English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 324607 CVE Beschreibungen
und 145615 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.813840
Kategorie:Windows : Microsoft Bulletins
Titel:Microsoft Windows Multiple Vulnerabilities (KB4343887)
Zusammenfassung:This host is missing a critical security; update according to Microsoft KB4343887
Beschreibung:Summary:
This host is missing a critical security
update according to Microsoft KB4343887

Vulnerability Insight:
Multiple flaws exist due to:

- A new speculative execution side channel vulnerability known as L1 Terminal
Fault.

- Diagnostics Hub Standard Collector allows file creation in arbitrary locations.

- Multiple security bypass vulnerabilities exist in Device Guard.

- Microsoft Cortana allows arbitrary website browsing on the lockscreen.

- Chakra scripting engine improperly handles objects in memory in Microsoft Edge.

- Internet Explorer improperly validates hyperlinks before loading executable
libraries.

- Windows Installer fails to properly sanitize input leading to an insecure library
loading behavior.

- Active Directory Federation Services (AD FS) improperly handles multi-factor
authentication requests.

- Windows kernel, DirectX Graphics Kernel (DXGKRNL) driver and Win32k component
improperly handles objects in memory.

- NDIS fails to check the length of a buffer prior to copying memory to it.

- Windows font library improperly handles specially crafted embedded fonts.

- An improper processing for a .LNK file.

- Windows kernel fails to properly handle parsing of certain symbolic links.

- 'Microsoft COM for Windows' fails to properly handle serialized objects.

- Microsoft browsers improperly allow cross-frame interaction.

- Microsoft browsers allowing sandbox escape.

- Microsoft .NET Framework improperly access information in multi-tenant environments.

- WebAudio Library improperly handles audio requests.

- Windows GDI component improperly discloses the contents of its memory.

Vulnerability Impact:
Successful exploitation will allow an attacker
to execute arbitrary code, run processes in an elevated context, obtain
information to further compromise the user's system, trick a user into believing
that the user was on a legitimate website, read privileged data across trust
boundaries and also bypass certain security restrictions.

