Windows : Microsoft Bulletins : Microsoft Windows Multiple Vulnerabilities (KB4088786)

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.812832
Category:	Windows : Microsoft Bulletins
Title:	Microsoft Windows Multiple Vulnerabilities (KB4088786)
Summary:	This host is missing a critical security; update according to Microsoft KB4088786
Description:	Summary: This host is missing a critical security update according to Microsoft KB4088786 Vulnerability Insight: Multiple flaws exist due to: - The way that the scripting engine handles objects in memory in Microsoft Edge and Internet Explorer. - When Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user or a privileged user on a guest operating system. - Windows Scripting Host which could allow an attacker to bypass Device Guard. - An error in the Credential Security Support Provider protocol (CredSSP). - When Windows Shell does not properly validate file copy destinations. - When Internet Explorer fails a check, allowing sandbox escape. - The Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass. - Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior. - An error in the Cryptography Next Generation (CNG) kernel-mode driver. - The Windows kernel improperly initializes objects in memory. - When Windows Remote Assistance incorrectly processes XML External Entities (XXE). - The way that the Windows Graphics Device Interface (GDI) handles objects in memory. Vulnerability Impact: Successful exploitation will allow attacker to gain access to information, crash server and run arbitrary code in system mode. Affected Software/OS: - Microsoft Windows 10 for 32-bit Systems - Microsoft Windows 10 for x64-based Systems Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 7.6 CVSS Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2018-0811 BugTraq ID: 103232 http://www.securityfocus.com/bid/103232 http://www.securitytracker.com/id/1040517 Common Vulnerability Exposure (CVE) ID: CVE-2018-0813 BugTraq ID: 103250 http://www.securityfocus.com/bid/103250 Common Vulnerability Exposure (CVE) ID: CVE-2018-0814 BugTraq ID: 103251 http://www.securityfocus.com/bid/103251 Common Vulnerability Exposure (CVE) ID: CVE-2018-0886 BugTraq ID: 103265 http://www.securityfocus.com/bid/103265 https://www.exploit-db.com/exploits/44453/ https://blog.preempt.com/security-advisory-credssp https://github.com/preempt/credssp https://ics-cert.us-cert.gov/advisories/ICSA-18-198-03 http://www.securitytracker.com/id/1040506 Common Vulnerability Exposure (CVE) ID: CVE-2018-0888 BugTraq ID: 103262 http://www.securityfocus.com/bid/103262 http://www.securitytracker.com/id/1040518 Common Vulnerability Exposure (CVE) ID: CVE-2018-0889 BugTraq ID: 103295 http://www.securityfocus.com/bid/103295 http://www.securitytracker.com/id/1040510 Common Vulnerability Exposure (CVE) ID: CVE-2018-0891 BugTraq ID: 103309 http://www.securityfocus.com/bid/103309 https://www.exploit-db.com/exploits/44312/ http://www.securitytracker.com/id/1040507 Common Vulnerability Exposure (CVE) ID: CVE-2018-0894 BugTraq ID: 103231 http://www.securityfocus.com/bid/103231 https://www.exploit-db.com/exploits/44308/ Common Vulnerability Exposure (CVE) ID: CVE-2018-0895 BugTraq ID: 103238 http://www.securityfocus.com/bid/103238 https://www.exploit-db.com/exploits/44309/ Common Vulnerability Exposure (CVE) ID: CVE-2018-0896 BugTraq ID: 103240 http://www.securityfocus.com/bid/103240 