Test Kennung:	1.3.6.1.4.1.25623.1.0.813845
Kategorie:	Windows : Microsoft Bulletins
Titel:	Microsoft Windows Multiple Vulnerabilities (KB4343900)
Zusammenfassung:	This host is missing a critical security; update according to Microsoft KB4343900
Beschreibung:	Summary: This host is missing a critical security update according to Microsoft KB4343900 Vulnerability Insight: Multiple flaws exist due to: - A new speculative execution side channel vulnerability known as L1 Terminal Fault. - Internet Explorer improperly validates hyperlinks before loading executable libraries. - Windows Installer fails to properly sanitize input leading to an insecure library loading behavior. - NDIS fails to check the length of a buffer prior to copying memory to it. - Windows font library improperly handles specially crafted embedded fonts. - An improper processing for a .LNK file. - 'Microsoft COM for Windows' fails to properly handle serialized objects. - Microsoft browsers improperly allow cross-frame interaction. - Microsoft browsers allowing sandbox escape. - Microsoft Edge improperly handles redirect requests and specific HTML content. - Microsoft .NET Framework improperly access information in multi-tenant environments. - WebAudio Library improperly handles audio requests. - Windows GDI component improperly discloses the contents of its memory. - Windows PDF Library improperly handles objects in memory. - Windows Shell does not properly validate file paths. Vulnerability Impact: Successful exploitation will allow an attacker to execute arbitrary code, run processes in an elevated context, obtain information to further compromise the user's system, trick a user into believing that the user was on a legitimate website, read privileged data across trust boundaries and also bypass certain security restrictions. Affected Software/OS: - Microsoft Windows 7 for 32-bit/x64 Systems Service Pack 1 - Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2018-3615 BugTraq ID: 105080 http://www.securityfocus.com/bid/105080 CERT/CC vulnerability note: VU#982149 https://www.kb.cert.org/vuls/id/982149 Cisco Security Advisory: 20180814 CPU Side-Channel Information Disclosure Vulnerabilities: August 2018 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel https://foreshadowattack.eu/ https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html http://www.securitytracker.com/id/1041451 Common Vulnerability Exposure (CVE) ID: CVE-2018-3620 http://support.lenovo.com/us/en/solutions/LEN-24163 http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en http://www.vmware.com/security/advisories/VMSA-2018-0021.html http://xenbits.xen.org/xsa/advisory-273.html https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180018 https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0009 https://security.netapp.com/advisory/ntap-20180815-0001/ https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault https://support.f5.com/csp/article/K95275140 https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03874en_us https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html https://www.synology.com/support/security/Synology_SA_18_45 Debian Security Information: DSA-4274 (Google Search) https://www.debian.org/security/2018/dsa-4274 Debian Security Information: DSA-4279 (Google Search) https://www.debian.org/security/2018/dsa-4279 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XRFKQWYV2H4BV75CUNGCGE5TNVQCLBGZ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V4UWGORQWCENCIF2BHWUEF2ODBV75QS2/ FreeBSD Security Advisory: FreeBSD-SA-18:09 https://security.FreeBSD.org/advisories/FreeBSD-SA-18:09.l1tf.asc https://security.gentoo.org/glsa/201810-06 https://www.oracle.com/security-alerts/cpujul2020.html https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html https://lists.debian.org/debian-lts-announce/2018/08/msg00029.html RedHat Security Advisories: RHSA-2018:2384 https://access.redhat.com/errata/RHSA-2018:2384 RedHat Security Advisories: RHSA-2018:2387 https://access.redhat.com/errata/RHSA-2018:2387 RedHat Security Advisories: RHSA-2018:2388 https://access.redhat.com/errata/RHSA-2018:2388 RedHat Security Advisories: RHSA-2018:2389 https://access.redhat.com/errata/RHSA-2018:2389 RedHat Security Advisories: RHSA-2018:2390 https://access.redhat.com/errata/RHSA-2018:2390 RedHat Security Advisories: RHSA-2018:2391 https://access.redhat.com/errata/RHSA-2018:2391 RedHat Security Advisories: RHSA-2018:2392 https://access.redhat.com/errata/RHSA-2018:2392 RedHat Security