Today’s VERT Alert addresses Microsoft’s December 2018 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-809 on Wednesday, December 12th.In-The-Wild & Disclosed CVEsCVE-2018-8611Microsoft is reporting that this Windows kernel privilege escalation vulnerability is seeing active exploitation on older versions of Windows. Successful exploitation can allow an attacker to run code in kernel mode. This issue was resolved by changing how the Windows kernel handles objects in memory.Microsoft has rated this as a 1 on the Exploitability Index (Exploitation More Likely) on their latest Windows release, while active exploitation has been detected on older releases.CVE-2018-8517This vulnerability is a publicly disclosed issue with the .NET Framework that could allow an unauthenticated attacker to DoS a .NET Framework based web application by sending malformed web requests.Microsoft has rated this as a 3 on the Exploitability Index (Exploitation Unlikely).CVE Breakdown by TagWhile historical Microsoft Security Bulletin groupings are gone, Microsoft vulnerabilities are tagged with an identifier. This list provides a breakdown of the CVEs on a per tag basis. Other InformationIn addition to the Microsoft vulnerabilities included in the December Security Guidance, a pair of Adobe bulletins are available today.December 2018 Adobe Flash Security Update [ADV180031]Microsoft released updates for Adobe Flash. These correspond with Adobe Update APSB18-42. This includes fixes for CVE-2018-15982 and CVE-2018-15983.Security Bulletin for Adobe Acrobat and Reader [APSB-41]Adobe has released security updates for Adobe Acrobat and Reader. This includes fixes for 87 CVEs.
Written by Zaid Shoorbajee
December 2018 Security Updates
|CVE||Disclosed||Exploited||Exploitability (old versions)||current version||Severity||CVSS Base (AVG)||CVSS Temporal (AVG)|
|.NET Framework Denial Of Service Vulnerability|
|.NET Framework Remote Code Injection Vulnerability|
|CVE-2018-8540||No||No||Less Likely||Less Likely||Critical|
|Chakra Scripting Engine Memory Corruption Vulnerability|
|Connected User Experiences and Telemetry Service Denial of Service Vulnerability|
|CVE-2018-8612||No||No||More Likely||More Likely||Important||4.7||4.7|
|December 2018 Adobe Flash Security Update|
|Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability|
|CVE-2018-8599||No||No||More Likely||More Likely||Important||7.0||6.3|
|DirectX Information Disclosure Vulnerability|
|Internet Explorer Memory Corruption Vulnerability|
|CVE-2018-8631||No||No||More Likely||More Likely||Critical||6.4||5.8|
|Internet Explorer Remote Code Execution Vulnerability|
|CVE-2018-8619||No||No||More Likely||More Likely||Important||6.4||5.8|
|Microsoft Dynamics NAV Cross Site Scripting Vulnerability|
|CVE-2018-8651||No||No||Less Likely||Less Likely||Important|
|Microsoft Excel Information Disclosure Vulnerability|
|CVE-2018-8598||No||No||Less Likely||Less Likely||Important|
|CVE-2018-8627||No||No||Less Likely||Less Likely||Important|
|Microsoft Excel Remote Code Execution Vulnerability|
|CVE-2018-8597||No||No||More Likely||More Likely||Important|
|CVE-2018-8636||No||No||Less Likely||Less Likely||Important|
|Microsoft Exchange Server Tampering Vulnerability|
|CVE-2018-8604||No||No||Less Likely||Less Likely||Important|
|Microsoft Outlook Remote Code Execution Vulnerability|
|CVE-2018-8587||No||No||More Likely||More Likely||Important|
|Microsoft PowerPoint Remote Code Execution Vulnerability|
|CVE-2018-8628||No||No||More Likely||More Likely||Important|
|Microsoft SharePoint Information Disclosure Vulnerability|
|Microsoft SharePoint Server Elevation of Privilege Vulnerability|
|Microsoft Text-To-Speech Remote Code Execution Vulnerability|
|CVE-2018-8634||No||No||More Likely||More Likely||Critical||4.2||3.8|
|Remote Procedure Call runtime Information Disclosure Vulnerability|
|CVE-2018-8514||No||No||Less Likely||Less Likely||Important||3.3||3.3|
|Scripting Engine Memory Corruption Vulnerability|
|CVE-2018-8643||No||No||More Likely||More Likely||Important||6.4||5.8|
|Win32k Elevation of Privilege Vulnerability|
|CVE-2018-8639||No||No||More Likely||More Likely||Important||7.0||6.3|
|CVE-2018-8641||No||No||More Likely||More Likely||Important||7.0||6.3|
|Win32k Information Disclosure Vulnerability|
|CVE-2018-8637||No||No||More Likely||More Likely||Important||4.7||4.2|
|Windows Azure Pack Cross Site Scripting Vulnerability|
