102384

1040100

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0803

The remote Windows host is missing security update 4056893 or 4075199. It is, therefore, affected by multiple vulnerabilities :

  - An vulnerability exists within microprocessors utilizing     speculative execution and indirect branch prediction,     which may allow an attacker with local user access to     disclose information via a side-channel analysis.
    (CVE-2017-5715, CVE-2017-5753, CVE-2017-5754)

  - An elevation of privilege vulnerability exists when the     Windows kernel fails to properly handle objects in     memory. An attacker who successfully exploited this     vulnerability could run arbitrary code in kernel mode.
    An attacker could then install programs; view, change,     or delete data; or create new accounts with full user     rights.  (CVE-2018-0744)

  - A remote code execution vulnerability exists in the way     that the scripting engine handles objects in memory in     Microsoft Edge. The vulnerability could corrupt memory     in such a way that an attacker could execute arbitrary     code in the context of the current user. An attacker who     successfully exploited the vulnerability could gain the     same user rights as the current user.  (CVE-2018-0758,     CVE-2018-0769, CVE-2018-0770, CVE-2018-0776,     CVE-2018-0777)

  - An information disclosure vulnerability exists in the     Windows kernel that could allow an attacker to retrieve     information that could lead to a Kernel Address Space     Layout Randomization (ASLR) bypass. An attacker who     successfully exploited the vulnerability could retrieve     the memory address of a kernel object.  (CVE-2018-0746,     CVE-2018-0747)

  - An information disclosure vulnerability exists when the     scripting engine does not properly handle objects in     memory in Microsoft Edge. An attacker who successfully     exploited the vulnerability could obtain information to     further compromise the users system.  (CVE-2018-0780)

  - An elevation of privilege vulnerability exists when     Microsoft Edge does not properly enforce cross-domain     policies, which could allow an attacker to access     information from one domain and inject it into another     domain.  (CVE-2018-0803)

  - An information disclosure vulnerability exists in     Windows Adobe Type Manager Font Driver (ATMFD.dll) when     it fails to properly handle objects in memory. An     attacker who successfully exploited this vulnerability     could potentially read data that was not intended to be     disclosed. Note that this vulnerability would not allow     an attacker to execute code or to elevate their user     rights directly, but it could be used to obtain     information that could be used to try to further     compromise the affected system.  (CVE-2018-0754)

  - A remote code execution vulnerability exists in the way     the scripting engine handles objects in memory in     Microsoft browsers. The vulnerability could corrupt     memory in such a way that an attacker could execute     arbitrary code in the context of the current user. An     attacker who successfully exploited the vulnerability     could gain the same user rights as the current user.
    (CVE-2018-0762, CVE-2018-0772)

  - An information disclosure vulnerability exists when     Microsoft Edge PDF Reader improperly handles objects in     memory. An attacker who successfully exploited the     vulnerability could obtain information to further     compromise the users system.  (CVE-2018-0766)

  - An elevation of privilege vulnerability exists in the     way that the Windows Kernel API enforces permissions. An     attacker who successfully exploited the vulnerability     could impersonate processes, interject cross-process     communication, or interrupt system functionality.
    (CVE-2018-0748, CVE-2018-0751, CVE-2018-0752)

  - An elevation of privilege vulnerability exists in the     Microsoft Server Message Block (SMB) Server when an     attacker with valid credentials attempts to open a     specially crafted file over the SMB protocol on the same     machine. An attacker who successfully exploited this     vulnerability could bypass certain security checks in     the operating system.  (CVE-2018-0749)

  - A denial of service vulnerability exists in the way that     Windows handles objects in memory. An attacker who     successfully exploited the vulnerability could cause a     target system to stop responding. Note that the denial     of service condition would not allow an attacker to     execute code or to elevate user privileges. However, the     denial of service condition could prevent authorized     users from using system resources. The security update     addresses the vulnerability by correcting how Windows     handles objects in memory. (CVE-2018-0753)

The remote Windows host is missing security update 4056892 or 4073291. It is, therefore, affected by multiple vulnerabilities :

  - An vulnerability exists within microprocessors utilizing     speculative execution and indirect branch prediction,     which may allow an attacker with local user access to     disclose information via a side-channel analysis.
    (CVE-2017-5715, CVE-2017-5753, CVE-2017-5754)

