104359

1041100

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8175

The remote Windows host is missing security update 4284835.
It is, therefore, affected by multiple vulnerabilities :

  - An elevation of privilege vulnerability exists when the     (Human Interface Device) HID Parser Library driver     improperly handles objects in memory. An attacker who     successfully exploited this vulnerability could run     processes in an elevated context.  (CVE-2018-8169)

  - A memory corruption vulnerability exists when Windows     Media Foundation improperly handles objects in memory.
    An attacker who successfully exploited the vulnerability     could install programs; view, change, or delete data; or     create new accounts with full user rights. There are     multiple ways an attacker could exploit the     vulnerability, such as by convincing a user to open a     specially crafted document, or by convincing a user to     visit a malicious webpage. The security update addresses     the vulnerability by correcting how Windows Media     Foundation handles objects in memory. (CVE-2018-8251)

  - A denial of service vulnerability exists when Windows     improperly handles objects in memory. An attacker who     successfully exploited the vulnerability could cause a     target system to stop responding.  (CVE-2018-8205)

  - An denial of service vulnerability exists when Windows     NT WEBDAV Minirdr attempts to query a WEBDAV directory.
    An attacker who successfully exploited the vulnerability     could cause a denial of service.  (CVE-2018-8175)

  - An information disclosure vulnerability exists when the     Windows GDI component improperly discloses the contents     of its memory. An attacker who successfully exploited     the vulnerability could obtain information to further     compromise the users system. There are multiple ways an     attacker could exploit the vulnerability, such as by     convincing a user to open a specially crafted document,     or by convincing a user to visit an untrusted webpage.
    The security update addresses the vulnerability by     correcting how the Windows GDI component handles objects     in memory. (CVE-2018-8239)

  - A remote code execution vulnerability exists when HTTP     Protocol Stack (Http.sys) improperly handles objects in     memory. An attacker who successfully exploited this     vulnerability could execute arbitrary code and take     control of the affected system.  (CVE-2018-8231)

  - An information disclosure vulnerability exists when the     Windows kernel improperly initializes objects in memory.
    (CVE-2018-8121)

  - A security feature bypass vulnerability exists in Device     Guard that could allow an attacker to inject malicious     code into a Windows PowerShell session. An attacker who     successfully exploited this vulnerability could inject     code into a trusted PowerShell process to bypass the     Device Guard Code Integrity policy on the local machine.
    (CVE-2018-8201, CVE-2018-8211, CVE-2018-8212,     CVE-2018-8215, CVE-2018-8221)

  - An information disclosure vulnerability exists when     Microsoft Edge improperly handles objects in memory. An     attacker who successfully exploited the vulnerability     could obtain information to further compromise the users     system.  (CVE-2018-8234)

  - An Elevation of Privilege vulnerability exists when     Cortana retrieves data from user input services without     consideration for status. An attacker who successfully     exploited the vulnerability could execute commands with     elevated permissions.  (CVE-2018-8140)

  - A denial of service vulnerability exists in the HTTP 2.0     protocol stack (HTTP.sys) when HTTP.sys improperly     parses specially crafted HTTP 2.0 requests. An attacker     who successfully exploited the vulnerability could     create a denial of service condition, causing the target     system to become unresponsive.  (CVE-2018-8226)

  - A remote code execution vulnerability exists in the way     that the scripting engine handles objects in memory in     Internet Explorer. The vulnerability could corrupt     memory in such a way that an attacker could execute     arbitrary code in the context of the current user. An     attacker who successfully exploited the vulnerability     could gain the same user rights as the current user.
    (CVE-2018-8267)

  - An information disclosure vulnerability exists when the     Windows kernel improperly handles objects in memory. An     attacker who successfully exploited this vulnerability     could obtain information to further compromise the users     system.  (CVE-2018-8207)

  - An elevation of privilege vulnerability exists in     Windows when the Win32k component fails to properly     handle objects in memory. An attacker who successfully     exploited this vulnerability could run arbitrary code in     kernel mode. An attacker could then install programs;
    view, change, or delete data; or create new accounts     with full user rights.  (CVE-2018-8233)

  - An elevation of privilege vulnerability exists when NTFS     improperly checks access. An attacker who successfully     exploited this vulnerability could run processes in an     elevated context.  (CVE-2018-1036)

  - A remote code execution vulnerability exists in Windows     Domain Name System (DNS) DNSAPI.dll when it fails to     properly handle DNS responses. An attacker who     successfully exploited the vulnerability could run     arbitrary code in the context of the Local System     Account.  (CVE-2018-8225)

