This month, Microsoft fixes 63 vulnerabilities. 2 of which have been publicly disclosed:

%%cve:2018-8414%% : This is the "Settings.ms" issue. These files were introduced in Windows 8, and they are used to create shortcuts to specific settings pages. The XML instructions for the link can lead to code execution and the user is not warned before opening the files. This has been widely exploited. For details, see the report by SpecterOps: https://posts.specterops.io/the-tale-of-settingcontent-ms-files-f1ea253e4d39

%%cve:2018-8373%%: Not a lot of details here other than the fact that this is yet another scripting engine memory corruption issue. There have been plenty like it, so exploit writers likely have already a game plan how to write yet another exploit for this problem.

Dashboard: https://patchtuesdaydashboard.com

August 2018 Security Updates

Description
CVE Disclosed Exploited Exploitability (old versions) current version Severity CVSS Base (AVG) CVSS Temporal (AVG)
.NET Framework Information Disclosure Vulnerability
%%cve:2018-8360%% No No Less Likely Less Likely Important    
AD FS Security Feature Bypass Vulnerability
%%cve:2018-8340%% No No Less Likely Less Likely Important 6.5 5.9
August 2018 Adobe Flash Security Update
ADV180020 No No - - Critical    
Chakra Scripting Engine Memory Corruption Vulnerability
%%cve:2018-8266%% No No - - Critical 4.2 3.8
%%cve:2018-8380%% No No - - Critical 4.2 3.8
%%cve:2018-8381%% No No - - Critical 4.2 3.8
%%cve:2018-8384%% No No - - Critical 4.2 3.8
Device Guard Code Integrity Policy Security Feature Bypass Vulnerability
%%cve:2018-8204%% No No Less Likely Less Likely Important 5.3 4.8
%%cve:2018-8200%% No No Less Likely Less Likely Important 5.3 4.8
Diagnostic Hub Standard Collector Elevation Of Privilege Vulnerability
%%cve:2018-0952%% No No Less Likely Less Likely Important 6.7 6.0
DirectX Graphics Kernel Elevation of Privilege Vulnerability
%%cve:2018-8400%% No No Less Likely Less Likely Important 7.0 6.3
%%cve:2018-8401%% No No More Likely More Likely Important 7.0 6.3
%%cve:2018-8405%% No No More Likely More Likely Important 7.0 6.3
%%cve:2018-8406%% No No More Likely More Likely Important 7.0 6.3
GDI+ Remote Code Execution Vulnerability
%%cve:2018-8397%% No No - - Critical 8.8 7.9
Internet Explorer Remote Code Execution Vulnerability
%%cve:2018-8316%% No No Less Likely Less Likely Important 6.4 5.8
LNK Remote Code Execution Vulnerability
%%cve:2018-8345%% No No More Likely More Likely Critical 7.5 6.7
%%cve:2018-8346%% No No - - Important 7.5 6.7
Microsoft (MAU) Office Elevation of Privilege Vulnerability
%%cve:2018-8412%% No No Less Likely Less Likely Important    
Microsoft Browser Elevation of Privilege Vulnerability
%%cve:2018-8357%% No No Less Likely Less Likely Important 6.4 5.8
Microsoft Browser Information Disclosure Vulnerability
%%cve:2018-8351%% No No - - Important 2.4 2.2
Microsoft Browser Memory Corruption Vulnerability
%%cve:2018-8403%% No No More Likely More Likely Critical 4.2 3.8
Microsoft COM for Windows Remote Code Execution Vulnerability
%%cve:2018-8349%% No No Less Likely Less Likely Important 7.0 6.3
Microsoft Cortana Elevation of Privilege Vulnerability
%%cve:2018-8253%% No No - - Important 4.0 3.6
Microsoft Edge Information Disclosure Vulnerability
%%cve:2018-8370%% No No - - Important 3.1 3.1
Microsoft Edge Memory Corruption Vulnerability
%%cve:2018-8377%% No No - - Critical 4.2 3.8
%%cve:2018-8387%% No No - - Critical 7.5 6.7
Microsoft Edge Security Feature Bypass Vulnerability
%%cve:2018-8358%% No No - - Important 4.7 4.2
Microsoft Edge Spoofing Vulnerability
%%cve:2018-8383%% No No - - Important 4.3 3.9
%%cve:2018-8388%% No No - - Low 5.4 4.9
Microsoft Excel Information Disclosure Vulnerability
%%cve:2018-8382%% No No Less Likely Less Likely Important    
Microsoft Excel Remote Code Execution Vulnerability
%%cve:2018-8375%% No No Less Likely Less Likely Important    
%%cve:2018-8379%% No No More Likely More Likely Important    
Microsoft Exchange Memory Corruption Vulnerability
%%cve:2018-8302%% No No Less Likely Less Likely Critical    
Microsoft Exchange Server Tampering Vulnerability
%%cve:2018-8374%% No No Unlikely Unlikely Moderate    
Microsoft Graphics Remote Code Execution Vulnerability
%%cve:2018-8344%% No No More Likely More Likely Critical 7.8 7.0
Microsoft Guidance to mitigate L1TF variant
ADV180018 No No Less Likely Less Likely Important 7.1 7.1
Microsoft Office Defense in Depth Update
ADV180021 No No Less Likely Less Likely      
Microsoft Office Information Disclosure Vulnerability
%%cve:2018-8378%% No No Less Likely Less Likely Important    
Microsoft PowerPoint Remote Code Execution Vulnerability
%%cve:2018-8376%% No No - - Important    
Microsoft SQL Server Remote Code Execution Vulnerability
%%cve:2018-8273%% No No Less Likely Less Likely Critical    
Scripting Engine Memory Corruption Vulnerability
%%cve:2018-8371%% No No More Likely More Likely Critical 6.4 5.8
%%cve:2018-8372%% No No - - Critical 6.4 5.8
%%cve:2018-8373%% Yes Yes Detected Less Likely Critical 6.4 5.8
%%cve:2018-8385%% No No More Likely More Likely Critical 6.4 5.8
%%cve:2018-8389%% No No More Likely More Likely Important 6.4 5.8
%%cve:2018-8390%% No No - - Critical 4.2 3.8
%%cve:2018-8353%% No No More Likely More Likely Important 6.4 5.8
%%cve:2018-8355%% No No - - Critical 4.2 3.8
%%cve:2018-8359%% No No - - Critical 5.3 4.8
Win32k Elevation of Privilege Vulnerability
%%cve:2018-8399%% No No Less Likely Less Likely Important 7.0 6.3
%%cve:2018-8404%% No No More Likely More Likely Important 7.0 6.3
Windows GDI Information Disclosure Vulnerability
%%cve:2018-8394%% No No Less Likely Less Likely Important 4.7 4.2
%%cve:2018-8396%% No No - - Important 4.7 4.2
%%cve:2018-8398%% No No Less Likely Less Likely Important 4.7 4.2
Windows Installer Elevation of Privilege Vulnerability
%%cve:2018-8339%% No No Less Likely Less Likely Important 7.4 6.7
Windows Kernel Elevation of Privilege Vulnerability
%%cve:2018-8347%% No No More Likely More Likely Important 7.0 6.3
Windows Kernel Information Disclosure Vulnerability
%%cve:2018-8341%% No No Less Likely Less Likely Important 4.7 4.2
%%cve:2018-8348%% No No Less Likely Less Likely Important 4.7 4.2
Windows NDIS Elevation of Privilege Vulnerability
%%cve:2018-8342%% No No - - Important 7.0 6.3
%%cve:2018-8343%% No No Less Likely Less Likely Important 7.0 6.3
Windows PDF Remote Code Execution Vulnerability
%%cve:2018-8350%% No No Less Likely Less Likely Critical 4.2 3.8
Windows Shell Remote Code Execution Vulnerability
%%cve:2018-8414%% Yes Yes More Likely More Likely Important 4.8 4.8