  - An elevation of privilege vulnerability exists when the     Windows kernel fails to properly handle objects in     memory. An attacker who successfully exploited this     vulnerability could run arbitrary code in kernel mode.
    An attacker could then install programs; view, change,     or delete data; or create new accounts with full user     rights.  (CVE-2018-0744)

  - An information disclosure vulnerability exists when the     scripting engine does not properly handle objects in     memory in Microsoft Edge. An attacker who successfully     exploited the vulnerability could obtain information to     further compromise the users system.  (CVE-2018-0767,     CVE-2018-0780, CVE-2018-0800)

  - An elevation of privilege vulnerability exists when     Microsoft Edge does not properly enforce cross-domain     policies, which could allow an attacker to access     information from one domain and inject it into another     domain.  (CVE-2018-0803)

  - An information disclosure vulnerability exists in     Windows Adobe Type Manager Font Driver (ATMFD.dll) when     it fails to properly handle objects in memory. An     attacker who successfully exploited this vulnerability     could potentially read data that was not intended to be     disclosed. Note that this vulnerability would not allow     an attacker to execute code or to elevate their user     rights directly, but it could be used to obtain     information that could be used to try to further     compromise the affected system.  (CVE-2018-0754)

  - A remote code execution vulnerability exists in the way     the scripting engine handles objects in memory in     Microsoft browsers. The vulnerability could corrupt     memory in such a way that an attacker could execute     arbitrary code in the context of the current user. An     attacker who successfully exploited the vulnerability     could gain the same user rights as the current user.
    (CVE-2018-0762, CVE-2018-0772)

  - An information disclosure vulnerability exists when     Microsoft Edge PDF Reader improperly handles objects in     memory. An attacker who successfully exploited the     vulnerability could obtain information to further     compromise the users system.  (CVE-2018-0766)

  - An elevation of privilege vulnerability exists in the     way that the Windows Kernel API enforces permissions. An     attacker who successfully exploited the vulnerability     could impersonate processes, interject cross-process     communication, or interrupt system functionality.
    (CVE-2018-0748, CVE-2018-0751, CVE-2018-0752)

  - A remote code execution vulnerability exists in the way     that the scripting engine handles objects in memory in     Microsoft Edge. The vulnerability could corrupt memory     in such a way that an attacker could execute arbitrary     code in the context of the current user. An attacker who     successfully exploited the vulnerability could gain the     same user rights as the current user.  (CVE-2018-0758,     CVE-2018-0768, CVE-2018-0769, CVE-2018-0770,     CVE-2018-0773, CVE-2018-0774, CVE-2018-0775,     CVE-2018-0776, CVE-2018-0777, CVE-2018-0778,     CVE-2018-0781)

  - An elevation of privilege vulnerability exists in the     Microsoft Server Message Block (SMB) Server when an     attacker with valid credentials attempts to open a     specially crafted file over the SMB protocol on the same     machine. An attacker who successfully exploited this     vulnerability could bypass certain security checks in     the operating system.  (CVE-2018-0749)

  - A denial of service vulnerability exists in the way that     Windows handles objects in memory. An attacker who     successfully exploited the vulnerability could cause a     target system to stop responding. Note that the denial     of service condition would not allow an attacker to     execute code or to elevate user privileges. However, the     denial of service condition could prevent authorized     users from using system resources. The security update     addresses the vulnerability by correcting how Windows     handles objects in memory. (CVE-2018-0753)

  - An information disclosure vulnerability exists in the     Windows kernel that could allow an attacker to retrieve     information that could lead to a Kernel Address Space     Layout Randomization (ASLR) bypass. An attacker who     successfully exploited the vulnerability could retrieve     the memory address of a kernel object.  (CVE-2018-0745,     CVE-2018-0746, CVE-2018-0747)

  - An elevation of privilege vulnerability exists due to an     integer overflow in Windows Subsystem for Linux. An     attacker who successfully exploited the vulnerability     could execute code with elevated permissions.
    (CVE-2018-0743)

The remote Windows host is missing security update 4056891 or 4057144. It is, therefore, affected by multiple vulnerabilities :

  - An vulnerability exists within microprocessors utilizing     speculative execution and indirect branch prediction,     which may allow an attacker with local user access to     disclose information via a side-channel analysis.
    (CVE-2017-5715, CVE-2017-5753, CVE-2017-5754)

