Security Updates for Microsoft Skype for Business and Microsoft Lync (July 2018)

high Nessus Plugin ID 111045

Synopsis

The Microsoft Skype for Business or Microsoft Lync installation on the remote host is affected by multiple vulnerabilities.

Description

The Microsoft Skype for Business or Microsoft Lync installation on the remote host is missing security updates.
It is, therefore, affected by multiple vulnerabilities :

- A security feature bypass vulnerability exists when Skype for Business or Lync do not properly parse UNC path links shared via messages. An attacker who successfully exploited the vulnerability could execute arbitrary commands in the context of the logged-in user.
The security feature bypass by itself does not allow arbitrary code execution. Instead, an attacker would have to convince users to click a link to a file. In a file-sharing attack scenario, an attacker could provide a specially-crafted file designed to exploit the vulnerability, and then convince a user to click the link to the file. The update addresses the vulnerability by correcting how Skype for Business and Lync handle links to UNC paths. (CVE-2018-8238)

- A remote code execution vulnerability exists when Skype for Business and Microsoft Lync clients fail to properly sanitize specially crafted content. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2018-8311)

Solution

Microsoft has released the following security updates to address this issue:
-KB4022221
-KB4022225

See Also

http://www.nessus.org/u?545ab530

http://www.nessus.org/u?2c06c463

Plugin Details

Severity: High

ID: 111045

File Name: smb_nt_ms18_jul_skype.nasl

Version: 1.6

Type: local

Agent: windows

Published: 7/13/2018

Updated: 9/5/2024

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2018-8238

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 7.7

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

CVSS Score Source: CVE-2018-8311

Vulnerability Information

CPE: cpe:/a:microsoft:lync, cpe:/a:microsoft:skype_for_business

Required KB Items: SMB/MS_Bulletin_Checks/Possible

Exploit Ease: No known exploits are available

Patch Publication Date: 7/10/2018

Vulnerability Publication Date: 7/10/2018

Reference Information

CVE: CVE-2018-8238, CVE-2018-8311

BID: 104619, 104624

MSFT: MS18-4022221, MS18-4022225

MSKB: 4022221, 4022225