Every second Tuesday of the month, Microsoft releases updates for the Windows operating systems and other programs such as Microsoft Office and Edge. These updates fix known bugs and security vulnerabilities found within Microsoft's products.
This article will cover the security updates released today as part of the September 2018 Patch Tuesday. These updates resolve 62 known vulnerabilities in Microsoft products as well as an update for Adobe Flash Player that resolves an information disclosure vulnerability.
For information about the non-security Windows updates, you can read about today's Cumulative Updates KB4457128 and KB4457142 for Windows 10 and Cumulative Updates KB4457144 & KB4457129 for Windows 7 and 8.1.
Security Update resolves ALPC Zero-day vulnerability
Included in these updates is a patch for the Task Scheduler ALPC vulnerability that was recently disclosed and later discovered to be used in malware by the PowerPool group.
While a temporary patch was created by a third-party for this vulnerability, it is always recommended that you instead use the patches that are released by Microsoft.
Critical Vulnerabilities fixed in the September 2018 Patch Tuesday updates
This Patch Tuesday fixes 17 Critical security vulnerabilities that when exploited could lead to code execution. These vulnerabilities are the most dangerous as if they are exploited could allow a remote attacker to execute commands on a vulnerable computer and essentially take full control.
CVE-2018-0965 - Windows Hyper-V Remote Code Execution Vulnerability: is a remote code execution vulnerability in Windows Hyper-V that would allow an attacker to craft a malicious application that could escape the guest virtual machine and execute commands on the host machine.
CVE-2018-8465 - Chakra Scripting Engine Memory Corruption Vulnerability is a vulnerability is in the Chakra scripting engine in Microsoft Edge that could allow malicious web sites to exploit the vulnerability and execute code under the security level of the logged in user.
CVE-2018-8420 - MS XML Remote Code Execution Vulnerability is a vulnerability in the Microsoft XML Core Services that could allow an attack to perform remote code execution.
CVE-2018-8461 - Internet Explorer Memory Corruption Vulnerability is a vulnerability in Internet Explorer 11 that would allow a malicious web site to perform remote code execution.
CVE-2018-8475 - Windows Remote Code Execution Vulnerability affects all Windows versions from Windows 10 through Windows Server and could allow an attacker to create a malicious image file that would execute code when opened.
CVE-2018-8332 - Win32k Graphics Remote Code Execution Vulnerability affects all Windows versions from Windows 10 through Windows Server that could allow an attacker to create a malicious font, which when viewed could cause remote code execution.
CVE-2018-8391 - Scripting Engine Memory Corruption Vulnerability is a vulnerability is in the Chakra scripting engine in Microsoft Edge that could allow a malicious web site to perform remote code execution.
CVE-2018-8421 - .NET Framework Remote Code Execution Vulnerability is a remote code execution vulnerability in .NET Framework that could allow an attacker to execute code when a users opens a malicious document or application.
CVE-2018-8439 - Windows Hyper-V Remote Code Execution Vulnerability is a remote code execution vulnerability in Windows Hyper-V that could allow an attacker to craft a malicious application that could escape the guest virtual machine and execute commands on the host machine.
CVE-2018-8456 - Scripting Engine Memory Corruption Vulnerability allows attackers to perform remote code execution under the security context of the logged in user.
CVE-2018-8457 - Scripting Engine Memory Corruption Vulnerability allows attackers to perform remote code execution under the security context of the logged in user.
CVE-2018-8459 - Scripting Engine Memory Corruption Vulnerability allows attackers to perform remote code execution under the security context of the logged in user.
CVE-2018-8464 - Microsoft Edge PDF Remote Code Execution Vulnerability is a vulnerability in Microsoft Edge that could allow a malicious PDF to execute code on the vulnerable machine.
CVE-2018-8465 - Chakra Scripting Engine Memory Corruption Vulnerability is a vulnerability is in the Chakra scripting engine in Microsoft Edge that could allow a malicious web site to perform remote code execution.
