November 2018 Microsoft Patch Tuesday, (Tue, Nov 13th)

This month, Microsoft patches two issues that have already been disclosed publically. One is related to BitLocker trusting SSDs with faulty encryption. If an SSD offers its own hardware-based encryption, BitLocker will not add its own software encryption on top of it, to save CPU cycles. But last month, it became known that SSD hardware encryption is often implemented badly and can easily be bypassed. As a result, Microsoft releases a patch and also an advisory with details regarding Bitlocker’s behavior and how to override it.

The second publicly disclosed vulnerability is the ALPC elevation of privilege issue that was disclosed by SandboxEscaper via Twitter. ScandboxEscaper disclosed a very similar issue a couple months ago. Microsoft patched the issue, but apparently not completely. 

Finally, these updates address a Win32k elevation of privilege vulnerability (cve:2018-8589) which has been exploited in the wild.

For a more detailed breakdown, see Renato’s dashboard: 

Description
CVE Disclosed Exploited Exploitability (old versions) current version Severity CVSS Base (AVG) CVSS Temporal (AVG)
.NET Core Tampering Vulnerability
%%cve:2018-8416%% No No Less Likely Less Likely Moderate    
Active Directory Federation Services XSS Vulnerability
%%cve:2018-8547%% No No Less Likely Less Likely Important 6.5 5.9
Azure App Service Cross-site Scripting Vulnerability
%%cve:2018-8600%% No No Important    
BitLocker Security Feature Bypass Vulnerability
%%cve:2018-8566%% Yes No Less Likely Less Likely Important 4.6 4.6
Chakra Scripting Engine Memory Corruption Vulnerability
%%cve:2018-8588%% No No Critical 4.2 3.8
%%cve:2018-8541%% No No Critical 4.2 3.8
%%cve:2018-8542%% No No Critical 4.2 3.8
%%cve:2018-8543%% No No Critical 4.2 3.8
%%cve:2018-8551%% No No Critical 4.2 3.8
%%cve:2018-8555%% No No Critical 4.2 3.8
%%cve:2018-8556%% No No Critical 4.2 3.8
%%cve:2018-8557%% No No Critical 4.2 3.8
DirectX Elevation of Privilege Vulnerability
%%cve:2018-8485%% No No Less Likely Less Likely Important 7.0 6.3
%%cve:2018-8554%% No No More Likely More Likely Important 7.0 6.3
%%cve:2018-8561%% No No Less Likely Less Likely Important 7.0 6.3
DirectX Information Disclosure Vulnerability
%%cve:2018-8563%% No No Important 4.7 4.2
Guidance for configuring BitLocker to enforce software encryption
ADV180028 Yes No      
Internet Explorer Memory Corruption Vulnerability
%%cve:2018-8570%% No No Important 6.4 5.8
Latest Servicing Stack Updates
ADV990001 No No      
MSRPC Information Disclosure Vulnerability
%%cve:2018-8407%% No No Less Likely Less Likely Important 3.3 3.3
Microsoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability
%%cve:2018-8605%% No No Important    
%%cve:2018-8606%% No No Important    
%%cve:2018-8607%% No No Important    
%%cve:2018-8608%% No No Important    
Microsoft Dynamics 365 (on-premises) version 8 Remote Code Execution Vulnerability
%%cve:2018-8609%% No No Critical    
Microsoft Edge Elevation of Privilege Vulnerability
%%cve:2018-8567%% No No Important 5.4 4.9
Microsoft Edge Information Disclosure Vulnerability
%%cve:2018-8545%% No No Important 4.3 3.9
Microsoft Edge Spoofing Vulnerability
%%cve:2018-8564%% No No Important 4.3 3.9
Microsoft Excel Remote Code Execution Vulnerability
%%cve:2018-8574%% No No More Likely More Likely Important    
%%cve:2018-8577%% No No More Likely More Likely Important    
Microsoft Exchange Server Elevation of Privilege Vulnerability
%%cve:2018-8581%% No No Less Likely Less Likely Important    
