104617

1041262

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8304

The remote Windows host is missing security updates. It is, therefore, affected by multiple vulnerabilities :

  - A denial of service vulnerability exists in Windows     Domain Name System (DNS) DNSAPI.dll when it fails to     properly handle DNS responses. An attacker who     successfully exploited the vulnerability could cause a     system to stop responding. Note that the denial of     service condition would not allow an attacker to execute     code or to elevate user privileges. However, the denial     of service condition could prevent authorized users from     using system resources.  (CVE-2018-8304)

  - A denial of service vulnerability exists when Windows     improperly handles objects in memory. An attacker who     successfully exploited the vulnerability could cause a     target system to stop responding.  (CVE-2018-8309)

  - An elevation of privilege vulnerability exists in     Windows when the Windows kernel-mode driver fails to     properly handle objects in memory. An attacker who     successfully exploited this vulnerability could run     arbitrary code in kernel mode. An attacker could then     install programs; view, change, or delete data; or     create new accounts with full user rights.
    (CVE-2018-8282)

  - A denial of service vulnerability exists when Windows     improperly handles File Transfer Protocol (FTP)     connections. An attacker who successfully exploited the     vulnerability could cause a target system to stop     responding.  (CVE-2018-8206)

  - An elevation of privilege vulnerability exists when     Windows fails a check, allowing a sandbox escape. An     attacker who successfully exploited the vulnerability     could use the sandbox escape to elevate privileges on an     affected system. This vulnerability by itself does not     allow arbitrary code execution. However, the     vulnerability could allow arbitrary code to run if an     attacker uses it in combination with another     vulnerability, such as a remote code execution     vulnerability or another elevation of privilege     vulnerability, that can leverage the elevated privileges     when code execution is attempted. The security update     addresses the vulnerability by correcting how Windows     file picker handles paths. (CVE-2018-8314)

  - An elevation of privilege vulnerability exists when the     Windows kernel fails to properly handle objects in     memory. An attacker who successfully exploited this     vulnerability could run arbitrary code in kernel mode.
    An attacker could then install programs; view, change,     or delete data; or create new accounts with full user     rights.  (CVE-2018-8308)

  - A security feature bypass vulnerability exists when     Microsoft WordPad improperly handles embedded OLE     objects. An attacker who successfully exploited the     vulnerability could bypass content blocking. In a file-     sharing attack scenario, an attacker could provide a     specially crafted document file designed to exploit the     vulnerability, and then convince a user to open the     document file. The security update addresses the     vulnerability by correcting how Microsoft WordPad     handles input. (CVE-2018-8307)

The remote Windows host is missing security update 4338820 or cumulative update 4338830. It is, therefore, affected by multiple vulnerabilities :

  - A denial of service vulnerability exists in Windows     Domain Name System (DNS) DNSAPI.dll when it fails to     properly handle DNS responses. An attacker who     successfully exploited the vulnerability could cause a     system to stop responding. Note that the denial of     service condition would not allow an attacker to execute     code or to elevate user privileges. However, the denial     of service condition could prevent authorized users from     using system resources.  (CVE-2018-8304)

  - A remote code execution vulnerability exists in the way     the scripting engine handles objects in memory in     Microsoft browsers. The vulnerability could corrupt     memory in such a way that an attacker could execute     arbitrary code in the context of the current user. An     attacker who successfully exploited the vulnerability     could gain the same user rights as the current user.
    (CVE-2018-8287)

  - A denial of service vulnerability exists when Windows     improperly handles objects in memory. An attacker who     successfully exploited the vulnerability could cause a     target system to stop responding.  (CVE-2018-8309)

  - An elevation of privilege vulnerability exists in     Windows when the Windows kernel-mode driver fails to     properly handle objects in memory. An attacker who     successfully exploited this vulnerability could run     arbitrary code in kernel mode. An attacker could then     install programs; view, change, or delete data; or     create new accounts with full user rights.
    (CVE-2018-8282)

  - A denial of service vulnerability exists when Windows     improperly handles File Transfer Protocol (FTP)     connections. An attacker who successfully exploited the     vulnerability could cause a target system to stop     responding.  (CVE-2018-8206)

  - A security feature bypass vulnerability exists when     Microsoft Internet Explorer improperly handles requests     involving UNC resources. An attacker who successfully     exploited the vulnerability could force the browser to     load data that would otherwise be restricted.
    (CVE-2018-0949)

  - A remote code execution vulnerability exists in the way     that the scripting engine handles objects in memory in     Internet Explorer. The vulnerability could corrupt     memory in such a way that an attacker could execute     arbitrary code in the context of the current user. An     attacker who successfully exploited the vulnerability     could gain the same user rights as the current user.
    (CVE-2018-8242)

  - An elevation of privilege vulnerability exists when the     Windows kernel fails to properly handle objects in     memory. An attacker who successfully exploited this     vulnerability could run arbitrary code in kernel mode.
    An attacker could then install programs; view, change,     or delete data; or create new accounts with full user     rights.  (CVE-2018-8308)