CVE-2018-8466 - Chakra Scripting Engine Memory Corruption Vulnerability is a vulnerability is in the Chakra scripting engine in Microsoft Edge that could allow a malicious web site to perform remote code execution.
CVE-2018-8467 - Chakra Scripting Engine Memory Corruption Vulnerability is a vulnerability is in the Chakra scripting engine in Microsoft Edge that could allow a malicious web site to perform remote code execution.
The September 2018 Patch Tuesday Security Updates
Below is the full list of vulnerabilities resolved by the September 2018 Patch Tuesday updates. To access the full description of each vulnerability and the systems that it affects, you can view the full report here.
Tag | CVE ID | CVE Title |
---|---|---|
.NET Core | CVE-2018-8409 | System.IO.Pipelines Denial of Service |
.NET Framework | CVE-2018-8421 | .NET Framework Remote Code Execution Vulnerability |
Adobe Flash Player | ADV180023 | September 2018 Adobe Flash Security Update |
Azure | CVE-2018-8479 | Azure IoT SDK Spoofing Vulnerability |
Device Guard | CVE-2018-8449 | Device Guard Security Feature Bypass Vulnerability |
Internet Explorer | CVE-2018-8470 | Internet Explorer Security Feature Bypass Vulnerability |
Internet Explorer | CVE-2018-8447 | Internet Explorer Memory Corruption Vulnerability |
Internet Explorer | CVE-2018-8461 | Internet Explorer Memory Corruption Vulnerability |
Microsoft Edge | CVE-2018-8366 | Microsoft Edge Information Disclosure Vulnerability |
Microsoft Edge | CVE-2018-8469 | Microsoft Edge Elevation of Privilege Vulnerability |
Microsoft Edge | CVE-2018-8463 | Microsoft Edge Elevation of Privilege Vulnerability |
Microsoft Edge | CVE-2018-8425 | Microsoft Edge Spoofing Vulnerability |
Microsoft Edge | CVE-2018-8464 | Microsoft Edge PDF Remote Code Execution Vulnerability |
Microsoft Graphics Component | CVE-2018-8332 | Win32k Graphics Remote Code Execution Vulnerability |
Microsoft Graphics Component | CVE-2018-8475 | Windows Remote Code Execution Vulnerability |
Microsoft Graphics Component | CVE-2018-8462 | DirectX Graphics Kernel Elevation of Privilege Vulnerability |
Microsoft Graphics Component | CVE-2018-8424 | Windows GDI Information Disclosure Vulnerability |
Microsoft Graphics Component | CVE-2018-8433 | Microsoft Graphics Component Information Disclosure Vulnerability |
Microsoft Identity Services | CVE-2018-8269 | OData Denial of Service Vulnerability |
Microsoft JET Database Engine | CVE-2018-8392 | Microsoft JET Database Engine Remote Code Execution Vulnerability |
Microsoft JET Database Engine | CVE-2018-8393 | Microsoft JET Database Engine Remote Code Execution Vulnerability |
Microsoft Office | CVE-2018-8428 | Microsoft SharePoint Elevation of Privilege Vulnerability |
Microsoft Office | CVE-2018-8426 | Microsoft Office SharePoint XSS Vulnerability |
Microsoft Office | CVE-2018-8429 | Microsoft Excel Information Disclosure Vulnerability |
Microsoft Office | CVE-2018-8431 | Microsoft SharePoint Elevation of Privilege Vulnerability |
Microsoft Office | CVE-2018-8430 | Word PDF Remote Code Execution Vulnerability |
Microsoft Office | CVE-2018-8474 | Lync for Mac 2011 Security Feature Bypass Vulnerability |
Microsoft Office | CVE-2018-8331 | Microsoft Excel Remote Code Execution Vulnerability |
Microsoft Scripting Engine | CVE-2018-8457 | Scripting Engine Memory Corruption Vulnerability |