  - An elevation of privilege vulnerability exists when the     Windows kernel fails to properly handle objects in     memory. An attacker who successfully exploited this     vulnerability could run arbitrary code in kernel mode.
    An attacker could then install programs; view, change,     or delete data; or create new accounts with full user     rights.  (CVE-2018-0744)

  - A remote code execution vulnerability exists in the way     that the scripting engine handles objects in memory in     Microsoft Edge. The vulnerability could corrupt memory     in such a way that an attacker could execute arbitrary     code in the context of the current user. An attacker who     successfully exploited the vulnerability could gain the     same user rights as the current user.  (CVE-2018-0758,     CVE-2018-0769, CVE-2018-0770, CVE-2018-0776,     CVE-2018-0777, CVE-2018-0781)

  - An elevation of privilege vulnerability exists in the     way that the Windows Kernel API enforces permissions. An     attacker who successfully exploited the vulnerability     could impersonate processes, interject cross-process     communication, or interrupt system functionality.
    (CVE-2018-0748, CVE-2018-0751, CVE-2018-0752)

  - An elevation of privilege vulnerability exists when     Microsoft Edge does not properly enforce cross-domain     policies, which could allow an attacker to access     information from one domain and inject it into another     domain.  (CVE-2018-0803)

  - An information disclosure vulnerability exists in     Windows Adobe Type Manager Font Driver (ATMFD.dll) when     it fails to properly handle objects in memory. An     attacker who successfully exploited this vulnerability     could potentially read data that was not intended to be     disclosed. Note that this vulnerability would not allow     an attacker to execute code or to elevate their user     rights directly, but it could be used to obtain     information that could be used to try to further     compromise the affected system.  (CVE-2018-0754)

  - A remote code execution vulnerability exists in the way     the scripting engine handles objects in memory in     Microsoft browsers. The vulnerability could corrupt     memory in such a way that an attacker could execute     arbitrary code in the context of the current user. An     attacker who successfully exploited the vulnerability     could gain the same user rights as the current user.
    (CVE-2018-0762, CVE-2018-0772)

  - An information disclosure vulnerability exists when     Microsoft Edge PDF Reader improperly handles objects in     memory. An attacker who successfully exploited the     vulnerability could obtain information to further     compromise the users system.  (CVE-2018-0766)

  - An information disclosure vulnerability exists when the     scripting engine does not properly handle objects in     memory in Microsoft Edge. An attacker who successfully     exploited the vulnerability could obtain information to     further compromise the users system.  (CVE-2018-0767,     CVE-2018-0780)

  - An elevation of privilege vulnerability exists in the     Microsoft Server Message Block (SMB) Server when an     attacker with valid credentials attempts to open a     specially crafted file over the SMB protocol on the same     machine. An attacker who successfully exploited this     vulnerability could bypass certain security checks in     the operating system.  (CVE-2018-0749)

  - A denial of service vulnerability exists in the way that     Windows handles objects in memory. An attacker who     successfully exploited the vulnerability could cause a     target system to stop responding. Note that the denial     of service condition would not allow an attacker to     execute code or to elevate user privileges. However, the     denial of service condition could prevent authorized     users from using system resources. The security update     addresses the vulnerability by correcting how Windows     handles objects in memory. (CVE-2018-0753)

  - An information disclosure vulnerability exists in the     Windows kernel that could allow an attacker to retrieve     information that could lead to a Kernel Address Space     Layout Randomization (ASLR) bypass. An attacker who     successfully exploited the vulnerability could retrieve     the memory address of a kernel object.  (CVE-2018-0745,     CVE-2018-0746, CVE-2018-0747)

  - An elevation of privilege vulnerability exists due to an     integer overflow in Windows Subsystem for Linux. An     attacker who successfully exploited the vulnerability     could execute code with elevated permissions.
    (CVE-2018-0743)

The remote Windows host is missing security update 4056890 or 4057142. It is, therefore, affected by multiple vulnerabilities :

  - An vulnerability exists within microprocessors utilizing     speculative execution and indirect branch prediction,     which may allow an attacker with local user access to     disclose information via a side-channel analysis.
    (CVE-2017-5715, CVE-2017-5753, CVE-2017-5754)