  - A security feature bypass vulnerability exists when     Microsoft WordPad improperly handles embedded OLE     objects. An attacker who successfully exploited the     vulnerability could bypass content blocking. In a file-     sharing attack scenario, an attacker could provide a     specially crafted document file designed to exploit the     vulnerability, and then convince a user to open the     document file. The security update addresses the     vulnerability by correcting how Microsoft WordPad     handles input. (CVE-2018-8307)

  - An elevation of privilege vulnerability exists in .NET     Framework which could allow an attacker to elevate their     privilege level.  (CVE-2018-8202)

  - An elevation of privilege vulnerability exists in the     way that the Windows Kernel API enforces permissions. An     attacker who successfully exploited the vulnerability     could impersonate processes, interject cross-process     communication, or interrupt system functionality.
    (CVE-2018-8313)

  - A Remote Code Execution vulnerability exists in .NET     software when the software fails to check the source     markup of a file. An attacker who successfully exploited     the vulnerability could run arbitrary code in the     context of the current user. If the current user is     logged on with administrative user rights, an attacker     could take control of the affected system. An attacker     could then install programs; view, change, or delete     data; or create new accounts with full user rights.
    (CVE-2018-8260)

  - A remote code execution vulnerability exists when the     Microsoft .NET Framework fails to validate input     properly. An attacker who successfully exploited this     vulnerability could take control of an affected system.
    An attacker could then install programs; view, change,     or delete data; or create new accounts with full user     rights. Users whose accounts are configured to have     fewer user rights on the system could be less impacted     than users who operate with administrative user rights.
    (CVE-2018-8284)

  - An elevation of privilege vulnerability exists when     Windows fails a check, allowing a sandbox escape. An     attacker who successfully exploited the vulnerability     could use the sandbox escape to elevate privileges on an     affected system. This vulnerability by itself does not     allow arbitrary code execution. However, the     vulnerability could allow arbitrary code to run if an     attacker uses it in combination with another     vulnerability, such as a remote code execution     vulnerability or another elevation of privilege     vulnerability, that can leverage the elevated privileges     when code execution is attempted. The security update     addresses the vulnerability by correcting how Windows     file picker handles paths. (CVE-2018-8314)

  - A security feature bypass vulnerability exists when     Microsoft .NET Framework components do not correctly     validate certificates. An attacker could present expired     certificates when challenged. The security update     addresses the vulnerability by ensuring that .NET     Framework components correctly validate certificates.
    (CVE-2018-8356)

The remote Windows host is missing security update 4338829.
It is, therefore, affected by multiple vulnerabilities :

  - A remote code execution vulnerability exists in the way     that the scripting engine handles objects in memory in     Internet Explorer. The vulnerability could corrupt     memory in such a way that an attacker could execute     arbitrary code in the context of the current user. An     attacker who successfully exploited the vulnerability     could gain the same user rights as the current user.
    (CVE-2018-8242, CVE-2018-8296)

  - A denial of service vulnerability exists in Windows     Domain Name System (DNS) DNSAPI.dll when it fails to     properly handle DNS responses. An attacker who     successfully exploited the vulnerability could cause a     system to stop responding. Note that the denial of     service condition would not allow an attacker to execute     code or to elevate user privileges. However, the denial     of service condition could prevent authorized users from     using system resources.  (CVE-2018-8304)

  - A denial of service vulnerability exists when Windows     improperly handles objects in memory. An attacker who     successfully exploited the vulnerability could cause a     target system to stop responding.  (CVE-2018-8309)

  - A remote code execution vulnerability exists in the way     that the Chakra scripting engine handles objects in     memory in Microsoft Edge. The vulnerability could     corrupt memory in such a way that an attacker could     execute arbitrary code in the context of the current     user. An attacker who successfully exploited the     vulnerability could gain the same user rights as the     current user.  (CVE-2018-8280, CVE-2018-8290)

  - An elevation of privilege vulnerability exists in     Windows when the Windows kernel-mode driver fails to     properly handle objects in memory. An attacker who     successfully exploited this vulnerability could run     arbitrary code in kernel mode. An attacker could then     install programs; view, change, or delete data; or     create new accounts with full user rights.
    (CVE-2018-8282)

  - A denial of service vulnerability exists when Windows     improperly handles File Transfer Protocol (FTP)     connections. An attacker who successfully exploited the     vulnerability could cause a target system to stop     responding.  (CVE-2018-8206)

  - A remote code execution vulnerability exists when     Microsoft Edge improperly accesses objects in memory.
    The vulnerability could corrupt memory in such a way     that enables an attacker to execute arbitrary code in     the context of the current user. An attacker who     successfully exploited the vulnerability could gain the     same user rights as the current user.  (CVE-2018-8125)

  - A security feature bypass vulnerability exists in Device     Guard that could allow an attacker to inject malicious     code into a Windows PowerShell session. An attacker who     successfully exploited this vulnerability could inject     code into a trusted PowerShell process to bypass the     Device Guard Code Integrity policy on the local machine.
    (CVE-2018-8222)

  - A security feature bypass vulnerability exists when     Microsoft Internet Explorer improperly handles requests     involving UNC resources. An attacker who successfully     exploited the vulnerability could force the browser to     load data that would otherwise be restricted.
    (CVE-2018-0949)

  - An elevation of privilege vulnerability exists when the     Windows kernel fails to properly handle objects in     memory. An attacker who successfully exploited this     vulnerability could run arbitrary code in kernel mode.
    An attacker could then install programs; view, change,     or delete data; or create new accounts with full user     rights.  (CVE-2018-8308)