  - A security feature bypass vulnerability exists when     Microsoft Edge improperly handles requests of different     origins. The vulnerability allows Microsoft Edge to     bypass Same-Origin Policy (SOP) restrictions, and to     allow requests that should otherwise be ignored. An     attacker who successfully exploited the vulnerability     could force the browser to send data that would     otherwise be restricted.  (CVE-2018-8235)

  - A remote code execution vulnerability exists in the way     that the Chakra scripting engine handles objects in     memory in Microsoft Edge. The vulnerability could     corrupt memory in such a way that an attacker could     execute arbitrary code in the context of the current     user. An attacker who successfully exploited the     vulnerability could gain the same user rights as the     current user.  (CVE-2018-8227, CVE-2018-8229)

  - A remote code execution vulnerability exists when     Internet Explorer improperly accesses objects in memory.
    The vulnerability could corrupt memory in such a way     that an attacker could execute arbitrary code in the     context of the current user. An attacker who     successfully exploited the vulnerability could gain the     same user rights as the current user.  (CVE-2018-0978)

  - An elevation of privilege vulnerability exists when     Windows Hyper-V instruction emulation fails to properly     enforce privilege levels. An attacker who successfully     exploited this vulnerability could gain elevated     privileges on a target guest operating system. The host     operating system is not vulnerable to this attack. This     vulnerability by itself does not allow arbitrary code to     be run. However, the vulnerability could be used in     conjunction with one or more vulnerabilities (e.g. a     remote code execution vulnerability and another     elevation of privilege) that could take advantage of the     elevated privileges when running. The update addresses     the vulnerability by correcting how privileges are     enforced by Windows Hyper-V instruction emulation.
    (CVE-2018-8219)

  - A remote code execution vulnerability exists when     Microsoft Edge improperly accesses objects in memory.
    The vulnerability could corrupt memory in such a way     that enables an attacker to execute arbitrary code in     the context of the current user. An attacker who     successfully exploited the vulnerability could gain the     same user rights as the current user.  (CVE-2018-8110,     CVE-2018-8236)

  - An information disclosure vulnerability exists when Edge     improperly marks files. An attacker who successfully     exploited this vulnerability could exfiltrate file     contents from disk. For an attack to be successful, an     attacker must persuade a user to open a malicious     website. The security update addresses the vulnerability     by properly marking files. (CVE-2018-0871)

  - A denial of service vulnerability exists in the way that     the Windows Code Integrity Module performs hashing. An     attacker who successfully exploited the vulnerability     could cause a system to stop responding. Note that the     denial of service condition would not allow an attacker     to execute code or to elevate user privileges. However,     the denial of service condition could prevent authorized     users from using system resources. An attacker could     host a specially crafted file in a website or SMB share.
    The attacker could also take advantage of compromised     websites, or websites that accept or host user-provided     content or advertisements, by adding specially crafted     content that could exploit the vulnerability. However,     in all cases an attacker would have no way to force     users to view the attacker-controlled content. Instead,     an attacker would have to convince users to take action,     typically via an enticement in email or instant message,     or by getting them to open an email attachment. The     security update addresses the vulnerability by modifying     how the Code Integrity Module performs hashing.
    (CVE-2018-1040)

  - A security feature bypass vulnerability exists in     Internet Explorer that allows for bypassing Mark of the     Web Tagging (MOTW). Failing to set the MOTW means that a     large number of Microsoft security technologies are     bypassed.  (CVE-2018-8113)

  - A remote code execution vulnerability exists when     Windows improperly handles objects in memory. An     attacker who successfully exploited these     vulnerabilities could take control of an affected     system.  (CVE-2018-8210, CVE-2018-8213)

  - An elevation of privilege vulnerability exists in the     way that the Windows Kernel API enforces permissions. An     attacker who successfully exploited the vulnerability     could impersonate processes, interject cross-process     communication, or interrupt system functionality.
    (CVE-2018-0982)

  - An elevation of privilege vulnerability exists in     Windows when Desktop Bridge does not properly manage the     virtual registry. An attacker who successfully exploited     this vulnerability could run arbitrary code in kernel     mode. An attacker could then install programs; view,     change, or delete data; or create new accounts with full     user rights.  (CVE-2018-8208, CVE-2018-8214)

The remote Windows host is missing security update 4284819.
It is, therefore, affected by multiple vulnerabilities :

  - An elevation of privilege vulnerability exists when the     (Human Interface Device) HID Parser Library driver     improperly handles objects in memory. An attacker who     successfully exploited this vulnerability could run     processes in an elevated context.  (CVE-2018-8169)