  - An elevation of privilege vulnerability exists when the     Windows kernel fails to properly handle objects in     memory. An attacker who successfully exploited this     vulnerability could run arbitrary code in kernel mode.
    An attacker could then install programs; view, change,     or delete data; or create new accounts with full user     rights.  (CVE-2018-0744)

  - A remote code execution vulnerability exists in the way     that the scripting engine handles objects in memory in     Microsoft Edge. The vulnerability could corrupt memory     in such a way that an attacker could execute arbitrary     code in the context of the current user. An attacker who     successfully exploited the vulnerability could gain the     same user rights as the current user.  (CVE-2018-0758,     CVE-2018-0769, CVE-2018-0770, CVE-2018-0776,     CVE-2018-0777, CVE-2018-0781)

  - An information disclosure vulnerability exists in the     Windows kernel that could allow an attacker to retrieve     information that could lead to a Kernel Address Space     Layout Randomization (ASLR) bypass. An attacker who     successfully exploited the vulnerability could retrieve     the memory address of a kernel object.  (CVE-2018-0746,     CVE-2018-0747)

  - An elevation of privilege vulnerability exists when     Microsoft Edge does not properly enforce cross-domain     policies, which could allow an attacker to access     information from one domain and inject it into another     domain.  (CVE-2018-0803)

  - An information disclosure vulnerability exists in     Windows Adobe Type Manager Font Driver (ATMFD.dll) when     it fails to properly handle objects in memory. An     attacker who successfully exploited this vulnerability     could potentially read data that was not intended to be     disclosed. Note that this vulnerability would not allow     an attacker to execute code or to elevate their user     rights directly, but it could be used to obtain     information that could be used to try to further     compromise the affected system.  (CVE-2018-0754)

  - A remote code execution vulnerability exists in the way     the scripting engine handles objects in memory in     Microsoft browsers. The vulnerability could corrupt     memory in such a way that an attacker could execute     arbitrary code in the context of the current user. An     attacker who successfully exploited the vulnerability     could gain the same user rights as the current user.
    (CVE-2018-0762, CVE-2018-0772)

  - An information disclosure vulnerability exists when     Microsoft Edge PDF Reader improperly handles objects in     memory. An attacker who successfully exploited the     vulnerability could obtain information to further     compromise the users system.  (CVE-2018-0766)

  - An elevation of privilege vulnerability exists in the     way that the Windows Kernel API enforces permissions. An     attacker who successfully exploited the vulnerability     could impersonate processes, interject cross-process     communication, or interrupt system functionality.
    (CVE-2018-0748, CVE-2018-0751, CVE-2018-0752)

  - An information disclosure vulnerability exists when the     scripting engine does not properly handle objects in     memory in Microsoft Edge. An attacker who successfully     exploited the vulnerability could obtain information to     further compromise the users system.  (CVE-2018-0767,     CVE-2018-0780)

  - An elevation of privilege vulnerability exists in the     Microsoft Server Message Block (SMB) Server when an     attacker with valid credentials attempts to open a     specially crafted file over the SMB protocol on the same     machine. An attacker who successfully exploited this     vulnerability could bypass certain security checks in     the operating system.  (CVE-2018-0749)

  - A denial of service vulnerability exists in the way that     Windows handles objects in memory. An attacker who     successfully exploited the vulnerability could cause a     target system to stop responding. Note that the denial     of service condition would not allow an attacker to     execute code or to elevate user privileges. However, the     denial of service condition could prevent authorized     users from using system resources. The security update     addresses the vulnerability by correcting how Windows     handles objects in memory. (CVE-2018-0753)

The remote Windows host is missing security update 4056888 or 4075200. It is, therefore, affected by multiple vulnerabilities :

  - An vulnerability exists within microprocessors utilizing     speculative execution and indirect branch prediction,     which may allow an attacker with local user access to     disclose information via a side-channel analysis.
    (CVE-2017-5715, CVE-2017-5753, CVE-2017-5754)

  - An elevation of privilege vulnerability exists when the     Windows kernel fails to properly handle objects in     memory. An attacker who successfully exploited this     vulnerability could run arbitrary code in kernel mode.
    An attacker could then install programs; view, change,     or delete data; or create new accounts with full user     rights.  (CVE-2018-0744)