  - A security feature bypass vulnerability exists when     Microsoft WordPad improperly handles embedded OLE     objects. An attacker who successfully exploited the     vulnerability could bypass content blocking. In a file-     sharing attack scenario, an attacker could provide a     specially crafted document file designed to exploit the     vulnerability, and then convince a user to open the     document file. The security update addresses the     vulnerability by correcting how Microsoft WordPad     handles input. (CVE-2018-8307)

  - An elevation of privilege vulnerability exists in .NET     Framework which could allow an attacker to elevate their     privilege level.  (CVE-2018-8202)

  - An elevation of privilege vulnerability exists in the     way that the Windows Kernel API enforces permissions. An     attacker who successfully exploited the vulnerability     could impersonate processes, interject cross-process     communication, or interrupt system functionality.
    (CVE-2018-8313)

  - A remote code execution vulnerability exists in the way     the scripting engine handles objects in memory in     Microsoft browsers. The vulnerability could corrupt     memory in such a way that an attacker could execute     arbitrary code in the context of the current user. An     attacker who successfully exploited the vulnerability     could gain the same user rights as the current user.
    (CVE-2018-8287, CVE-2018-8288, CVE-2018-8291)

  - A remote code execution vulnerability exists when the     Microsoft .NET Framework fails to validate input     properly. An attacker who successfully exploited this     vulnerability could take control of an affected system.
    An attacker could then install programs; view, change,     or delete data; or create new accounts with full user     rights. Users whose accounts are configured to have     fewer user rights on the system could be less impacted     than users who operate with administrative user rights.
    (CVE-2018-8284)

  - An elevation of privilege vulnerability exists when     Windows fails a check, allowing a sandbox escape. An     attacker who successfully exploited the vulnerability     could use the sandbox escape to elevate privileges on an     affected system. This vulnerability by itself does not     allow arbitrary code execution. However, the     vulnerability could allow arbitrary code to run if an     attacker uses it in combination with another     vulnerability, such as a remote code execution     vulnerability or another elevation of privilege     vulnerability, that can leverage the elevated privileges     when code execution is attempted. The security update     addresses the vulnerability by correcting how Windows     file picker handles paths. (CVE-2018-8314)

  - A security feature bypass vulnerability exists when     Microsoft .NET Framework components do not correctly     validate certificates. An attacker could present expired     certificates when challenged. The security update     addresses the vulnerability by ensuring that .NET     Framework components correctly validate certificates.
    (CVE-2018-8356)

The remote Windows host is missing security update 4338826.
It is, therefore, affected by multiple vulnerabilities :

  - An elevation of privilege vulnerability exists in .NET     Framework which could allow an attacker to elevate their     privilege level.  (CVE-2018-8202)

  - A remote code execution vulnerability exists when     Microsoft Edge improperly accesses objects in memory.
    The vulnerability could corrupt memory in such a way     that enables an attacker to execute arbitrary code in     the context of the current user. An attacker who     successfully exploited the vulnerability could gain the     same user rights as the current user.  (CVE-2018-8125,     CVE-2018-8274, CVE-2018-8275, CVE-2018-8279)

  - A remote code execution vulnerability exists in the way     that the scripting engine handles objects in memory in     Internet Explorer. The vulnerability could corrupt     memory in such a way that an attacker could execute     arbitrary code in the context of the current user. An     attacker who successfully exploited the vulnerability     could gain the same user rights as the current user.
    (CVE-2018-8242, CVE-2018-8296)

  - A denial of service vulnerability exists in Windows     Domain Name System (DNS) DNSAPI.dll when it fails to     properly handle DNS responses. An attacker who     successfully exploited the vulnerability could cause a     system to stop responding. Note that the denial of     service condition would not allow an attacker to execute     code or to elevate user privileges. However, the denial     of service condition could prevent authorized users from     using system resources.  (CVE-2018-8304)

  - A Remote Code Execution vulnerability exists in .NET     software when the software fails to check the source     markup of a file. An attacker who successfully exploited     the vulnerability could run arbitrary code in the     context of the current user. If the current user is     logged on with administrative user rights, an attacker     could take control of the affected system. An attacker     could then install programs; view, change, or delete     data; or create new accounts with full user rights.
    (CVE-2018-8260)

  - A denial of service vulnerability exists when Windows     improperly handles objects in memory. An attacker who     successfully exploited the vulnerability could cause a     target system to stop responding.  (CVE-2018-8309)

  - An elevation of privilege vulnerability exists in     Windows when the Windows kernel-mode driver fails to     properly handle objects in memory. An attacker who     successfully exploited this vulnerability could run     arbitrary code in kernel mode. An attacker could then     install programs; view, change, or delete data; or     create new accounts with full user rights.
    (CVE-2018-8282)

  - A security feature bypass vulnerability exists in Device     Guard that could allow an attacker to inject malicious     code into a Windows PowerShell session. An attacker who     successfully exploited this vulnerability could inject     code into a trusted PowerShell process to bypass the     Device Guard Code Integrity policy on the local machine.
    (CVE-2018-8222)

