Microsoft November Patch Tuesday: Fix 64 Security Issues

Microsoft November Patch Tuesday

Microsoft released the November Patch Tuesday, fixing 64 security issues ranging from simple spoofing attacks to remote code execution. Products include .NET Core, Active Directory, Adobe Flash Player, Azure, BitLocker, Internet Explorer, Microsoft Drivers. , Microsoft Dynamics, Microsoft Edge, Microsoft Exchange Server, Microsoft Graphics Component, Microsoft JScript, Microsoft Office, Microsoft Office SharePoint, Microsoft PowerShell, Microsoft RPC, Microsoft Scripting Engine, Microsoft Windows, Microsoft Windows Search Component, Servicing Stack Updates, Skype for Business And Microsoft Lync, Team Foundation Server, Windows Audio Service, and Windows Kernel.

Product CVE number CVE title
.NET Core CVE-2018-8416 .NET Core Tampering Vulnerability
Active Directory CVE-2018-8547 Active Directory Federation Services XSS Vulnerability
Adobe Flash Player ADV180025 November 2018 Adobe Flash Security Update
Azure CVE-2018-8600 Azure App Service Cross-site Scripting Vulnerability
BitLocker CVE-2018-8566 BitLocker Security Feature Bypass Vulnerability
Internet Explorer CVE-2018-8570 Internet Explorer Memory Corruption Vulnerability
Microsoft Drivers CVE-2018-8471 Microsoft RemoteFX Virtual GPU Miniport driver privilege elevation vulnerability
Microsoft Dynamics CVE-2018-8605 Microsoft Dynamics 365 (on-premises) version 8 Cross-Site Scripting Vulnerability
Microsoft Dynamics CVE-2018-8606 Microsoft Dynamics 365 (on-premises) version 8 Cross-Site Scripting Vulnerability
Microsoft Dynamics CVE-2018-8607 Microsoft Dynamics 365 (on-premises) version 8 Cross-Site Scripting Vulnerability
Microsoft Dynamics CVE-2018-8608 Microsoft Dynamics 365 (on-premises) version 8 Cross-Site Scripting Vulnerability
Microsoft Dynamics CVE-2018-8609 Microsoft Dynamics 365 (on-premises) version 8 Remote Code Execution Vulnerability
Microsoft Edge CVE-2018-8564 Microsoft Edge Spoofing Vulnerability
Microsoft Edge CVE-2018-8545 Microsoft Edge Information Disclosure Vulnerability
Microsoft Edge CVE-2018-8567 Microsoft Edge privilege elevation vulnerability
Microsoft Exchange Server CVE-2018-8581 Microsoft Exchange Server Privilege Escalation Vulnerability
Microsoft Graphics Component CVE-2018-8485 DirectX privilege elevation vulnerability
Microsoft Graphics Component CVE-2018-8553 Microsoft Graphics Components Remote Code Execution Vulnerability
Microsoft Graphics Component CVE-2018-8554 DirectX privilege elevation vulnerability
Microsoft Graphics Component CVE-2018-8561 DirectX privilege elevation vulnerability
Microsoft Graphics Component CVE-2018-8562 Win32k Privilege Escalation Vulnerability
Microsoft Graphics Component CVE-2018-8563 DirectX Information Disclosure Vulnerability
Microsoft Graphics Component CVE-2018-8565 Win32k Information Disclosure Vulnerability
Microsoft JScript CVE-2018-8417 Microsoft JScript Security Feature Bypass Vulnerability
Microsoft Office CVE-2018-8522 Microsoft Outlook Remote Code Execution Vulnerability
Microsoft Office CVE-2018-8576 Microsoft Outlook Remote Code Execution Vulnerability
Microsoft Office CVE-2018-8524 Microsoft Outlook Remote Code Execution Vulnerability
Microsoft Office CVE-2018-8539 Microsoft Word Remote Code Execution Vulnerability
Microsoft Office CVE-2018-8558 Microsoft Outlook Information Disclosure Vulnerability
Microsoft Office CVE-2018-8573 Microsoft Word Remote Code Execution Vulnerability
Microsoft Office CVE-2018-8574 Microsoft Excel Remote Code Execution Vulnerability
Microsoft Office CVE-2018-8575 Microsoft Project Remote Code Execution Vulnerability
Microsoft Office CVE-2018-8582 Microsoft Outlook Remote Code Execution Vulnerability
Microsoft Office CVE-2018-8577 Microsoft Excel Remote Code Execution Vulnerability
Microsoft Office CVE-2018-8579 Microsoft Outlook Information Disclosure Vulnerability
Microsoft Office SharePoint CVE-2018-8572 Microsoft SharePoint privilege elevation vulnerability
Microsoft Office SharePoint CVE-2018-8568 Microsoft SharePoint privilege elevation vulnerability
Microsoft Office SharePoint CVE-2018-8578 Microsoft SharePoint Information Disclosure Vulnerability
Microsoft PowerShell CVE-2018-8256 Microsoft PowerShell Remote Code Execution Vulnerability
Microsoft PowerShell CVE-2018-8415 Microsoft PowerShell Tampering Vulnerability
Microsoft RPC CVE-2018-8407 MSRPC Information Disclosure Vulnerability
Microsoft Scripting Engine CVE-2018-8588 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8541 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8542 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8543 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8544 Windows VBScript Engine Remote Code Execution Vulnerability
Microsoft Scripting Engine CVE-2018-8551 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8552 Windows Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8555 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8556 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2018-8557 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Windows CVE-2018-8476 Windows Deployment Services TFTP Server Remote Code Execution Vulnerability
Microsoft Windows CVE-2018-8592 Windows Elevation Of Privilege Vulnerability
Microsoft Windows CVE-2018-8549 Windows Security Feature Bypass Vulnerability
Microsoft Windows CVE-2018-8550 Windows COM privilege elevation vulnerability
Microsoft Windows CVE-2018-8584 Windows ALPC Privilege Escalation Vulnerability
Microsoft Windows ADV180028 Guidance for configuring BitLocker to enforce software encryption
Microsoft Windows Search Component CVE-2018-8450 Windows Search Remote Code Execution Vulnerability
Servicing Stack Updates ADV990001 Latest Servicing Stack Updates
Skype for Business and Microsoft Lync CVE-2018-8546 Microsoft Skype for Business Denial of Service Vulnerability
Team Foundation Server CVE-2018-8602 Team Foundation Server Cross-site Scripting Vulnerability
Windows Audio Service CVE-2018-8454 Windows Audio Service Information Disclosure Vulnerability
Windows Kernel CVE-2018-8589 Windows Win32k Privilege Escalation Vulnerability
Windows Kernel CVE-2018-8408 Windows Kernel Information Disclosure Vulnerability