Webinar Library
Welcome to this November Patch Tuesday Bulletin. This month we have 61 unique CVE’s listed, 4 technologies with critical vulnerabilities, and 1 CVE being exploited in the wild. Take a look at which hosts are vulnerable to CVE-2018-8589. This is an elevation of privilege vulnerability that has been exploited in the wild. The attacker will need to run a maliciously crafted application on the system to elevate their privileges. There have been recent reports of vulnerabilities found in self encrypting drives that could allow access to data on the disk when the attacker has physical access. Microsoft has released guidance on mitigating these vulnerabilities by forcing software encryption with BitLocker. Normally BitLocker will default to hardware encryption if it is present, but this can be changed through group policy. If affected disks are present in the environment then review the guidance and determine if the BitLocker mitigation is feasible. Review the environment for the existence of Azure App Service on Azure Stack, Team Foundation Server, and Dynamics 365. These are relatively new technologies in Patch Tuesday and may need a testing plan developed.
Over the years we've had millions of visitors to UltimateWindowsSecurity.com. Every month we have thousands and thousands of visitors to our Security Log Encyclopedia which documents all of the Security Log event ID’s for Windows Server OS’s. Back in 2007 when SharePoint added auditing capability, I realized that my audience not only needed the event information from SharePoint but I also found a similar need in SQL Server and Exchange. So not only did I document the data but I also started to develop the means to extract that event data from these applications so that it’s accessible and useable to the end user. Some 8 years later and LOGbinder is continuing to grow as companies realize LOGbinder bridges the gap between these applications and their infosec team. Visit LOGbinder.com to download a free 30-day fully functional trial and see the security event data that you have literally been missing.
So, without further ado, here’s the chart of MS patches that affect Windows platforms in the past month.
Patch data provided by:
Technology
Products Affected
Severity
Reference
Workaround/ Exploited
Vulnerability Info
IE
IE 9, 10, 11
Important
CVE-2018-8552
CVE-2018-8570
*Workaround: No
**Exploited: No
Information Disclosure
Remote Code Execution
Edge
All
Critical
CVE-2018-8541
CVE-2018-8542
CVE-2018-8543
CVE-2018-8545
CVE-2018-8551
CVE-2018-8555
CVE-2018-8556
CVE-2018-8557
CVE-2018-8564
CVE-2018-8567
CVE-2018-8588
Spoofing
Elevation of Privilege
Windows
Server 2008, 2008 R2, 2012, 2012 R2, 2016, 2019
Windows 7, 8.1, RT 8.1, 10
CVE-2018-8256
CVE-2018-8407
CVE-2018-8408
CVE-2018-8415
CVE-2018-8417
CVE-2018-8450
CVE-2018-8454
CVE-2018-8471
CVE-2018-8476
CVE-2018-8485
CVE-2018-8544
CVE-2018-8547
CVE-2018-8549
CVE-2018-8550
CVE-2018-8553
CVE-2018-8554
CVE-2018-8561
CVE-2018-8562
CVE-2018-8563
CVE-2018-8565
CVE-2018-8566
CVE-2018-8584
CVE-2018-8589**
CVE-2018-8592
ADV180028
**Exploited: Yes
Defense in Depth
Tampering
Security Feature Bypass
Office, Office Services, Office Web Apps
Office 365 ProPlus,
Word 2010, 2013, 2016
SharePoint 2010, 2013, 2016, 2019
Project 2010, 2013, 2016
Outlook 2010, 2013, 2016
Office Web Apps 2010, 2013
Office 2010, 2013, 2016, 2019
Lync 2013
Excel 2010, 2013, 2016
CVE-2018-8522
CVE-2018-8524
CVE-2018-8539
CVE-2018-8546
CVE-2018-8558
CVE-2018-8568
CVE-2018-8572
CVE-2018-8573
CVE-2018-8574
CVE-2018-8575
CVE-2018-8576
CVE-2018-8577
CVE-2018-8578
CVE-2018-8579
CVE-2018-8582
Denial of Service
ChakraCore
.NET Core
.NET Core 2.1
Moderate
CVE-2018-8416
Skype for Business
Skype for Business 2016
Low
Azure App Service on Azure Stack
CVE-2018-8600
Team Foundation Server
Foundation Server 2017 3.1
Foundation Server 2018 1.1, 3, 3.1
CVE-2018-8529
CVE-2018-8602
Microsoft Dynamics 365 (on-premises)
Dynamics 365 version 8
CVE-2018-8605
CVE-2018-8606
CVE-2018-8607
CVE-2018-8608
CVE-2018-8609
We will not share your address. Unsubscribe anytime. By clicking "Submit", you're agreeing to our Privacy Policy and consenting to be contacted by us.