  - A denial of service vulnerability exists when Windows     improperly handles File Transfer Protocol (FTP)     connections. An attacker who successfully exploited the     vulnerability could cause a target system to stop     responding.  (CVE-2018-8206)

  - A security feature bypass vulnerability exists when     Microsoft Internet Explorer improperly handles requests     involving UNC resources. An attacker who successfully     exploited the vulnerability could force the browser to     load data that would otherwise be restricted.
    (CVE-2018-0949)

  - An information disclosure vulnerability exists when     Microsoft Edge improperly handles objects in memory. An     attacker who successfully exploited the vulnerability     could obtain information to further compromise the users     system.  (CVE-2018-8324)

  - An elevation of privilege vulnerability exists when the     Windows kernel fails to properly handle objects in     memory. An attacker who successfully exploited this     vulnerability could run arbitrary code in kernel mode.
    An attacker could then install programs; view, change,     or delete data; or create new accounts with full user     rights.  (CVE-2018-8308)

  - A security feature bypass vulnerability exists when     Microsoft WordPad improperly handles embedded OLE     objects. An attacker who successfully exploited the     vulnerability could bypass content blocking. In a file-     sharing attack scenario, an attacker could provide a     specially crafted document file designed to exploit the     vulnerability, and then convince a user to open the     document file. The security update addresses the     vulnerability by correcting how Microsoft WordPad     handles input. (CVE-2018-8307)

  - A security feature bypass vulnerability exists in the     Microsoft Chakra scripting engine that allows Control     Flow Guard (CFG) to be bypassed. By itself, the CFG     bypass vulnerability does not allow arbitrary code     execution. However, an attacker could use the CFG bypass     vulnerability in conjunction with another vulnerability,     such as a remote code execution vulnerability, to run     arbitrary code on a target system.  (CVE-2018-8276)

  - An elevation of privilege vulnerability exists in the     way that the Windows Kernel API enforces permissions. An     attacker who successfully exploited the vulnerability     could impersonate processes, interject cross-process     communication, or interrupt system functionality.
    (CVE-2018-8313)

  - A remote code execution vulnerability exists in the way     the scripting engine handles objects in memory in     Microsoft browsers. The vulnerability could corrupt     memory in such a way that an attacker could execute     arbitrary code in the context of the current user. An     attacker who successfully exploited the vulnerability     could gain the same user rights as the current user.
    (CVE-2018-8287, CVE-2018-8288, CVE-2018-8291)

  - A remote code execution vulnerability exists when the     Microsoft .NET Framework fails to validate input     properly. An attacker who successfully exploited this     vulnerability could take control of an affected system.
    An attacker could then install programs; view, change,     or delete data; or create new accounts with full user     rights. Users whose accounts are configured to have     fewer user rights on the system could be less impacted     than users who operate with administrative user rights.
    (CVE-2018-8284)

  - A remote code execution vulnerability exists in the way     that the Chakra scripting engine handles objects in     memory in Microsoft Edge. The vulnerability could     corrupt memory in such a way that an attacker could     execute arbitrary code in the context of the current     user. An attacker who successfully exploited the     vulnerability could gain the same user rights as the     current user.  (CVE-2018-8280, CVE-2018-8286,     CVE-2018-8290)

  - A security feature bypass vulnerability exists when     Microsoft .NET Framework components do not correctly     validate certificates. An attacker could present expired     certificates when challenged. The security update     addresses the vulnerability by ensuring that .NET     Framework components correctly validate certificates.
    (CVE-2018-8356)

The remote Windows host is missing security update 4338825.
It is, therefore, affected by multiple vulnerabilities :

  - An elevation of privilege vulnerability exists in .NET     Framework which could allow an attacker to elevate their     privilege level.  (CVE-2018-8202)

  - A remote code execution vulnerability exists in the way     that the scripting engine handles objects in memory in     Internet Explorer. The vulnerability could corrupt     memory in such a way that an attacker could execute     arbitrary code in the context of the current user. An     attacker who successfully exploited the vulnerability     could gain the same user rights as the current user.
    (CVE-2018-8242, CVE-2018-8296)

  - A remote code execution vulnerability exists when     Microsoft Edge improperly accesses objects in memory.
    The vulnerability could corrupt memory in such a way     that enables an attacker to execute arbitrary code in     the context of the current user. An attacker who     successfully exploited the vulnerability could gain the     same user rights as the current user.  (CVE-2018-8125,     CVE-2018-8274, CVE-2018-8275, CVE-2018-8279,     CVE-2018-8301)

  - A denial of service vulnerability exists in Windows     Domain Name System (DNS) DNSAPI.dll when it fails to     properly handle DNS responses. An attacker who     successfully exploited the vulnerability could cause a     system to stop responding. Note that the denial of     service condition would not allow an attacker to execute     code or to elevate user privileges. However, the denial     of service condition could prevent authorized users from     using system resources.  (CVE-2018-8304)

  - A Remote Code Execution vulnerability exists in .NET     software when the software fails to check the source     markup of a file. An attacker who successfully exploited     the vulnerability could run arbitrary code in the     context of the current user. If the current user is     logged on with administrative user rights, an attacker     could take control of the affected system. An attacker     could then install programs; view, change, or delete     data; or create new accounts with full user rights.
    (CVE-2018-8260)

