Trustwave and Cybereason Merge to Form Global MDR Powerhouse for Unparalleled Cybersecurity Value. Learn More
Get access to immediate incident response assistance.
Get access to immediate incident response assistance.
Trustwave and Cybereason Merge to Form Global MDR Powerhouse for Unparalleled Cybersecurity Value. Learn More
April's Patch Tuesday didn't let up much compared to March. Overall April brings with it patches for 70 vulnerabilities including 27 rated as "Critical", 42 rated as "Important" and 1 rated as "Moderate". Along with most of our "usual suspects", the MS Chakra Scripting Engine is back this month with seven RCE vulnerabilities patched. The MS Chakra Scripting Engine is implemented in Internet Explorer 9 as an interpreter for Microsoft's JScript language and made its first appearance last month with eight CVEs patched.
The big news this month is the out of band patch released for Microsoft Malware Protection Engine. The vulnerability (CVE-2018-0986) is a remote code execution bug in a DLL used by the Malware Protection Engine. It's always unfortunate when the software we use to protect us actually put us at more risk. Luckily the vulnerability was discovered by security researchers at Google instead of by criminals, so we have a chance to patch this vulnerability before it gets exploited.
The vulnerabilities rated as "Important" also includes many patches to be aware of. This list includes patches for server software that is often positioned with public access leaving them more at risk. Affected packages include HTTP.sys, Hyper-V, and SharePoint. Client software doesn't escape either as there are dozens of patches that fix vulnerabilities in IE, Edge, the MS Graphics Engine, and the Office suite, including RCE issues in MS Excel.
Let's hope that May's release is smaller, but until then let's get patching.
Critical
April 2018 Adobe Flash Security Update
ADV180007
Remote Code Execution
Chakra Scripting Engine Memory Corruption Vulnerability
CVE-2018-0979, CVE-2018-0980, CVE-2018-0990, CVE-2018-0993, CVE-2018-0994, CVE-2018-0995, CVE-2018-1019
Remote Code Execution
Hyper-V Remote Code Execution Vulnerability
CVE-2018-0959
Remote Code Execution
Internet Explorer Memory Corruption Vulnerability
CVE-2018-0870, CVE-2018-0991, CVE-2018-1018, CVE-2018-1020
Remote Code Execution
Microsoft Browser Memory Corruption Vulnerability
CVE-2018-1023
Remote Code Execution
Microsoft Edge Memory Corruption Vulnerability
CVE-2018-1022
Remote Code Execution
Microsoft Graphics Remote Code Execution Vulnerability
CVE-2018-1010, CVE-2018-1012, CVE-2018-1013, CVE-2018-1015, CVE-2018-1016
Remote Code Execution
Microsoft Malware Protection Engine Remote Code Execution Vulnerability
CVE-2018-0986
Remote Code Execution
Scripting Engine Information Disclosure Vulnerability
CVE-2018-0981, CVE-2018-1000, CVE-2018-1002, CVE-2018-0988, CVE-2018-0996
Information Disclosure
Windows VBScript Engine Remote Code Execution Vulnerability
CVE-2018-1004
Remote Code Execution
Important
Active Directory Security Feature Bypass Vulnerability
CVE-2018-0890
Security Feature Bypass
Device Guard Security Feature Bypass Vulnerability
CVE-2018-0966
Security Feature Bypass
HTTP.sys Denial of Service Vulnerability
CVE-2018-0956
Denial of Service
Hyper-V Information Disclosure Vulnerability
CVE-2018-0957, CVE-2018-0964
Information Disclosure
Internet Explorer Memory Corruption Vulnerability
CVE-2018-0997
Remote Code Execution
Microsoft DirectX Graphics Kernel Subsystem Elevation of Privilege Vulnerability
CVE-2018-1009
Elevation of Privilege
Microsoft Edge Information Disclosure Vulnerability
CVE-2018-0871, CVE-2018-0892, CVE-2018-0998
Information Disclosure
Microsoft Excel Remote Code Execution Vulnerability
CVE-2018-0920, CVE-2018-1011, CVE-2018-1027, CVE-2018-1029
Remote Code Execution
Microsoft JET Database Engine Remote Code Execution Vulnerability
CVE-2018-1003
Remote Code Execution
Microsoft Office Graphics Remote Code Execution Vulnerability
CVE-2018-1028
Remote Code Execution
Microsoft Office Information Disclosure Vulnerability
CVE-2018-0950, CVE-2018-1007
Information Disclosure
Microsoft Office Remote Code Execution Vulnerability
CVE-2018-1026, CVE-2018-1030
Remote Code Execution
Microsoft SharePoint Elevation of Privilege Vulnerability
CVE-2018-1005, CVE-2018-1014, CVE-2018-1032, CVE-2018-1034
Elevation of Privilege
Microsoft Visual Studio Information Disclosure Vulnerability
CVE-2018-1037
Information Disclosure
Microsoft Wireless Keyboard 850 Security Feature Bypass Vulnerability
CVE-2018-8117
Security Feature Bypass
OpenType Font Driver Elevation of Privilege Vulnerability
CVE-2018-1008
Elevation of Privilege
Scripting Engine Information Disclosure Vulnerability
CVE-2018-0987, CVE-2018-0989
Information Disclosure
Scripting Engine Memory Corruption Vulnerability
CVE-2018-1001
Remote Code Execution
Windows Kernel Elevation of Privilege Vulnerability
CVE-2018-0963
Elevation of Privilege
Windows Kernel Information Disclosure Vulnerability
CVE-2018-0887, CVE-2018-0960, CVE-2018-0968, CVE-2018-0969, CVE-2018-0970, CVE-2018-0971, CVE-2018-0972, CVE-2018-0973, CVE-2018-0974, CVE-2018-0975
Information Disclosure
Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability
CVE-2018-0976
Denial of Service
Windows SNMP Service Denial of Service Vulnerability
CVE-2018-0967
Denial of Service
Moderate
Microsoft Graphics Component Denial of Service Vulnerability
CVE-2018-8116
Denial of Service
Karl Sigler is Security Research Manager, SpiderLabs Threat Intelligence at Trustwave. Karl is a 20-year infosec veteran responsible for research and analysis of current vulnerabilities, malware and threat trends at Trustwave. Follow Karl on LinkedIn.
Trustwave is a globally recognized cybersecurity leader that reduces cyber risk and fortifies organizations against disruptive and damaging cyber threats. Our comprehensive offensive and defensive cybersecurity portfolio detects what others cannot, responds with greater speed and effectiveness, optimizes client investment, and improves security resilience. Learn more about us.
Copyright © 2024 Trustwave Holdings, Inc. All rights reserved.