Microsoft Scripting Engine | CVE-2018-8459 | Scripting Engine Memory Corruption Vulnerability |
Microsoft Scripting Engine | CVE-2018-8465 | Chakra Scripting Engine Memory Corruption Vulnerability |
Microsoft Scripting Engine | CVE-2018-8456 | Scripting Engine Memory Corruption Vulnerability |
Microsoft Scripting Engine | CVE-2018-8367 | Chakra Scripting Engine Memory Corruption Vulnerability |
Microsoft Scripting Engine | CVE-2018-8391 | Scripting Engine Memory Corruption Vulnerability |
Microsoft Scripting Engine | CVE-2018-8452 | Scripting Engine Information Disclosure Vulnerability |
Microsoft Scripting Engine | CVE-2018-8315 | Microsoft Scripting Engine Information Disclosure Vulnerability |
Microsoft Scripting Engine | CVE-2018-8354 | Scripting Engine Memory Corruption Vulnerability |
Microsoft Scripting Engine | CVE-2018-8466 | Chakra Scripting Engine Memory Corruption Vulnerability |
Microsoft Scripting Engine | CVE-2018-8467 | Chakra Scripting Engine Memory Corruption Vulnerability |
Microsoft Windows | CVE-2018-8438 | Windows Hyper-V Denial of Service Vulnerability |
Microsoft Windows | CVE-2018-8271 | Windows Information Disclosure Vulnerability |
Microsoft Windows | ADV180022 | Windows Denial of Service Vulnerability |
Microsoft Windows | CVE-2018-8440 | Windows ALPC Elevation of Privilege Vulnerability |
Microsoft Windows | CVE-2018-8410 | Windows Registry Elevation of Privilege Vulnerability |
Microsoft XML Core Services | CVE-2018-8420 | MS XML Remote Code Execution Vulnerability |
Windows Hyper-V | CVE-2018-0965 | Windows Hyper-V Remote Code Execution Vulnerability |
Windows Hyper-V | CVE-2018-8435 | Windows Hyper-V Security Feature Bypass Vulnerability |
Windows Hyper-V | CVE-2018-8436 | Windows Hyper-V Denial of Service Vulnerability |
Windows Hyper-V | CVE-2018-8439 | Windows Hyper-V Remote Code Execution Vulnerability |
Windows Hyper-V | CVE-2018-8437 | Windows Hyper-V Denial of Service Vulnerability |
Windows Hyper-V | CVE-2018-8434 | Windows Hyper-V Information Disclosure Vulnerability |
Windows Kernel | CVE-2018-8336 | Windows Kernel Information Disclosure Vulnerability |
Windows Kernel | CVE-2018-8446 | Windows Kernel Information Disclosure Vulnerability |
Windows Kernel | CVE-2018-8443 | Windows Kernel Information Disclosure Vulnerability |
Windows Kernel | CVE-2018-8445 | Windows Kernel Information Disclosure Vulnerability |
Windows Kernel | CVE-2018-8455 | Windows Kernel Elevation of Privilege Vulnerability |
Windows Kernel | CVE-2018-8442 | Windows Kernel Information Disclosure Vulnerability |
Windows Media | CVE-2018-8419 | Windows Kernel Information Disclosure Vulnerability |
Windows Shell | CVE-2018-8468 | Windows Elevation of Privilege Vulnerability |
Windows SMB Server | CVE-2018-8444 | Windows SMB Information Disclosure Vulnerability |
Windows SMB Server | CVE-2018-8335 | Windows SMB Denial of Service Vulnerability |
Windows Subsystem for Linux | CVE-2018-8441 | Windows Subsystem for Linux Elevation of Privilege Vulnerability |
Windows Subsystem for Linux | CVE-2018-8337 | Windows Subsystem for Linux Security Feature Bypass Vulnerability |
Update 9/12/18: Microsoft misclassified the Adobe Flash Player as Critical and has been changed to Important. Article and title updated.
Post a Comment Community Rules
You need to login in order to post a comment
Not a member yet? Register Now