  - A denial of service vulnerability exists when Windows     improperly handles objects in memory. An attacker who     successfully exploited the vulnerability could cause a     target system to stop responding.  (CVE-2018-8309)

  - An information disclosure vulnerability exists when     Microsoft Edge improperly handles objects in memory. An     attacker who successfully exploited the vulnerability     could obtain information to further compromise the users     system.  (CVE-2018-8297, CVE-2018-8324)

  - An elevation of privilege vulnerability exists in     Windows when the Windows kernel-mode driver fails to     properly handle objects in memory. An attacker who     successfully exploited this vulnerability could run     arbitrary code in kernel mode. An attacker could then     install programs; view, change, or delete data; or     create new accounts with full user rights.
    (CVE-2018-8282)

  - A denial of service vulnerability exists when Windows     improperly handles File Transfer Protocol (FTP)     connections. An attacker who successfully exploited the     vulnerability could cause a target system to stop     responding.  (CVE-2018-8206)

  - A security feature bypass vulnerability exists in Device     Guard that could allow an attacker to inject malicious     code into a Windows PowerShell session. An attacker who     successfully exploited this vulnerability could inject     code into a trusted PowerShell process to bypass the     Device Guard Code Integrity policy on the local machine.
    (CVE-2018-8222)

  - A security feature bypass vulnerability exists when     Microsoft Internet Explorer improperly handles requests     involving UNC resources. An attacker who successfully     exploited the vulnerability could force the browser to     load data that would otherwise be restricted.
    (CVE-2018-0949)

  - An elevation of privilege vulnerability exists when the     Windows kernel fails to properly handle objects in     memory. An attacker who successfully exploited this     vulnerability could run arbitrary code in kernel mode.
    An attacker could then install programs; view, change,     or delete data; or create new accounts with full user     rights.  (CVE-2018-8308)

  - A security feature bypass vulnerability exists when     Microsoft WordPad improperly handles embedded OLE     objects. An attacker who successfully exploited the     vulnerability could bypass content blocking. In a file-     sharing attack scenario, an attacker could provide a     specially crafted document file designed to exploit the     vulnerability, and then convince a user to open the     document file. The security update addresses the     vulnerability by correcting how Microsoft WordPad     handles input. (CVE-2018-8307)

  - A security feature bypass vulnerability exists in the     Microsoft Chakra scripting engine that allows Control     Flow Guard (CFG) to be bypassed. By itself, the CFG     bypass vulnerability does not allow arbitrary code     execution. However, an attacker could use the CFG bypass     vulnerability in conjunction with another vulnerability,     such as a remote code execution vulnerability, to run     arbitrary code on a target system.  (CVE-2018-8276)

  - An elevation of privilege vulnerability exists in the     way that the Windows Kernel API enforces permissions. An     attacker who successfully exploited the vulnerability     could impersonate processes, interject cross-process     communication, or interrupt system functionality.
    (CVE-2018-8313)

  - A remote code execution vulnerability exists in the way     the scripting engine handles objects in memory in     Microsoft browsers. The vulnerability could corrupt     memory in such a way that an attacker could execute     arbitrary code in the context of the current user. An     attacker who successfully exploited the vulnerability     could gain the same user rights as the current user.
    (CVE-2018-8287, CVE-2018-8288, CVE-2018-8291)

  - A remote code execution vulnerability exists when the     Microsoft .NET Framework fails to validate input     properly. An attacker who successfully exploited this     vulnerability could take control of an affected system.
    An attacker could then install programs; view, change,     or delete data; or create new accounts with full user     rights. Users whose accounts are configured to have     fewer user rights on the system could be less impacted     than users who operate with administrative user rights.
    (CVE-2018-8284)

  - A remote code execution vulnerability exists in the way     that the Chakra scripting engine handles objects in     memory in Microsoft Edge. The vulnerability could     corrupt memory in such a way that an attacker could     execute arbitrary code in the context of the current     user. An attacker who successfully exploited the     vulnerability could gain the same user rights as the     current user.  (CVE-2018-8280, CVE-2018-8286,     CVE-2018-8290)

  - A security feature bypass vulnerability exists when     Microsoft .NET Framework components do not correctly     validate certificates. An attacker could present expired     certificates when challenged. The security update     addresses the vulnerability by ensuring that .NET     Framework components correctly validate certificates.
    (CVE-2018-8356)

The remote Windows host is missing security update 4338823 or cumulative update 4338818. It is, therefore, affected by multiple vulnerabilities :

  - An elevation of privilege vulnerability exists in .NET     Framework which could allow an attacker to elevate their     privilege level.  (CVE-2018-8202)

  - A remote code execution vulnerability exists in the way     that the scripting engine handles objects in memory in     Internet Explorer. The vulnerability could corrupt     memory in such a way that an attacker could execute     arbitrary code in the context of the current user. An     attacker who successfully exploited the vulnerability     could gain the same user rights as the current user.
    (CVE-2018-8242, CVE-2018-8296)

  - A denial of service vulnerability exists in Windows     Domain Name System (DNS) DNSAPI.dll when it fails to     properly handle DNS responses. An attacker who     successfully exploited the vulnerability could cause a     system to stop responding. Note that the denial of     service condition would not allow an attacker to execute     code or to elevate user privileges. However, the denial     of service condition could prevent authorized users from     using system resources.  (CVE-2018-8304)