Affected Software/OS:
- Microsoft Windows 10 Version 1607 x32/x64

- Microsoft Windows Server 2016

Solution:
The vendor has released updates. Please see the references for more information.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2018-3615
BugTraq ID: 105080
http://www.securityfocus.com/bid/105080
CERT/CC vulnerability note: VU#982149
https://www.kb.cert.org/vuls/id/982149
Cisco Security Advisory: 20180814 CPU Side-Channel Information Disclosure Vulnerabilities: August 2018
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel
https://foreshadowattack.eu/
https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html
http://www.securitytracker.com/id/1041451
Common Vulnerability Exposure (CVE) ID: CVE-2018-3620
http://support.lenovo.com/us/en/solutions/LEN-24163
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en
http://www.vmware.com/security/advisories/VMSA-2018-0021.html
http://xenbits.xen.org/xsa/advisory-273.html
https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf
https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180018
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0009
https://security.netapp.com/advisory/ntap-20180815-0001/
https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault
https://support.f5.com/csp/article/K95275140
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03874en_us
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html
https://www.synology.com/support/security/Synology_SA_18_45
Debian Security Information: DSA-4274 (Google Search)
https://www.debian.org/security/2018/dsa-4274
Debian Security Information: DSA-4279 (Google Search)
https://www.debian.org/security/2018/dsa-4279
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XRFKQWYV2H4BV75CUNGCGE5TNVQCLBGZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V4UWGORQWCENCIF2BHWUEF2ODBV75QS2/
FreeBSD Security Advisory: FreeBSD-SA-18:09
https://security.FreeBSD.org/advisories/FreeBSD-SA-18:09.l1tf.asc
https://security.gentoo.org/glsa/201810-06
https://www.oracle.com/security-alerts/cpujul2020.html
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
https://lists.debian.org/debian-lts-announce/2018/08/msg00029.html
RedHat Security Advisories: RHSA-2018:2384
https://access.redhat.com/errata/RHSA-2018:2384
RedHat Security Advisories: RHSA-2018:2387
https://access.redhat.com/errata/RHSA-2018:2387
RedHat Security Advisories: RHSA-2018:2388
https://access.redhat.com/errata/RHSA-2018:2388
RedHat Security Advisories: RHSA-2018:2389
https://access.redhat.com/errata/RHSA-2018:2389
RedHat Security Advisories: RHSA-2018:2390
https://access.redhat.com/errata/RHSA-2018:2390
RedHat Security Advisories: RHSA-2018:2391
https://access.redhat.com/errata/RHSA-2018:2391
RedHat Security Advisories: RHSA-2018:2392
https://access.redhat.com/errata/RHSA-2018:2392
RedHat Security Advisories: RHSA-2018:2393
https://access.redhat.com/errata/RHSA-2018:2393
RedHat Security Advisories: RHSA-2018:2394
https://access.redhat.com/errata/RHSA-2018:2394
RedHat Security Advisories: RHSA-2018:2395
https://access.redhat.com/errata/RHSA-2018:2395
RedHat Security Advisories: RHSA-2018:2396
https://access.redhat.com/errata/RHSA-2018:2396
RedHat Security Advisories: RHSA-2018:2402
https://access.redhat.com/errata/RHSA-2018:2402
RedHat Security Advisories: RHSA-2018:2403
https://access.redhat.com/errata/RHSA-2018:2403
RedHat Security Advisories: RHSA-2018:2404
https://access.redhat.com/errata/RHSA-2018:2404
RedHat Security Advisories: RHSA-2018:2602
https://access.redhat.com/errata/RHSA-2018:2602
RedHat Security Advisories: RHSA-2018:2603
https://access.redhat.com/errata/RHSA-2018:2603
https://usn.ubuntu.com/3740-1/
https://usn.ubuntu.com/3740-2/
https://usn.ubuntu.com/3741-1/
https://usn.ubuntu.com/3741-2/
https://usn.ubuntu.com/3742-1/
https://usn.ubuntu.com/3742-2/
https://usn.ubuntu.com/3823-1/
Common Vulnerability Exposure (CVE) ID: CVE-2018-3646
http://www.vmware.com/security/advisories/VMSA-2018-0020.html
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0010
https://support.f5.com/csp/article/K31300402
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
http://www.securitytracker.com/id/1042004
https://usn.ubuntu.com/3756-1/
Common Vulnerability Exposure (CVE) ID: CVE-2018-0952
BugTraq ID: 105048
http://www.securityfocus.com/bid/105048
https://www.exploit-db.com/exploits/45244/
http://www.securitytracker.com/id/1041466
Common Vulnerability Exposure (CVE) ID: CVE-2018-8200
BugTraq ID: 105007