---
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS Technology Institute
Twitter|

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Multiple Intel Processors Side Channel Attack Multiple Information Disclosure Vulnerabilities
 

Foreshadow explained in a video.

Another day, another speculative execution-based attack. Data protected by Intel's SGX—data that's meant to be protected even from a malicious or hacked kernel—can be read by an attacker thanks to leaks enabled by speculative execution.

Since publication of the Spectre and Meltdown attacks in January this year, security researchers have been taking a close look at speculative execution and the implications it has for security. All high-speed processors today perform speculative execution: they assume certain things (a register will contain a particular value, a branch will go a particular way) and perform calculations on the basis of those assumptions. It's an important design feature of these chips that's essential to their performance, and it has been for 20 years.

But Meltdown and Spectre showed that speculative execution has security implications. Meltdown (on most Intel and some ARM processors) allows user applications to read the contents of kernel memory. Spectre (on most Intel, AMD, and ARM chips) can be used to attack software sandboxes used for JavaScript in browsers and, under the right conditions, can allow kernel memory or hypervisor memory to be read. In the months since they were first publicized, we've seen new variants: speculative store bypass, speculative buffer overflows, and even a remotely exploitable version of Spectre.

Read 22 remaining paragraphs | Comments

 
OpenSSL CVE-2018-0732 Denial of Service Vulnerability
 
Adobe Acrobat and Reader APSB18-29 Multiple Arbitrary Code Execution Vulnerabilities
 
Adobe Flash Player CVE-2018-12825 Unspecified Security Bypass Vulnerability
 
Adobe Experience Manager CVE-2018-5005 Cross Site Scripting Vulnerability
 
Adobe Flash Player CVE-2018-12828 Unspecified Privilege Escalation Vulnerability
 
Internet Storm Center Infocon Status