|Windows DNS Server Heap Overflow Vulnerability|
|CVE-2018-8626||No||No||Less Likely||Less Likely||Critical||9.8||8.8|
|Windows Denial of Service Vulnerability|
|Windows GDI Information Disclosure Vulnerability|
|CVE-2018-8595||No||No||More Likely||More Likely||Important||4.7||4.2|
|CVE-2018-8596||No||No||More Likely||More Likely||Important||4.7||4.2|
|Windows Kernel Elevation of Privilege Vulnerability|
|Windows Kernel Information Disclosure Vulnerability|
|CVE-2018-8477||No||No||More Likely||More Likely||Important||3.3||3.3|
|Windows VBScript Engine Remote Code Execution Vulnerability|
|CVE-2018-8625||No||No||More Likely||More Likely||Important||6.4||5.8|
For a detailed breakdown please see Renato’s Dashboard:
Unfollow Me is a campaign from Broadly, highlighting the under-reported issue of stalking and domestic abuse, and amplifying the voices of victims and survivors. In the UK, we have partnered with anti-stalking charity Paladin’s calls to introduce a Stalkers Register. Follow all of Broadly’s coverage here.
Microsoft’s Patch Tuesday updates for December 2018 address nearly 40 vulnerabilities, including a zero-day flaw affecting the Windows kernel.
Today, on SAP’s Security Patch Day, the company published 17 security notes, including a few that had been published during the month after the last Patch Day. Two notes tagged as Hot News and three tagged as High Priority excel over the rest, including a recurrent re-released note about Chromium (#2622660), a bug in SAP Hybris (#2711425) and a critical missing authorization check previously reported by the Onapsis Research Labs affecting most SAP users (#2698996). This last note affects not only SAP Netweaver ABAP systems, but also S/4HANA environments.
SAP Kernel and Change and Transport System CVE-2018-2441 Security Bypass Vulnerability
New NIST TLS Management Guidelines for InfoSec [Expert Advice]
Tue, 12/11/2018 – 09:05
It’s an ad duoply battle. Facebook is starting to test search ads in its search results and Marketplace, directly competing with Google’s AdWords. Facebook first tried Sponsored Results back in 2012 but eventually shut down the product in 2013. Now it’s going to let a small set of automotive, retail, and ecommerce industry advertisers show users ads on the search results page on mobile in the US and Canada.
Never know what to get the person who has “everything”? It’s pretty unlikely they’ll have anything crafted by death row inmates, and that’s where San Quentin State Prison’s Handicraft Shop (aka the Hobby Shop) comes in.
Like the teenager with no driving experience who takes the family SUV on the open highway, even the simplest devices that are connecting to corporate networks have the power to participate in an attack and cause serious damage.
We bring word of yet more data exposure, in the form of “nonsensitive” data scraping to the tune of 66m records across 3 large databases. The information was apparently scraped from various sources and left to gather dust, for anyone lucky enough to stumble upon it.
Written by Jeff Stone
A presidential advisory council has warned the White House and Department of Homeland Security in no uncertain terms that a catastrophic months-long power outage represents a “profound threat [that] requires a new national focus.”
Regulated investment firms use the web to gather market intelligence, to access data aggregation tools and business apps, and to communicate via webmail and social media.
Equifax doxed 145 million Americans, dumping their most sensitive financial data into the world forever, with repercussions that will be felt for decades to come.
Today’s post was written by Sue Bohn, partner director of Program Management, and Peter Vallianatos and Phillip Nottoli, directors of IT Infrastructure and Security at The Walsh Group.
SAP HANA CVE-2018-2497 Security Bypass Vulnerability
Today, we announce a new Netsparker feature, the Netsparker Radar – Application & Service Discovery Service. This feature can both discover and catalog the websites or web applications that your business has online, including those you may have forgotten. This will help you ensure that you have better security coverage for all your web applications, services, and other online collateral.
An apartment building in Chersky, Russia, partially destroyed by thawing icy permafrost. Image: Vladimir Romanovsky