  - A denial of service vulnerability exists when Microsoft     Hyper-V Network Switch on a host server fails to     properly validate input from a privileged user on a     guest operating system. An attacker who successfully     exploited the vulnerability could cause the host server     to crash.  (CVE-2018-8218)

  - A memory corruption vulnerability exists when Windows     Media Foundation improperly handles objects in memory.
    An attacker who successfully exploited the vulnerability     could install programs; view, change, or delete data; or     create new accounts with full user rights. There are     multiple ways an attacker could exploit the     vulnerability, such as by convincing a user to open a     specially crafted document, or by convincing a user to     visit a malicious webpage. The security update addresses     the vulnerability by correcting how Windows Media     Foundation handles objects in memory. (CVE-2018-8251)

  - A denial of service vulnerability exists when Windows     improperly handles objects in memory. An attacker who     successfully exploited the vulnerability could cause a     target system to stop responding.  (CVE-2018-8205)

  - An denial of service vulnerability exists when Windows     NT WEBDAV Minirdr attempts to query a WEBDAV directory.
    An attacker who successfully exploited the vulnerability     could cause a denial of service.  (CVE-2018-8175)

  - An information disclosure vulnerability exists when the     Windows GDI component improperly discloses the contents     of its memory. An attacker who successfully exploited     the vulnerability could obtain information to further     compromise the users system. There are multiple ways an     attacker could exploit the vulnerability, such as by     convincing a user to open a specially crafted document,     or by convincing a user to visit an untrusted webpage.
    The security update addresses the vulnerability by     correcting how the Windows GDI component handles objects     in memory. (CVE-2018-8239)

  - A remote code execution vulnerability exists when HTTP     Protocol Stack (Http.sys) improperly handles objects in     memory. An attacker who successfully exploited this     vulnerability could execute arbitrary code and take     control of the affected system.  (CVE-2018-8231)

  - An information disclosure vulnerability exists when the     Windows kernel improperly initializes objects in memory.
    (CVE-2018-8121)

  - A security feature bypass vulnerability exists in Device     Guard that could allow an attacker to inject malicious     code into a Windows PowerShell session. An attacker who     successfully exploited this vulnerability could inject     code into a trusted PowerShell process to bypass the     Device Guard Code Integrity policy on the local machine.
    (CVE-2018-8201, CVE-2018-8211, CVE-2018-8212,     CVE-2018-8215, CVE-2018-8221)

  - An information disclosure vulnerability exists when     Microsoft Edge improperly handles objects in memory. An     attacker who successfully exploited the vulnerability     could obtain information to further compromise the users     system.  (CVE-2018-8234)

  - An Elevation of Privilege vulnerability exists when     Cortana retrieves data from user input services without     consideration for status. An attacker who successfully     exploited the vulnerability could execute commands with     elevated permissions.  (CVE-2018-8140)

  - A denial of service vulnerability exists in the HTTP 2.0     protocol stack (HTTP.sys) when HTTP.sys improperly     parses specially crafted HTTP 2.0 requests. An attacker     who successfully exploited the vulnerability could     create a denial of service condition, causing the target     system to become unresponsive.  (CVE-2018-8226)

  - A remote code execution vulnerability exists in the way     that the scripting engine handles objects in memory in     Internet Explorer. The vulnerability could corrupt     memory in such a way that an attacker could execute     arbitrary code in the context of the current user. An     attacker who successfully exploited the vulnerability     could gain the same user rights as the current user.
    (CVE-2018-8267)

  - An information disclosure vulnerability exists when the     Windows kernel improperly handles objects in memory. An     attacker who successfully exploited this vulnerability     could obtain information to further compromise the users     system.  (CVE-2018-8207)

  - An elevation of privilege vulnerability exists when NTFS     improperly checks access. An attacker who successfully     exploited this vulnerability could run processes in an     elevated context.  (CVE-2018-1036)

  - A remote code execution vulnerability exists in Windows     Domain Name System (DNS) DNSAPI.dll when it fails to     properly handle DNS responses. An attacker who     successfully exploited the vulnerability could run     arbitrary code in the context of the Local System     Account.  (CVE-2018-8225)

  - A security feature bypass vulnerability exists when     Microsoft Edge improperly handles requests of different     origins. The vulnerability allows Microsoft Edge to     bypass Same-Origin Policy (SOP) restrictions, and to     allow requests that should otherwise be ignored. An     attacker who successfully exploited the vulnerability     could force the browser to send data that would     otherwise be restricted.  (CVE-2018-8235)

  - A remote code execution vulnerability exists in the way     that the Chakra scripting engine handles objects in     memory in Microsoft Edge. The vulnerability could     corrupt memory in such a way that an attacker could     execute arbitrary code in the context of the current     user. An attacker who successfully exploited the     vulnerability could gain the same user rights as the     current user.  (CVE-2018-8227, CVE-2018-8229)

