Wed. Jan 22nd, 2020

Microsoft fixed 63 security issues on the August Patch Tuesday

4 min read

Microsoft released the August security update patch on Tuesday, fixing 63 security issues ranging from simple spoofing attacks to remote code execution.

Products related to .NET Framework, Adobe Flash Player, Device Guard, Internet Explorer, Microsoft Browsers, Microsoft Edge, Microsoft Exchange Server, Microsoft Graphics Component, Microsoft Office, Microsoft Scripting Engine, Microsoft Windows, Microsoft Windows PDF, SQL Server, Windows Authentication Methods Windows COM, Windows Diagnostic Hub, Windows Installer, Windows Kernel, Windows NDIS, Windows RNDIS, and Windows Shell.

The following are relatively high-risk vulnerabilities

Product CVE number CVE title
Internet Explorer CVE-2018-8316 Internet Explorer Remote Code Execution Vulnerability
Microsoft Exchange Server CVE-2018-8302 Microsoft Exchange Memory Corruption Vulnerability
Microsoft Graphics Component CVE-2018-8397 GDI+ Remote Code Execution Vulnerability
Microsoft Graphics Component CVE-2018-8344 Microsoft Graphics Remote Code Execution Vulnerability
Microsoft Office CVE-2018-8379 Microsoft Excel Remote Code Execution Vulnerability
Microsoft Windows CVE-2018-8345 LNK Remote Code Execution Vulnerability
Microsoft Windows CVE-2018-8346 LNK Remote Code Execution Vulnerability
Microsoft Windows PDF CVE-2018-8350 Windows PDF Remote Code Execution Vulnerability
SQL Server CVE-2018-8273 Microsoft SQL Server Remote Code Execution Vulnerability
Windows COM CVE-2018-8349 Microsoft COM for Windows Remote Code Execution Vulnerability
Windows Shell CVE-2018-8414 Windows Shell Remote Code Execution Vulnerability

 

Product CVE number CVE title
.NET Framework CVE-2018-8360 .NET Framework Information Disclosure Vulnerability
Adobe Flash Player ADV180020 August 2018 Adobe Flash Security Update
Device Guard CVE-2018-8204 Device Guard Code Integrity Policy Security Feature Bypass Vulnerability
Device Guard CVE-2018-8200 Device Guard Code Integrity Policy Security Feature Bypass Vulnerability
Internet Explorer CVE-2018-8316 Internet Explorer Remote Code Execution Vulnerability
Microsoft Browsers CVE-2018-8403 Microsoft Browser Memory Corruption Vulnerability
Microsoft Browsers CVE-2018-8351 Microsoft Browser Information Disclosure Vulnerability
Microsoft Browsers CVE-2018-8357 Microsoft Browser privilege elevation vulnerability
Microsoft Edge CVE-2018-8358 Microsoft Edge Security Feature Bypass Vulnerability
Microsoft Edge CVE-2018-8370 Microsoft Edge Information Disclosure Vulnerability
Microsoft Edge CVE-2018-8377 Microsoft Edge Memory Corruption Vulnerability
Microsoft Edge CVE-2018-8383 Microsoft Edge Spoofing Vulnerability
Microsoft Edge CVE-2018-8388 Microsoft Edge Spoofing Vulnerability
Microsoft Edge CVE-2018-8387 Microsoft Edge Memory Corruption Vulnerability
Microsoft Exchange Server CVE-2018-8302 Microsoft Exchange Memory Corruption Vulnerability
Microsoft Exchange Server CVE-2018-8374 Microsoft Exchange Server Tampering Vulnerability
Microsoft Graphics Component CVE-2018-8394 Windows GDI Information Disclosure Vulnerability
Microsoft Graphics Component CVE-2018-8396 Windows GDI Information Disclosure Vulnerability
Microsoft Graphics Component CVE-2018-8397 GDI+ Remote Code Execution Vulnerability
Microsoft Graphics Component CVE-2018-8398 Windows GDI Information Disclosure Vulnerability
Microsoft Graphics Component CVE-2018-8400 DirectX Graphics Kernel Privilege Escalation Vulnerability
Microsoft Graphics Component CVE-2018-8401 DirectX Graphics Kernel Privilege Escalation Vulnerability
Microsoft Graphics Component CVE-2018-8405 DirectX Graphics Kernel Privilege Escalation Vulnerability
Microsoft Graphics Component CVE-2018-8406 DirectX Graphics Kernel Privilege Escalation Vulnerability
Microsoft Graphics Component CVE-2018-8344 Microsoft Graphics Remote Code Execution Vulnerability
Microsoft Office CVE-2018-8375 Microsoft Excel Remote Code Execution Vulnerability
Microsoft Office CVE-2018-8376 Microsoft PowerPoint Remote Code Execution Vulnerability
Microsoft Office ADV180021 Microsoft Office Defense in Depth Update
Microsoft Office CVE-2018-8378 Microsoft Office Information Disclosure Vulnerability
Microsoft Office CVE-2018-8379 Microsoft Excel Remote Code Execution Vulnerability
Microsoft Office CVE-2018-8382 Microsoft Excel Information Disclosure Vulnerability
Microsoft Office CVE-2018-8412 Microsoft (MAU) Office Privilege Escalation Vulnerability
Microsoft Scripting Engine CVE-2018-8266 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8371 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8372 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8373 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8380 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8381 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8384 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8385 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8389 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8390 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8353 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8355 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8359 Scripting Engine Memory Corruption Vulnerability
Microsoft Windows ADV180018 Microsoft Guidance to the L1TF variant
Microsoft Windows CVE-2018-8345 LNK Remote Code Execution Vulnerability
Microsoft Windows CVE-2018-8346 LNK Remote Code Execution Vulnerability
Microsoft Windows PDF CVE-2018-8350 Windows PDF Remote Code Execution Vulnerability
SQL Server CVE-2018-8273 Microsoft SQL Server Remote Code Execution Vulnerability
Windows Authentication Methods CVE-2018-8340 AD FS Security Feature Bypass Vulnerability
Windows COM CVE-2018-8349 Microsoft COM for Windows Remote Code Execution Vulnerability
Windows Diagnostic Hub CVE-2018-0952 Diagnostic Hub Standard Collector Elevation Of Privilege Vulnerability
Windows Installer CVE-2018-8339 Windows Installer Privilege Escalation Vulnerability
Windows Kernel CVE-2018-8399 Win32k Privilege Escalation Vulnerability
Windows Kernel CVE-2018-8404 Win32k Privilege Escalation Vulnerability
Windows Kernel CVE-2018-8341 Windows Kernel Information Disclosure Vulnerability
Windows Kernel CVE-2018-8347 Windows Kernel Privilege Escalation Vulnerability
Windows Kernel CVE-2018-8348 Windows Kernel Information Disclosure Vulnerability
Windows NDIS CVE-2018-8343 Windows NDIS Privilege Escalation Vulnerability
Windows RNDIS CVE-2018-8342 Windows NDIS Privilege Escalation Vulnerability
Windows Shell CVE-2018-8253 Microsoft Cortana Privilege Escalation Vulnerability
Windows Shell CVE-2018-8414 Windows Shell Remote Code Execution Vulnerability