Microsoft Graphics Components Remote Code Execution Vulnerability
%%cve:2018-8553%% No No Critical 7.4 6.7
Microsoft JScript Security Feature Bypass Vulnerability
%%cve:2018-8417%% No No More Likely More Likely Important 4.5 4.5
Microsoft Outlook Information Disclosure Vulnerability
%%cve:2018-8558%% No No Less Likely Less Likely Important    
%%cve:2018-8579%% No No Less Likely Less Likely Important    
Microsoft Outlook Remote Code Execution Vulnerability
%%cve:2018-8522%% No No More Likely More Likely Important    
%%cve:2018-8576%% No No More Likely More Likely Important    
%%cve:2018-8524%% No No Less Likely Less Likely Important    
%%cve:2018-8582%% No No More Likely More Likely Important    
Microsoft PowerShell Remote Code Execution Vulnerability
%%cve:2018-8256%% No No Less Likely Less Likely Important 6.3 6.3
Microsoft PowerShell Tampering Vulnerability
%%cve:2018-8415%% No No Less Likely Less Likely Important 3.3 3.3
Microsoft Project Remote Code Execution Vulnerability
%%cve:2018-8575%% No No Less Likely Less Likely Important    
Microsoft RemoteFX Virtual GPU miniport driver Elevation of Privilege Vulnerability
%%cve:2018-8471%% No No Less Likely Less Likely Important 7.0 7.0
Microsoft SharePoint Elevation of Privilege Vulnerability
%%cve:2018-8572%% No No Less Likely Less Likely Important    
%%cve:2018-8568%% No No Less Likely Less Likely Important    
Microsoft SharePoint Information Disclosure Vulnerability
%%cve:2018-8578%% No No Important    
Microsoft Skype for Business Denial of Service Vulnerability
%%cve:2018-8546%% No No Unlikely Unlikely Low    
Microsoft Word Remote Code Execution Vulnerability
%%cve:2018-8539%% No No Important    
%%cve:2018-8573%% No No More Likely More Likely Important    
November 2018 Adobe Flash Security Update
ADV180025 No No Important    
Team Foundation Server Cross-site Scripting Vulnerability
%%cve:2018-8602%% No No Important    
Win32k Elevation of Privilege Vulnerability
%%cve:2018-8562%% No No More Likely More Likely Important 7.0 6.3
Win32k Information Disclosure Vulnerability
%%cve:2018-8565%% No No Important 4.7 4.2
Windows ALPC Elevation of Privilege Vulnerability
%%cve:2018-8584%% Yes No More Likely More Likely Important 7.8 7.5
Windows Audio Service Information Disclosure Vulnerability
%%cve:2018-8454%% No No Less Likely Less Likely Important 2.5 2.5
Windows COM Elevation of Privilege Vulnerability
%%cve:2018-8550%% No No Less Likely Less Likely Important 7.0 6.3
Windows Deployment Services TFTP Server Remote Code Execution Vulnerability
%%cve:2018-8476%% No No More Likely More Likely Critical 8.1 8.1
Windows Elevation Of Privilege Vulnerability
%%cve:2018-8592%% No No Less Likely Less Likely Important 6.4 6.1
Windows Kernel Information Disclosure Vulnerability
%%cve:2018-8408%% No No More Likely More Likely Important 3.3 3.3
Windows Scripting Engine Memory Corruption Vulnerability
%%cve:2018-8552%% No No More Likely More Likely Important 2.4 2.2
Windows Search Remote Code Execution Vulnerability
%%cve:2018-8450%% No No More Likely More Likely Important 7.5 6.7
Windows Security Feature Bypass Vulnerability
%%cve:2018-8549%% No No Less Likely Less Likely Important 5.5 5.0
Windows VBScript Engine Remote Code Execution Vulnerability
%%cve:2018-8544%% No No More Likely More Likely Critical 6.4 5.8
Windows Win32k Elevation of Privilege Vulnerability
%%cve:2018-8589%% No Yes Detected More Likely Important 7.8 7.5


Johannes B. Ullrich, Ph.D. , Dean of Research, SANS Technology Institute
Twitter|

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.