Advisory Date: 14 November 2018

  DESCRIPTION

Microsoft addresses vulnerabilities in its November security bulletin. Trend Micro Deep Security covers the following:

  • CVE-2018-8584 - Windows ALPC Elevation of Privilege Vulnerability
    Risk Rating: Important

    This elevation of privilege vulnerability exists in the way Windows handles calls to ALPC. Attackers looking to exploit this vulnerability must be able to log on to the system.


  • CVE-2018-8408 - Windows Kernel Information Disclosure Vulnerability
    Risk Rating: Important

    This information disclosure vulnerability exists in the failure to properly initialize objects in memory by the Windows kernel component. Attackers looking to exploit this vulnerability must run a specially crafted application.


  • CVE-2018-8522 - Microsoft Outlook Remote Code Execution Vulnerability
    Risk Rating: Important

    This remote code execution vulnerability exists Microsoft Outlook. The vulnerability exists in the way it handles objects in memory.


  • CVE-2018-8539 - Microsoft Word Remote Code Execution Vulnerability
    Risk Rating: Important

    This remote code execution vulnerability in Microsoft Word is resolved by this patch. Attackers looking to exploit this vulnerability must convince a user to open a specially crafted Word file.


  • CVE-2018-8542 - Chakra Scripting Engine Memory Corruption Vulnerability
    Risk Rating: Critical

    This remote code execution vulnerability exists in the handling of objects in memory by the Chakra scripting engine in Microsoft Edge. This handling is corrected by this specific patch.


  • CVE-2018-8544 - Windows VBScript Engine Remote Code Execution Vulnerability
    Risk Rating: Critical

    The remote code execution vulnerability exists in the improper handling of objects in memory by the VBScript Engine. This handling is corrected by this specific patch.


  • CVE-2018-8552 - Scripting Engine Memory Corruption Vulnerability
    Risk Rating: Important

    This remote code execution vulnerability exists in the improper handling of objects in memory by the scripting engine in Internet Explorer. This handling is corrected by this specific patch.


  • CVE-2018-8553 - Microsoft Graphics Components Remote Code Execution Vulnerability
    Risk Rating: Critical

    This remote code execution vulnerability exists in the improper handling of objects in memory by Microsoft Graphics Components. This handling is corrected by this specific patch.


  • CVE-2018-8555 - Chakra Scripting Engine Memory Corruption Vulnerability
    Risk Rating: Critical

    This remote code execution vulnerability exists in the improper access of objects in memory by the Chakra scripting engine in Microsoft Edge. This handling is corrected by this specific patch.


  • CVE-2018-8556 - Chakra Scripting Engine Memory Corruption Vulnerability
    Risk Rating: Critical

    This remote code execution vulnerability exists in the improper access of objects in memory by the Chakra scripting engine in Microsoft Edge. This handling is corrected by this specific patch.


  • CVE-2018-8557 - Chakra Scripting Engine Memory Corruption Vulnerability
    Risk Rating: Critical

    This remote code execution vulnerability exists in the improper access of objects in memory by the Chakra scripting engine in Microsoft Edge. This handling is corrected by this specific patch.


  • CVE-2018-8563 - DirectX Information Disclosure Vulnerability
    Risk Rating: Important

    This information disclosure vulnerability exists in the improper access of objects in memory by DirectX. This handling is corrected by this specific patch.


  • CVE-2018-8565 - Win32k Information Disclosure Vulnerability
    Risk Rating: Important

    This information disclosure vulnerability exists in the improper way win32k component provides kernel information. This handling is corrected by this specific patch.


  • CVE-2018-8582 - Microsoft Outlook Remote Code Execution Vulnerability
    Risk Rating: Important

    This remote code execution vulnerability exists in the improper way Microsoft Outlook parses rule export files. This handling is corrected by this specific patch.


  • CVE-2018-8588 - Chakra Scripting Engine Memory Corruption Vulnerability
    Risk Rating: Critical

    This remote code execution vulnerability exists in the improper way the Chakra scripting engine in Microsoft Edge handles objects in memory. This handling is corrected by this specific patch.


  • CVE-2018-8589 - Windows Win32k Elevation of Privilege Vulnerability
    Risk Rating: Important

    This elevation of privilege vulnerability exists in the improper way Windows handles calls to Win32k.sys. This handling is corrected by this specific patch.


  • CVE-2018-8576 - Microsoft Outlook Remote Code Execution Vulnerability
    Risk Rating: Important

    This remote code execution vulnerability exists in the improper way Microsoft Outlook handles objects in memory. This handling is corrected by this specific patch.


  INFORMATION EXPOSURE

Trend Micro Deep Security shields networks through the following Deep Packet Inspection (DPI) rules. Trend Micro customers using the Vulnerability Protection product or OfficeScan with Intrusion Defense Firewall (IDF) plugin are also protected from attacks using these vulnerabilities.

Vulnerability ID DPI Rule Number DPI Rule Name Release Date Vulnerability Protection Compatibility
CVE-2018-8522, CVE-2018-8582, CVE-2018-8576 1009366 Microsoft Outlook Multiple Security Vulnerabilities (Nov-2018) 13-Nov-18 YES
CVE-2018-8542 1009383 Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8542) 13-Nov-18 YES
CVE-2018-8588 1009381 Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8588) 13-Nov-18 YES
CVE-2018-8555 1009374 Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8555) 13-Nov-18 YES
CVE-2018-8539 1009368 Microsoft Word Remote Code Execution Vulnerability (CVE-2018-8539) 13-Nov-18 YES
CVE-2018-8556 1009375 Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8556) 13-Nov-18 YES
CVE-2018-8563 1009378 Microsoft Windows DirectX Information Disclosure Vulnerability (CVE-2018-8563) 13-Nov-18 YES
CVE-2018-8553 1009372 Microsoft Windows Graphics Components Remote Code Execution Vulnerability (CVE-2018-8553) 13-Nov-18 YES
CVE-2018-8544 1009369 Microsoft Windows VBScript Engine Remote Code Execution Vulnerability (CVE-2018-8544) 13-Nov-18 YES
CVE-2018-8408, CVE-2018-8565, CVE-2018-8589 1009382 Microsoft Windows Multiple Security Vulnerabilities (Nov-2018) 13-Nov-18 YES
CVE-2018-8557 1009376 Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8557) 13-Nov-18 YES
CVE-2018-8552 1009371 Microsoft Internet Explorer VBScript Engine Remote Code Execution Vulnerability (CVE-2018-8552) 13-Nov-18 YES