SECUI Corporation


	Korean

<< Back

VID	26822
Severity	40
Port	139,445
Protocol	TCP
Class	SMB
Detailed Description	Microsoft Security Update for September 2018 is not installed. - A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. (CVE-2018-8457) - An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. (CVE-2018-8424) - An elevation of privilege vulnerability exists when the Windows Kernel API improperly handles registry objects in memory. (CVE-2018-8410) - An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC). (CVE-2018-8440) - A buffer overflow vulnerability exists in the Microsoft JET Database Engine that could allow remote code execution on an affected system. (CVE-2018-8392, CVE-2018-8393) - A remote code execution vulnerability exists when Windows does not properly handle specially crafted image files. (CVE-2018-8475) - A remote code execution vulnerability exists when Microsoft .NET Framework processes input. (CVE-2018-8421) - An information disclosure vulnerability exists when the Windows Graphics component improperly handles objects in memory. (CVE-2018-8433) - A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. (CVE-2018-8447) - A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input. (CVE-2018-8420) - An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft browsers. (CVE-2018-8452) - An elevation of privilege vulnerability exists in Windows that allows a sandbox escape. An attacker who successfully exploited the vulnerability could use the sandbox escape to elevate privileges on an affected system. (CVE-2018-8468) - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. (CVE-2018-8442, CVE-2018-8443) - An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address. (CVE-2018-8419) - An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system. (CVE-2018-8434) - An information disclosure vulnerability exists in Windows when the Windows bowser.sys kernel-mode driver fails to properly handle objects in memory. (CVE-2018-8271) - A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. (CVE-2018-8332) - An information disclosure vulnerability exists when the browser scripting engine improperly handle object types. (CVE-2018-8315) - A security feature bypass vulnerability exists in Internet Explorer due to how scripts are handled that allows a universal cross-site scripting (UXSS) condition. (CVE-2018-8470) - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. (CVE-2018-8336, CVE-2018-8446) * Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of this condition will result in the check not being performed and a False Negative for all vulnerable hosts. * References: https://support.microsoft.com/en-us/help/4457144/ https://support.microsoft.com/en-us/help/4457145/ * Platforms Affected: Windows Server 2008 SP2 Windows Server 2008 x64 SP2 Windows 7 SP1 Windows 7 x64 SP1 Windows Server 2008 R2 SP1 Windows Server 2008 R2 x64 SP1 Windows 8.1 Windows Server 2012 Windows Server 2012 R2 Windows 10 Windows Server 2016
Recommendation	Apply the appropriate patch for your system, as listed in Microsoft Security Bulletin September 2018 Microsoft security update at https://support.microsoft.com/en-us/help/4457144 https://support.microsoft.com/en-us/help/4457145 -- OR -- Patches for Windows platforms are also available from the Microsoft Windows Update Web site, http://windowsupdate.microsoft.com. Windows Update detects what version of Windows you are running and offers the appropriate patch.
Related URL	CVE-2018-8271,CVE-2018-8315,CVE-2018-8332,CVE-2018-8336,CVE-2018-8392,CVE-2018-8393,CVE-2018-8410,CVE-2018-8419,CVE-2018-8420,CVE-2018-8421 (CVE)
Related URL	(SecurityFocus)
Related URL	(ISS)