  - A denial of service vulnerability exists when Windows     improperly handles objects in memory. An attacker who     successfully exploited the vulnerability could cause a     target system to stop responding.  (CVE-2018-8309)

  - An elevation of privilege vulnerability exists in     Windows when the Windows kernel-mode driver fails to     properly handle objects in memory. An attacker who     successfully exploited this vulnerability could run     arbitrary code in kernel mode. An attacker could then     install programs; view, change, or delete data; or     create new accounts with full user rights.
    (CVE-2018-8282)

  - A denial of service vulnerability exists when Windows     improperly handles File Transfer Protocol (FTP)     connections. An attacker who successfully exploited the     vulnerability could cause a target system to stop     responding.  (CVE-2018-8206)

  - A security feature bypass vulnerability exists when     Microsoft Internet Explorer improperly handles requests     involving UNC resources. An attacker who successfully     exploited the vulnerability could force the browser to     load data that would otherwise be restricted.
    (CVE-2018-0949)

  - An elevation of privilege vulnerability exists when the     Windows kernel fails to properly handle objects in     memory. An attacker who successfully exploited this     vulnerability could run arbitrary code in kernel mode.
    An attacker could then install programs; view, change,     or delete data; or create new accounts with full user     rights.  (CVE-2018-8308)

  - A security feature bypass vulnerability exists when     Microsoft WordPad improperly handles embedded OLE     objects. An attacker who successfully exploited the     vulnerability could bypass content blocking. In a file-     sharing attack scenario, an attacker could provide a     specially crafted document file designed to exploit the     vulnerability, and then convince a user to open the     document file. The security update addresses the     vulnerability by correcting how Microsoft WordPad     handles input. (CVE-2018-8307)

  - A Remote Code Execution vulnerability exists in .NET     software when the software fails to check the source     markup of a file. An attacker who successfully exploited     the vulnerability could run arbitrary code in the     context of the current user. If the current user is     logged on with administrative user rights, an attacker     could take control of the affected system. An attacker     could then install programs; view, change, or delete     data; or create new accounts with full user rights.
    (CVE-2018-8260)

  - A remote code execution vulnerability exists in the way     the scripting engine handles objects in memory in     Microsoft browsers. The vulnerability could corrupt     memory in such a way that an attacker could execute     arbitrary code in the context of the current user. An     attacker who successfully exploited the vulnerability     could gain the same user rights as the current user.
    (CVE-2018-8287, CVE-2018-8288, CVE-2018-8291)

  - A remote code execution vulnerability exists when the     Microsoft .NET Framework fails to validate input     properly. An attacker who successfully exploited this     vulnerability could take control of an affected system.
    An attacker could then install programs; view, change,     or delete data; or create new accounts with full user     rights. Users whose accounts are configured to have     fewer user rights on the system could be less impacted     than users who operate with administrative user rights.
    (CVE-2018-8284)

  - An elevation of privilege vulnerability exists when     Windows fails a check, allowing a sandbox escape. An     attacker who successfully exploited the vulnerability     could use the sandbox escape to elevate privileges on an     affected system. This vulnerability by itself does not     allow arbitrary code execution. However, the     vulnerability could allow arbitrary code to run if an     attacker uses it in combination with another     vulnerability, such as a remote code execution     vulnerability or another elevation of privilege     vulnerability, that can leverage the elevated privileges     when code execution is attempted. The security update     addresses the vulnerability by correcting how Windows     file picker handles paths. (CVE-2018-8314)

  - A security feature bypass vulnerability exists when     Microsoft .NET Framework components do not correctly     validate certificates. An attacker could present expired     certificates when challenged. The security update     addresses the vulnerability by ensuring that .NET     Framework components correctly validate certificates.
    (CVE-2018-8356)

The remote Windows host is missing security update 4338824 or cumulative update 4338815. It is, therefore, affected by multiple vulnerabilities :

  - An elevation of privilege vulnerability exists in .NET     Framework which could allow an attacker to elevate their     privilege level.  (CVE-2018-8202)

  - A remote code execution vulnerability exists in the way     that the scripting engine handles objects in memory in     Internet Explorer. The vulnerability could corrupt     memory in such a way that an attacker could execute     arbitrary code in the context of the current user. An     attacker who successfully exploited the vulnerability     could gain the same user rights as the current user.
    (CVE-2018-8242, CVE-2018-8296)

  - A denial of service vulnerability exists in Windows     Domain Name System (DNS) DNSAPI.dll when it fails to     properly handle DNS responses. An attacker who     successfully exploited the vulnerability could cause a     system to stop responding. Note that the denial of     service condition would not allow an attacker to execute     code or to elevate user privileges. However, the denial     of service condition could prevent authorized users from     using system resources.  (CVE-2018-8304)

  - A denial of service vulnerability exists when Windows     improperly handles objects in memory. An attacker who     successfully exploited the vulnerability could cause a     target system to stop responding.  (CVE-2018-8309)

