Critical Windows Vulnerabilities Exploited By Hackers Now Patched In Microsoft May 2018 Updates

In May’s Patch Tuesday, 68 Windows vulnerabilities have been patched, including two where exploitation had been detected. A vulnerability discovered in VBScript could allow attackers to execute code in the context of the logged in user. This vulnerability could be exploited via certain web browsers or Microsoft Office documents. The second flaw is a privilege escalation vulnerability affecting Win32k which could allow an attacker to execute code in kernel mode. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-777 on Wednesday, May 9th.

Tyler Reguly, Manager at Tripwire:

Today’s VERT Alert addresses Microsoft’s May 2018 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-777 on Wednesday, May 9th.

CVE-2018-8120

This privilege escalation vulnerability affecting Win32k could allow an attacker to execute code in kernel mode. According to Microsoft, the newest OS releases aren’t affected, but this is being actively exploited on Windows 7, Windows Server 2008 and Windows Server 2008 R2.

Microsoft has rated this as a 4 on the Exploitability Index (Not affected).

Note: Microsoft has rated this as a 0 (Exploitation Detected) on older software releases.

CVE-2018-8174

A vulnerability in VBScript could allow attackers to execute code in the context of the logged in user. This vulnerability could be exploited via certain web browsers or Microsoft Office documents, Microsoft has reported active exploitation of this vulnerability.

Microsoft has rated this as a 0 on the Exploitability Index (Exploitation Detected).

CVE-2018-8170

A privilege escalation vulnerability affecting Windows 10 versions 1703 and 1709 as well as Windows Server, version 1709 has been publicly disclosed. A malicious application could take advantage of a flaw in the way the Windows kernel image handles objects in memory in order to execute code with higher privileges.

Microsoft has rated this as a 1 on the Exploitability Index (Exploitation More Likely).

CVE-2018-8141

According to Microsoft, this vulnerability only impacts Windows 10 Version 1709 and Windows Server version 1709. It could lead to information disclosure. While this vulnerability alone will not allow for system compromise, it could provide useful information that would further enable compromise.

Microsoft has rated this as a 4 on the Exploitability Index (Not affected).

Note: Microsoft has rated this as a 2 (Exploitation Less Likely) on older software releases.

CVE Breakdown by Tag

While historical Microsoft Security Bulletin groupings are gone, Microsoft vulnerabilities are tagged with an identifier. This list provides a breakdown of the CVEs on a per tag basis.

TAG CVE COUNT CVES
.NET FRAMEWORK 2 CVE-2018-1039, CVE-2018-0765
WINDOWS HYPER-V 2 CVE-2018-0959, CVE-2018-0961
GITHUB 1 CVE-2018-8115
MICROSOFT WINDOWS 4 CVE-2018-0958, CVE-2018-8136, CVE-2018-8170, CVE-2018-8174
MICROSOFT EDGE 4 CVE-2018-1021, CVE-2018-8112, CVE-2018-8123, CVE-2018-8179
MICROSOFT GRAPHICS COMPONENT 4 CVE-2018-8124, CVE-2018-8164, CVE-2018-8165, CVE-2018-8120
WINDOWS COM 1 CVE-2018-0824
MICROSOFT BROWSERS 2 CVE-2018-1025, CVE-2018-8178
DEVICE GUARD 3 CVE-2018-0854, CVE-2018-8129, CVE-2018-8132
COMMON LOG FILE SYSTEM DRIVER 1 CVE-2018-8167
WINDOWS KERNEL 5 CVE-2018-8127, CVE-2018-8134, CVE-2018-8897, CVE-2018-8166, CVE-2018-8141
MICROSOFT EXCHANGE SERVER 5 CVE-2018-8151, CVE-2018-8152, CVE-2018-8154, CVE-2018-8153, CVE-2018-8159
AZURE 1 CVE-2018-8119
INTERNET EXPLORER 1 CVE-2018-8126
MICROSOFT OFFICE 14 CVE-2018-8155, CVE-2018-8156, CVE-2018-8160, CVE-2018-8161, CVE-2018-8162, CVE-2018-8163, CVE-2018-8168, CVE-2018-8173, CVE-2018-8147, CVE-2018-8148, CVE-2018-8149, CVE-2018-8150, CVE-2018-8157, CVE-2018-8158
MICROSOFT SCRIPTING ENGINE 17 CVE-2018-8122, CVE-2018-8128, CVE-2018-8130, CVE-2018-8133, CVE-2018-8137, CVE-2018-8139, CVE-2018-8145, CVE-2018-8177, CVE-2018-0943, CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114

Other Information

In addition to the Microsoft vulnerabilities included in the May Security Guidance, a security advisory was also made available.

MAY 2018 ADOBE FLASH SECURITY UPDATE [ADV180007]

Microsoft released updates for Adobe Flash. These correspond with Adobe Update APSB18-16. This includes a fix for CVE-2018-4944.

Experts Comments

Stay Tuned! Our Information Security Experts Community is responding .....

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.