http://www.securityfocus.com/bid/105007
http://www.securitytracker.com/id/1041459
Common Vulnerability Exposure (CVE) ID: CVE-2018-8204
BugTraq ID: 105008
http://www.securityfocus.com/bid/105008
Common Vulnerability Exposure (CVE) ID: CVE-2018-8253
BugTraq ID: 105009
http://www.securityfocus.com/bid/105009
http://www.securitytracker.com/id/1041477
Common Vulnerability Exposure (CVE) ID: CVE-2018-8266
BugTraq ID: 104977
http://www.securityfocus.com/bid/104977
http://www.securitytracker.com/id/1041457
Common Vulnerability Exposure (CVE) ID: CVE-2018-8316
BugTraq ID: 105013
http://www.securityfocus.com/bid/105013
http://www.securitytracker.com/id/1041483
Common Vulnerability Exposure (CVE) ID: CVE-2018-8339
BugTraq ID: 105030
http://www.securityfocus.com/bid/105030
Common Vulnerability Exposure (CVE) ID: CVE-2018-8340
BugTraq ID: 105029
http://www.securityfocus.com/bid/105029
http://www.securitytracker.com/id/1041474
Common Vulnerability Exposure (CVE) ID: CVE-2018-8341
BugTraq ID: 104987
http://www.securityfocus.com/bid/104987
Common Vulnerability Exposure (CVE) ID: CVE-2018-8343
BugTraq ID: 104982
http://www.securityfocus.com/bid/104982
Common Vulnerability Exposure (CVE) ID: CVE-2018-8344
BugTraq ID: 104983
http://www.securityfocus.com/bid/104983
http://www.securitytracker.com/id/1041475
Common Vulnerability Exposure (CVE) ID: CVE-2018-8345
BugTraq ID: 105027
http://www.securityfocus.com/bid/105027
http://www.securitytracker.com/id/1041473
Common Vulnerability Exposure (CVE) ID: CVE-2018-8347
BugTraq ID: 104988
http://www.securityfocus.com/bid/104988
Common Vulnerability Exposure (CVE) ID: CVE-2018-8348
BugTraq ID: 104992
http://www.securityfocus.com/bid/104992
Common Vulnerability Exposure (CVE) ID: CVE-2018-8349
BugTraq ID: 104984
http://www.securityfocus.com/bid/104984
Common Vulnerability Exposure (CVE) ID: CVE-2018-8351
BugTraq ID: 105015
http://www.securityfocus.com/bid/105015
Common Vulnerability Exposure (CVE) ID: CVE-2018-8353
BugTraq ID: 105034
http://www.securityfocus.com/bid/105034
https://www.exploit-db.com/exploits/45279/
Common Vulnerability Exposure (CVE) ID: CVE-2018-8355
BugTraq ID: 104978
http://www.securityfocus.com/bid/104978
https://www.exploit-db.com/exploits/45432/
Common Vulnerability Exposure (CVE) ID: CVE-2018-8357
BugTraq ID: 105022
http://www.securityfocus.com/bid/105022
Common Vulnerability Exposure (CVE) ID: CVE-2018-8358
BugTraq ID: 105017
http://www.securityfocus.com/bid/105017
Common Vulnerability Exposure (CVE) ID: CVE-2018-8360
BugTraq ID: 104986
http://www.securityfocus.com/bid/104986
http://www.securitytracker.com/id/1041462
Common Vulnerability Exposure (CVE) ID: CVE-2018-8370
BugTraq ID: 105019
http://www.securityfocus.com/bid/105019
Common Vulnerability Exposure (CVE) ID: CVE-2018-8371
BugTraq ID: 105035
http://www.securityfocus.com/bid/105035
Common Vulnerability Exposure (CVE) ID: CVE-2018-8372
BugTraq ID: 105038
http://www.securityfocus.com/bid/105038
Common Vulnerability Exposure (CVE) ID: CVE-2018-8373
BugTraq ID: 105037
http://www.securityfocus.com/bid/105037
Common Vulnerability Exposure (CVE) ID: CVE-2018-8381
BugTraq ID: 104980
http://www.securityfocus.com/bid/104980
Common Vulnerability Exposure (CVE) ID: CVE-2018-8385
BugTraq ID: 105039
http://www.securityfocus.com/bid/105039
Common Vulnerability Exposure (CVE) ID: CVE-2018-8388
BugTraq ID: 105025
http://www.securityfocus.com/bid/105025
Common Vulnerability Exposure (CVE) ID: CVE-2018-8389
BugTraq ID: 105036
http://www.securityfocus.com/bid/105036
Common Vulnerability Exposure (CVE) ID: CVE-2018-8394
BugTraq ID: 105001
http://www.securityfocus.com/bid/105001
http://www.securitytracker.com/id/1041460
Common Vulnerability Exposure (CVE) ID: CVE-2018-8398
BugTraq ID: 104995
http://www.securityfocus.com/bid/104995
Common Vulnerability Exposure (CVE) ID: CVE-2018-8401
BugTraq ID: 105006
http://www.securityfocus.com/bid/105006
http://www.securitytracker.com/id/1041461
Common Vulnerability Exposure (CVE) ID: CVE-2018-8403
BugTraq ID: 105033
http://www.securityfocus.com/bid/105033
Common Vulnerability Exposure (CVE) ID: CVE-2018-8404
BugTraq ID: 104999
http://www.securityfocus.com/bid/104999
Common Vulnerability Exposure (CVE) ID: CVE-2018-8405
BugTraq ID: 105011
http://www.securityfocus.com/bid/105011
Common Vulnerability Exposure (CVE) ID: CVE-2018-8406
BugTraq ID: 105012
http://www.securityfocus.com/bid/105012
CopyrightCopyright (C) 2018 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2025 E-Soft Inc. Alle Rechte vorbehalten.