  - An elevation of privilege vulnerability exists in     Windows when the Windows kernel-mode driver fails to     properly handle objects in memory. An attacker who     successfully exploited this vulnerability could run     arbitrary code in kernel mode. An attacker could then     install programs; view, change, or delete data; or     create new accounts with full user rights.
    (CVE-2018-8282)

  - A denial of service vulnerability exists when Windows     improperly handles File Transfer Protocol (FTP)     connections. An attacker who successfully exploited the     vulnerability could cause a target system to stop     responding.  (CVE-2018-8206)

  - A security feature bypass vulnerability exists when     Microsoft Internet Explorer improperly handles requests     involving UNC resources. An attacker who successfully     exploited the vulnerability could force the browser to     load data that would otherwise be restricted.
    (CVE-2018-0949)

  - An elevation of privilege vulnerability exists when the     Windows kernel fails to properly handle objects in     memory. An attacker who successfully exploited this     vulnerability could run arbitrary code in kernel mode.
    An attacker could then install programs; view, change,     or delete data; or create new accounts with full user     rights.  (CVE-2018-8308)

  - A security feature bypass vulnerability exists when     Microsoft WordPad improperly handles embedded OLE     objects. An attacker who successfully exploited the     vulnerability could bypass content blocking. In a file-     sharing attack scenario, an attacker could provide a     specially crafted document file designed to exploit the     vulnerability, and then convince a user to open the     document file. The security update addresses the     vulnerability by correcting how Microsoft WordPad     handles input. (CVE-2018-8307)

  - A Remote Code Execution vulnerability exists in .NET     software when the software fails to check the source     markup of a file. An attacker who successfully exploited     the vulnerability could run arbitrary code in the     context of the current user. If the current user is     logged on with administrative user rights, an attacker     could take control of the affected system. An attacker     could then install programs; view, change, or delete     data; or create new accounts with full user rights.
    (CVE-2018-8260)

  - An elevation of privilege vulnerability exists in the     way that the Windows Kernel API enforces permissions. An     attacker who successfully exploited the vulnerability     could impersonate processes, interject cross-process     communication, or interrupt system functionality.
    (CVE-2018-8313)

  - A remote code execution vulnerability exists in the way     the scripting engine handles objects in memory in     Microsoft browsers. The vulnerability could corrupt     memory in such a way that an attacker could execute     arbitrary code in the context of the current user. An     attacker who successfully exploited the vulnerability     could gain the same user rights as the current user.
    (CVE-2018-8287, CVE-2018-8288, CVE-2018-8291)

  - A remote code execution vulnerability exists when the     Microsoft .NET Framework fails to validate input     properly. An attacker who successfully exploited this     vulnerability could take control of an affected system.
    An attacker could then install programs; view, change,     or delete data; or create new accounts with full user     rights. Users whose accounts are configured to have     fewer user rights on the system could be less impacted     than users who operate with administrative user rights.
    (CVE-2018-8284)

  - An elevation of privilege vulnerability exists when     Windows fails a check, allowing a sandbox escape. An     attacker who successfully exploited the vulnerability     could use the sandbox escape to elevate privileges on an     affected system. This vulnerability by itself does not     allow arbitrary code execution. However, the     vulnerability could allow arbitrary code to run if an     attacker uses it in combination with another     vulnerability, such as a remote code execution     vulnerability or another elevation of privilege     vulnerability, that can leverage the elevated privileges     when code execution is attempted. The security update     addresses the vulnerability by correcting how Windows     file picker handles paths. (CVE-2018-8314)

  - A security feature bypass vulnerability exists when     Microsoft .NET Framework components do not correctly     validate certificates. An attacker could present expired     certificates when challenged. The security update     addresses the vulnerability by ensuring that .NET     Framework components correctly validate certificates.
    (CVE-2018-8356)

The remote Windows host is missing security update 4338814.
It is, therefore, affected by multiple vulnerabilities :

  - An elevation of privilege vulnerability exists in .NET     Framework which could allow an attacker to elevate their     privilege level.  (CVE-2018-8202)

  - A remote code execution vulnerability exists in the way     that the scripting engine handles objects in memory in     Internet Explorer. The vulnerability could corrupt     memory in such a way that an attacker could execute     arbitrary code in the context of the current user. An     attacker who successfully exploited the vulnerability     could gain the same user rights as the current user.
    (CVE-2018-8242, CVE-2018-8296)

  - A denial of service vulnerability exists in Windows     Domain Name System (DNS) DNSAPI.dll when it fails to     properly handle DNS responses. An attacker who     successfully exploited the vulnerability could cause a     system to stop responding. Note that the denial of     service condition would not allow an attacker to execute     code or to elevate user privileges. However, the denial     of service condition could prevent authorized users from     using system resources.  (CVE-2018-8304)

  - A denial of service vulnerability exists when Windows     improperly handles objects in memory. An attacker who     successfully exploited the vulnerability could cause a     target system to stop responding.  (CVE-2018-8309)

  - A remote code execution vulnerability exists in the way     that the Chakra scripting engine handles objects in     memory in Microsoft Edge. The vulnerability could     corrupt memory in such a way that an attacker could     execute arbitrary code in the context of the current     user. An attacker who successfully exploited the     vulnerability could gain the same user rights as the     current user.  (CVE-2018-8280, CVE-2018-8290)