  - A remote code execution vulnerability exists when     Microsoft Edge improperly accesses objects in memory.
    The vulnerability could corrupt memory in such a way     that enables an attacker to execute arbitrary code in     the context of the current user. An attacker who     successfully exploited the vulnerability could gain the     same user rights as the current user.  (CVE-2018-8111,     CVE-2018-8236)

  - An information disclosure vulnerability exists when     Windows allows a normal user to access the Wireless LAN     profile of an administrative user. An authenticated     attacker who successfully exploited the vulnerability     could access the Wireless LAN profile of an     administrative user, including passwords for wireless     networks. An attacker would need to log on to the     affected system and run a specific command. The security     update addresses the vulnerability by changing the way     that Windows enforces access permissions to Wireless LAN     profiles. (CVE-2018-8209)

  - A remote code execution vulnerability exists when     Internet Explorer improperly accesses objects in memory.
    The vulnerability could corrupt memory in such a way     that an attacker could execute arbitrary code in the     context of the current user. An attacker who     successfully exploited the vulnerability could gain the     same user rights as the current user.  (CVE-2018-0978)

  - An elevation of privilege vulnerability exists when     Windows Hyper-V instruction emulation fails to properly     enforce privilege levels. An attacker who successfully     exploited this vulnerability could gain elevated     privileges on a target guest operating system. The host     operating system is not vulnerable to this attack. This     vulnerability by itself does not allow arbitrary code to     be run. However, the vulnerability could be used in     conjunction with one or more vulnerabilities (e.g. a     remote code execution vulnerability and another     elevation of privilege) that could take advantage of the     elevated privileges when running. The update addresses     the vulnerability by correcting how privileges are     enforced by Windows Hyper-V instruction emulation.
    (CVE-2018-8219)

  - An information disclosure vulnerability exists when Edge     improperly marks files. An attacker who successfully     exploited this vulnerability could exfiltrate file     contents from disk. For an attack to be successful, an     attacker must persuade a user to open a malicious     website. The security update addresses the vulnerability     by properly marking files. (CVE-2018-0871)

  - A denial of service vulnerability exists in the way that     the Windows Code Integrity Module performs hashing. An     attacker who successfully exploited the vulnerability     could cause a system to stop responding. Note that the     denial of service condition would not allow an attacker     to execute code or to elevate user privileges. However,     the denial of service condition could prevent authorized     users from using system resources. An attacker could     host a specially crafted file in a website or SMB share.
    The attacker could also take advantage of compromised     websites, or websites that accept or host user-provided     content or advertisements, by adding specially crafted     content that could exploit the vulnerability. However,     in all cases an attacker would have no way to force     users to view the attacker-controlled content. Instead,     an attacker would have to convince users to take action,     typically via an enticement in email or instant message,     or by getting them to open an email attachment. The     security update addresses the vulnerability by modifying     how the Code Integrity Module performs hashing.
    (CVE-2018-1040)

  - A security feature bypass vulnerability exists in     Internet Explorer that allows for bypassing Mark of the     Web Tagging (MOTW). Failing to set the MOTW means that a     large number of Microsoft security technologies are     bypassed.  (CVE-2018-8113)

  - A remote code execution vulnerability exists when     Windows improperly handles objects in memory. An     attacker who successfully exploited these     vulnerabilities could take control of an affected     system.  (CVE-2018-8210, CVE-2018-8213)

  - An elevation of privilege vulnerability exists in the     way that the Windows Kernel API enforces permissions. An     attacker who successfully exploited the vulnerability     could impersonate processes, interject cross-process     communication, or interrupt system functionality.
    (CVE-2018-0982)

  - An elevation of privilege vulnerability exists in     Windows when Desktop Bridge does not properly manage the     virtual registry. An attacker who successfully exploited     this vulnerability could run arbitrary code in kernel     mode. An attacker could then install programs; view,     change, or delete data; or create new accounts with full     user rights.  (CVE-2018-8208, CVE-2018-8214)

ID	Name	Product	Family	Severity
110487	KB4284835: Windows 10 Version 1803 and Windows Server Version 1803 June 2018 Security Update	Nessus	Windows : Microsoft Bulletins	high
110485	KB4284819: Windows 10 Version 1709 and Windows Server Version 1709 June 2018 Security Update	Nessus	Windows : Microsoft Bulletins	high

CVE-2018-8175

Description

References

Details

Risk Information

CVSS v2.0

CVSS v3.0

Vulnerable Software

Configuration 1

Tenable Plugins