Windows 2008 January 3 2018 Multiple Security Updates

high Nessus Plugin ID 105585

Synopsis

The remote Windows host is affected by multiple vulnerabilities.

Description

The remote Windows host is missing multiple security updates released on 2018/01/03. It is, therefore, affected by multiple vulnerabilities :

- An information disclosure vulnerabilities exists in the way that the Color Management Module (ICM32.dll) handles objects in memory. This vulnerability allows an attacker to retrieve information to bypass usermode ASLR (Address Space Layout Randomization) on a targeted system. By itself, the information disclosure does not allow arbitrary code execution. However, it could allow arbitrary code to be run if the attacker uses it in combination with another vulnerability. (CVE-2018-0741)

- An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass. (CVE-2018-0747)

- An elevation of privilege vulnerability exists in the way that the Windows Kernel API enforces permissions. An attacker who successfully exploits the vulnerability could impersonate processes, interject cross-process communication, or interrupt system functionality. (CVE-2018-0748)

- An elevation of privilege vulnerability exists in the Microsoft Server Message Block (SMB) server when an attacker who has valid credentials attempts to open a specially crafted file over the SMB protocol on the same machine. An attacker who successfully exploits this vulnerability could bypass certain security checks in the operating system. (CVE-2018-0749)

- A Win32k information disclosure vulnerability exists when the Windows GDI component improperly discloses kernel memory addresses. An attacker who successfully exploits the vulnerability could obtain information to further compromise the user's system. (CVE-2018-0750)

- An information disclosure vulnerability exists in Adobe Type Manager Font Driver (ATMFD.dll) when it fails to properly handle objects in memory. An attacker who successfully exploits the vulnerability could obtain information to enable the attacker to further compromise the user's system.

Solution

Apply the following security updates :

- 4056942
- 4056613
- 4056615
- 4056759
- 4056944
- 4056941

See Also

http://www.nessus.org/u?ee02a5e1

http://www.nessus.org/u?b7618d8f

http://www.nessus.org/u?14fd3757

http://www.nessus.org/u?10972e7d

http://www.nessus.org/u?a3717b24

http://www.nessus.org/u?7fd20780

Plugin Details

Severity: High

ID: 105585

File Name: smb_nt_ms18_jan3_win2008.nasl

Version: 1.7

Type: local

Agent: windows

Published: 1/4/2018

Updated: 9/4/2020

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Medium

Base Score: 4.6

Temporal Score: 3.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2018-0749

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 7

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:microsoft:windows

Required KB Items: SMB/MS_Bulletin_Checks/Possible

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 1/3/2018

Vulnerability Publication Date: 1/3/2018

Reference Information

CVE: CVE-2018-0741, CVE-2018-0747, CVE-2018-0748, CVE-2018-0749, CVE-2018-0750

MSFT: MS18-4056613, MS18-4056615, MS18-4056759, MS18-4056941, MS18-4056942, MS18-4056944

MSKB: 4056613, 4056615, 4056759, 4056941, 4056942, 4056944