  - An elevation of privilege vulnerability exists in     Windows when the Windows kernel-mode driver fails to     properly handle objects in memory. An attacker who     successfully exploited this vulnerability could run     arbitrary code in kernel mode. An attacker could then     install programs; view, change, or delete data; or     create new accounts with full user rights.
    (CVE-2018-8282)

  - A remote code execution vulnerability exists when     Microsoft Edge improperly accesses objects in memory.
    The vulnerability could corrupt memory in such a way     that enables an attacker to execute arbitrary code in     the context of the current user. An attacker who     successfully exploited the vulnerability could gain the     same user rights as the current user.  (CVE-2018-8125,     CVE-2018-8275)

  - A denial of service vulnerability exists when Windows     improperly handles File Transfer Protocol (FTP)     connections. An attacker who successfully exploited the     vulnerability could cause a target system to stop     responding.  (CVE-2018-8206)

  - A security feature bypass vulnerability exists in Device     Guard that could allow an attacker to inject malicious     code into a Windows PowerShell session. An attacker who     successfully exploited this vulnerability could inject     code into a trusted PowerShell process to bypass the     Device Guard Code Integrity policy on the local machine.
    (CVE-2018-8222)

  - A security feature bypass vulnerability exists when     Microsoft Internet Explorer improperly handles requests     involving UNC resources. An attacker who successfully     exploited the vulnerability could force the browser to     load data that would otherwise be restricted.
    (CVE-2018-0949)

  - An elevation of privilege vulnerability exists when the     Windows kernel fails to properly handle objects in     memory. An attacker who successfully exploited this     vulnerability could run arbitrary code in kernel mode.
    An attacker could then install programs; view, change,     or delete data; or create new accounts with full user     rights.  (CVE-2018-8308)

  - A security feature bypass vulnerability exists when     Microsoft WordPad improperly handles embedded OLE     objects. An attacker who successfully exploited the     vulnerability could bypass content blocking. In a file-     sharing attack scenario, an attacker could provide a     specially crafted document file designed to exploit the     vulnerability, and then convince a user to open the     document file. The security update addresses the     vulnerability by correcting how Microsoft WordPad     handles input. (CVE-2018-8307)

  - A Remote Code Execution vulnerability exists in .NET     software when the software fails to check the source     markup of a file. An attacker who successfully exploited     the vulnerability could run arbitrary code in the     context of the current user. If the current user is     logged on with administrative user rights, an attacker     could take control of the affected system. An attacker     could then install programs; view, change, or delete     data; or create new accounts with full user rights.
    (CVE-2018-8260)

  - An elevation of privilege vulnerability exists in the     way that the Windows Kernel API enforces permissions. An     attacker who successfully exploited the vulnerability     could impersonate processes, interject cross-process     communication, or interrupt system functionality.
    (CVE-2018-8313)

  - A remote code execution vulnerability exists in the way     the scripting engine handles objects in memory in     Microsoft browsers. The vulnerability could corrupt     memory in such a way that an attacker could execute     arbitrary code in the context of the current user. An     attacker who successfully exploited the vulnerability     could gain the same user rights as the current user.
    (CVE-2018-8287, CVE-2018-8288, CVE-2018-8291)

  - A remote code execution vulnerability exists when the     Microsoft .NET Framework fails to validate input     properly. An attacker who successfully exploited this     vulnerability could take control of an affected system.
    An attacker could then install programs; view, change,     or delete data; or create new accounts with full user     rights. Users whose accounts are configured to have     fewer user rights on the system could be less impacted     than users who operate with administrative user rights.
    (CVE-2018-8284)

  - A security feature bypass vulnerability exists when     Microsoft .NET Framework components do not correctly     validate certificates. An attacker could present expired     certificates when challenged. The security update     addresses the vulnerability by ensuring that .NET     Framework components correctly validate certificates.
    (CVE-2018-8356)

ID	Name	Product	Family	Severity
111007	Security Updates for Windows Server 2008 (July 2018)	Nessus	Windows : Microsoft Bulletins	high
110987	KB4338820: Windows Server 2012 July 2018 Security Update	Nessus	Windows : Microsoft Bulletins	high
110986	KB4338829: Windows 10 July 2018 Security Update	Nessus	Windows : Microsoft Bulletins	high
110985	KB4338826: Windows 10 Version 1703 July 2018 Security Update	Nessus	Windows : Microsoft Bulletins	high
110984	KB4338825: Windows 10 Version 1709 and Windows Server Version 1709 July 2018 Security Update	Nessus	Windows : Microsoft Bulletins	high
110982	KB4338823: Windows 7 and Windows Server 2008 R2 July 2018 Security Update	Nessus	Windows : Microsoft Bulletins	high
110981	KB4338824: Windows 8.1 and Windows Server 2012 R2 July 2018 Security Update	Nessus	Windows : Microsoft Bulletins	high
110980	KB4338814: Windows 10 Version 1607 and Windows Server 2016 July 2018 Security Update	Nessus	Windows : Microsoft Bulletins	high

CVE-2018-8304

Description

References

Details

Risk Information

CVSS v2.0

CVSS v3.0

Vulnerable Software

Configuration 1

Configuration 2

Configuration 3

Configuration 4

Configuration 5

Configuration 6

Tenable Plugins