Security Updates for Microsoft Skype for Business and Microsoft Lync (July 2018)

Critical Nessus Plugin ID 111045

Synopsis

The Microsoft Skype for Business or Microsoft Lync installation on the remote host is affected by multiple vulnerabilities.

Description

The Microsoft Skype for Business or Microsoft Lync installation on the remote host is missing security updates.
It is, therefore, affected by multiple vulnerabilities :

- A security feature bypass vulnerability exists when Skype for Business or Lync do not properly parse UNC path links shared via messages. An attacker who successfully exploited the vulnerability could execute arbitrary commands in the context of the logged-in user.
The security feature bypass by itself does not allow arbitrary code execution. Instead, an attacker would have to convince users to click a link to a file. In a file-sharing attack scenario, an attacker could provide a specially-crafted file designed to exploit the vulnerability, and then convince a user to click the link to the file. The update addresses the vulnerability by correcting how Skype for Business and Lync handle links to UNC paths. (CVE-2018-8238)

- A remote code execution vulnerability exists when Skype for Business and Microsoft Lync clients fail to properly sanitize specially crafted content. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2018-8311)

Solution

Microsoft has released the following security updates to address this issue:
-KB4022221
-KB4022225

See Also

http://www.nessus.org/u?545ab530

http://www.nessus.org/u?2c06c463

Plugin Details

Severity: Critical

ID: 111045

File Name: smb_nt_ms18_jul_skype.nasl

Version: 1.3

Type: local

Agent: windows

Published: 2018/07/13

Modified: 2018/11/15

Dependencies: 57033, 13855, 27524, 68879

Risk Information

Risk Factor: Critical

CVSS Score Source: manual

CVSS Score Rationale: Generated from microsoft security updates api.

CVSS v2.0

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS v3.0

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: cpe:/a:microsoft:skype_for_business, cpe:/a:microsoft:lync

Required KB Items: SMB/MS_Bulletin_Checks/Possible

Patch Publication Date: 2018/07/10

Vulnerability Publication Date: 2018/07/10

Reference Information

CVE: CVE-2018-8238, CVE-2018-8311

BID: 104619, 104624

MSKB: 4022221, 4022225

MSFT: MS18-4022221, MS18-4022225