Advisories: RHSA-2018:2393 https://access.redhat.com/errata/RHSA-2018:2393 RedHat Security Advisories: RHSA-2018:2394 https://access.redhat.com/errata/RHSA-2018:2394 RedHat Security Advisories: RHSA-2018:2395 https://access.redhat.com/errata/RHSA-2018:2395 RedHat Security Advisories: RHSA-2018:2396 https://access.redhat.com/errata/RHSA-2018:2396 RedHat Security Advisories: RHSA-2018:2402 https://access.redhat.com/errata/RHSA-2018:2402 RedHat Security Advisories: RHSA-2018:2403 https://access.redhat.com/errata/RHSA-2018:2403 RedHat Security Advisories: RHSA-2018:2404 https://access.redhat.com/errata/RHSA-2018:2404 RedHat Security Advisories: RHSA-2018:2602 https://access.redhat.com/errata/RHSA-2018:2602 RedHat Security Advisories: RHSA-2018:2603 https://access.redhat.com/errata/RHSA-2018:2603 https://usn.ubuntu.com/3740-1/ https://usn.ubuntu.com/3740-2/ https://usn.ubuntu.com/3741-1/ https://usn.ubuntu.com/3741-2/ https://usn.ubuntu.com/3742-1/ https://usn.ubuntu.com/3742-2/ https://usn.ubuntu.com/3823-1/ Common Vulnerability Exposure (CVE) ID: CVE-2018-3646 http://www.vmware.com/security/advisories/VMSA-2018-0020.html https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0010 https://support.f5.com/csp/article/K31300402 https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html http://www.securitytracker.com/id/1042004 https://usn.ubuntu.com/3756-1/ Common Vulnerability Exposure (CVE) ID: CVE-2018-8316 BugTraq ID: 105013 http://www.securityfocus.com/bid/105013 http://www.securitytracker.com/id/1041483 Common Vulnerability Exposure (CVE) ID: CVE-2018-8339 BugTraq ID: 105030 http://www.securityfocus.com/bid/105030 http://www.securitytracker.com/id/1041466 Common Vulnerability Exposure (CVE) ID: CVE-2018-8341 BugTraq ID: 104987 http://www.securityfocus.com/bid/104987 Common Vulnerability Exposure (CVE) ID: CVE-2018-8342 BugTraq ID: 104975 http://www.securityfocus.com/bid/104975 Common Vulnerability Exposure (CVE) ID: CVE-2018-8343 BugTraq ID: 104982 http://www.securityfocus.com/bid/104982 Common Vulnerability Exposure (CVE) ID: CVE-2018-8345 BugTraq ID: 105027 http://www.securityfocus.com/bid/105027 http://www.securitytracker.com/id/1041473 Common Vulnerability Exposure (CVE) ID: CVE-2018-8348 BugTraq ID: 104992 http://www.securityfocus.com/bid/104992 Common Vulnerability Exposure (CVE) ID: CVE-2018-8349 BugTraq ID: 104984 http://www.securityfocus.com/bid/104984 Common Vulnerability Exposure (CVE) ID: CVE-2018-8344 BugTraq ID: 104983 http://www.securityfocus.com/bid/104983 http://www.securitytracker.com/id/1041475 Common Vulnerability Exposure (CVE) ID: CVE-2018-8351 BugTraq ID: 105015 http://www.securityfocus.com/bid/105015 http://www.securitytracker.com/id/1041457 Common Vulnerability Exposure (CVE) ID: CVE-2018-8353 BugTraq ID: 105034 http://www.securityfocus.com/bid/105034 https://www.exploit-db.com/exploits/45279/ Common Vulnerability Exposure (CVE) ID: CVE-2018-8355 BugTraq ID: 104978 http://www.securityfocus.com/bid/104978 https://www.exploit-db.com/exploits/45432/ Common Vulnerability Exposure (CVE) ID: CVE-2018-8346 BugTraq ID: 105028 http://www.securityfocus.com/bid/105028 Common Vulnerability Exposure (CVE) ID: CVE-2018-8371 BugTraq ID: 105035 http://www.securityfocus.com/bid/105035 Common Vulnerability Exposure (CVE) ID: CVE-2018-8372 BugTraq ID: 105038 http://www.securityfocus.com/bid/105038 Common Vulnerability Exposure (CVE) ID: CVE-2018-8373 BugTraq ID: 105037 http://www.securityfocus.com/bid/105037 Common Vulnerability Exposure (CVE) ID: CVE-2018-8385 BugTraq ID: 105039 http://www.securityfocus.com/bid/105039 Common Vulnerability Exposure (CVE) ID: CVE-2018-8389 BugTraq ID: 105036 http://www.securityfocus.com/bid/105036 Common Vulnerability Exposure (CVE) ID: CVE-2018-8394 BugTraq ID: 105001 http://www.securityfocus.com/bid/105001 http://www.securitytracker.com/id/1041460 Common Vulnerability Exposure (CVE) ID: CVE-2018-8396 BugTraq ID: 105002 http://www.securityfocus.com/bid/105002 Common Vulnerability Exposure (CVE) ID: CVE-2018-8397 BugTraq ID: 104994 http://www.securityfocus.com/bid/104994 Common Vulnerability Exposure (CVE) ID: CVE-2018-8398 BugTraq ID: 104995 http://www.securityfocus.com/bid/104995 Common Vulnerability Exposure (CVE) ID: CVE-2018-8403 BugTraq ID: 105033 http://www.securityfocus.com/bid/105033 Common Vulnerability Exposure (CVE) ID: CVE-2018-8404 BugTraq ID: 104999 http://www.securityfocus.com/bid/104999
Copyright	Copyright (C) 2018 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.