerability exists in the improper access of objects in memory by the Chakra scripting engine in Microsoft Edge. This handling is corrected by this specific patch. - CVE-2018-8563 - DirectX Information Disclosure Vulnerability
Risk Rating: Important
This information disclosure vulnerability exists in the improper access of objects in memory by DirectX. This handling is corrected by this specific patch. - CVE-2018-8565 - Win32k Information Disclosure Vulnerability
Risk Rating: Important
This information disclosure vulnerability exists in the improper way win32k component provides kernel information. This handling is corrected by this specific patch. - CVE-2018-8582 - Microsoft Outlook Remote Code Execution Vulnerability
Risk Rating: Important
This remote code execution vulnerability exists in the improper way Microsoft Outlook parses rule export files. This handling is corrected by this specific patch. - CVE-2018-8588 - Chakra Scripting Engine Memory Corruption Vulnerability
Risk Rating: Critical
This remote code execution vulnerability exists in the improper way the Chakra scripting engine in Microsoft Edge handles objects in memory. This handling is corrected by this specific patch. - CVE-2018-8589 - Windows Win32k Elevation of Privilege Vulnerability
Risk Rating: Important
This elevation of privilege vulnerability exists in the improper way Windows handles calls to Win32k.sys. This handling is corrected by this specific patch. - CVE-2018-8576 - Microsoft Outlook Remote Code Execution Vulnerability
Risk Rating: Important
This remote code execution vulnerability exists in the improper way Microsoft Outlook handles objects in memory. This handling is corrected by this specific patch.
INFORMATION EXPOSURE
Trend Micro Deep Security shields networks through the following Deep Packet Inspection (DPI) rules. Trend Micro customers using the Vulnerability Protection product or OfficeScan with Intrusion Defense Firewall (IDF) plugin are also protected from attacks using these vulnerabilities.
| Vulnerability ID | DPI Rule Number | DPI Rule Name | Release Date | Vulnerability Protection Compatibility |
| CVE-2018-8522, CVE-2018-8582, CVE-2018-8576 | 1009366 | Microsoft Outlook Multiple Security Vulnerabilities (Nov-2018) | 13-Nov-18 | YES |
| CVE-2018-8542 | 1009383 | Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8542) | 13-Nov-18 | YES |
| CVE-2018-8588 | 1009381 | Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8588) | 13-Nov-18 | YES |
| CVE-2018-8555 | 1009374 | Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8555) | 13-Nov-18 | YES |
| CVE-2018-8539 | 1009368 | Microsoft Word Remote Code Execution Vulnerability (CVE-2018-8539) | 13-Nov-18 | YES |
| CVE-2018-8556 | 1009375 | Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8556) | 13-Nov-18 | YES |
| CVE-2018-8563 | 1009378 | Microsoft Windows DirectX Information Disclosure Vulnerability (CVE-2018-8563) | 13-Nov-18 | YES |
| CVE-2018-8553 | 1009372 | Microsoft Windows Graphics Components Remote Code Execution Vulnerability (CVE-2018-8553) | 13-Nov-18 | YES |
| CVE-2018-8544 | 1009369 | Microsoft Windows VBScript Engine Remote Code Execution Vulnerability (CVE-2018-8544) | 13-Nov-18 | YES |
| CVE-2018-8408, CVE-2018-8565, CVE-2018-8589 | 1009382 | Microsoft Windows Multiple Security Vulnerabilities (Nov-2018) | 13-Nov-18 | YES |
| CVE-2018-8557 | 1009376 | Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8557) | 13-Nov-18 | YES |
| CVE-2018-8552 | 1009371 | Microsoft Internet Explorer VBScript Engine Remote Code Execution Vulnerability (CVE-2018-8552) | 13-Nov-18 | YES |