  - A remote code execution vulnerability exists in the way     that the scripting engine handles objects in memory in     Microsoft Edge. The vulnerability could corrupt memory     in such a way that an attacker could execute arbitrary     code in the context of the current user. An attacker who     successfully exploited the vulnerability could gain the     same user rights as the current user.  (CVE-2018-0758,     CVE-2018-0769, CVE-2018-0770, CVE-2018-0776,     CVE-2018-0777, CVE-2018-0781)

  - An information disclosure vulnerability exists in the     Windows kernel that could allow an attacker to retrieve     information that could lead to a Kernel Address Space     Layout Randomization (ASLR) bypass. An attacker who     successfully exploited the vulnerability could retrieve     the memory address of a kernel object.  (CVE-2018-0746,     CVE-2018-0747)

  - An elevation of privilege vulnerability exists when     Microsoft Edge does not properly enforce cross-domain     policies, which could allow an attacker to access     information from one domain and inject it into another     domain.  (CVE-2018-0803)

  - An information disclosure vulnerability exists in     Windows Adobe Type Manager Font Driver (ATMFD.dll) when     it fails to properly handle objects in memory. An     attacker who successfully exploited this vulnerability     could potentially read data that was not intended to be     disclosed. Note that this vulnerability would not allow     an attacker to execute code or to elevate their user     rights directly, but it could be used to obtain     information that could be used to try to further     compromise the affected system.  (CVE-2018-0754)

  - A remote code execution vulnerability exists in the way     the scripting engine handles objects in memory in     Microsoft browsers. The vulnerability could corrupt     memory in such a way that an attacker could execute     arbitrary code in the context of the current user. An     attacker who successfully exploited the vulnerability     could gain the same user rights as the current user.
    (CVE-2018-0762, CVE-2018-0772)

  - An information disclosure vulnerability exists when     Microsoft Edge PDF Reader improperly handles objects in     memory. An attacker who successfully exploited the     vulnerability could obtain information to further     compromise the users system.  (CVE-2018-0766)

  - An elevation of privilege vulnerability exists in the     way that the Windows Kernel API enforces permissions. An     attacker who successfully exploited the vulnerability     could impersonate processes, interject cross-process     communication, or interrupt system functionality.
    (CVE-2018-0748, CVE-2018-0751, CVE-2018-0752)

  - An information disclosure vulnerability exists when the     scripting engine does not properly handle objects in     memory in Microsoft Edge. An attacker who successfully     exploited the vulnerability could obtain information to     further compromise the users system.  (CVE-2018-0767,     CVE-2018-0780)

  - An elevation of privilege vulnerability exists in the     Microsoft Server Message Block (SMB) Server when an     attacker with valid credentials attempts to open a     specially crafted file over the SMB protocol on the same     machine. An attacker who successfully exploited this     vulnerability could bypass certain security checks in     the operating system.  (CVE-2018-0749)

  - A denial of service vulnerability exists in the way that     Windows handles objects in memory. An attacker who     successfully exploited the vulnerability could cause a     target system to stop responding. Note that the denial     of service condition would not allow an attacker to     execute code or to elevate user privileges. However, the     denial of service condition could prevent authorized     users from using system resources. The security update     addresses the vulnerability by correcting how Windows     handles objects in memory. (CVE-2018-0753)

ID	Name	Product	Family	Severity
105551	KB4056893: Windows 10 LTSB January 2018 Security Update (Meltdown)(Spectre)	Nessus	Windows : Microsoft Bulletins	high
105550	KB4056892: Windows 10 Version 1709 and Windows Server Version 1709 January 2018 Security Update (Meltdown)(Spectre)	Nessus	Windows : Microsoft Bulletins	high
105549	KB4056891: Windows 10 Version 1703 January 2018 Security Update (Meltdown)(Spectre)	Nessus	Windows : Microsoft Bulletins	high
105548	KB4056890: Windows 10 Version 1607 and Windows Server 2016 January 2018 Security Update (Meltdown)(Spectre)	Nessus	Windows : Microsoft Bulletins	high
105547	KB4056888: Windows 10 Version 1511 January 2018 Security Update (Meltdown)(Spectre)	Nessus	Windows : Microsoft Bulletins	high

CVE-2018-0803

Description

References

Details

Risk Information

CVSS v2.0

CVSS v3.0

Vulnerable Software

Configuration 1

Tenable Plugins