Common Vulnerability Exposure (CVE) ID: CVE-2018-0897 BugTraq ID: 103241 http://www.securityfocus.com/bid/103241 https://www.exploit-db.com/exploits/44310/ Common Vulnerability Exposure (CVE) ID: CVE-2018-0898 BugTraq ID: 103242 http://www.securityfocus.com/bid/103242 Common Vulnerability Exposure (CVE) ID: CVE-2018-0899 BugTraq ID: 103243 http://www.securityfocus.com/bid/103243 Common Vulnerability Exposure (CVE) ID: CVE-2018-0900 BugTraq ID: 103244 http://www.securityfocus.com/bid/103244 Common Vulnerability Exposure (CVE) ID: CVE-2018-0901 BugTraq ID: 103245 http://www.securityfocus.com/bid/103245 https://www.exploit-db.com/exploits/44311/ Common Vulnerability Exposure (CVE) ID: CVE-2018-0902 BugTraq ID: 103266 http://www.securityfocus.com/bid/103266 http://www.securitytracker.com/id/1040520 Common Vulnerability Exposure (CVE) ID: CVE-2018-0904 BugTraq ID: 103246 http://www.securityfocus.com/bid/103246 Common Vulnerability Exposure (CVE) ID: CVE-2018-0927 BugTraq ID: 103310 http://www.securityfocus.com/bid/103310 Common Vulnerability Exposure (CVE) ID: CVE-2018-0929 BugTraq ID: 103299 http://www.securityfocus.com/bid/103299 Common Vulnerability Exposure (CVE) ID: CVE-2018-0931 BugTraq ID: 103273 http://www.securityfocus.com/bid/103273 Common Vulnerability Exposure (CVE) ID: CVE-2018-0932 BugTraq ID: 103307 http://www.securityfocus.com/bid/103307 Common Vulnerability Exposure (CVE) ID: CVE-2018-0933 BugTraq ID: 103274 http://www.securityfocus.com/bid/103274 https://www.exploit-db.com/exploits/44396/ Common Vulnerability Exposure (CVE) ID: CVE-2018-0934 BugTraq ID: 103275 http://www.securityfocus.com/bid/103275 https://www.exploit-db.com/exploits/44397/ Common Vulnerability Exposure (CVE) ID: CVE-2018-0935 BugTraq ID: 103298 http://www.securityfocus.com/bid/103298 https://www.exploit-db.com/exploits/44404/ Common Vulnerability Exposure (CVE) ID: CVE-2018-0942 BugTraq ID: 103312 http://www.securityfocus.com/bid/103312 Common Vulnerability Exposure (CVE) ID: CVE-2018-0977 BugTraq ID: 103380 http://www.securityfocus.com/bid/103380 Common Vulnerability Exposure (CVE) ID: CVE-2018-0816 BugTraq ID: 103248 http://www.securityfocus.com/bid/103248 http://www.securitytracker.com/id/1040515 Common Vulnerability Exposure (CVE) ID: CVE-2018-0817 BugTraq ID: 103249 http://www.securityfocus.com/bid/103249 Common Vulnerability Exposure (CVE) ID: CVE-2018-0868 BugTraq ID: 103236 http://www.securityfocus.com/bid/103236 Common Vulnerability Exposure (CVE) ID: CVE-2018-0872 BugTraq ID: 103267 http://www.securityfocus.com/bid/103267 Common Vulnerability Exposure (CVE) ID: CVE-2018-0874 BugTraq ID: 103269 http://www.securityfocus.com/bid/103269 Common Vulnerability Exposure (CVE) ID: CVE-2018-0876 BugTraq ID: 103289 http://www.securityfocus.com/bid/103289 Common Vulnerability Exposure (CVE) ID: CVE-2018-0878 BugTraq ID: 103230 http://www.securityfocus.com/bid/103230 https://www.exploit-db.com/exploits/44352/ http://www.securitytracker.com/id/1040519 Common Vulnerability Exposure (CVE) ID: CVE-2018-0881 BugTraq ID: 103256 http://www.securityfocus.com/bid/103256 Common Vulnerability Exposure (CVE) ID: CVE-2018-0883 BugTraq ID: 103259 http://www.securityfocus.com/bid/103259 http://www.securitytracker.com/id/1040502 Common Vulnerability Exposure (CVE) ID: CVE-2018-0884 BugTraq ID: 103260 http://www.securityfocus.com/bid/103260 http://www.securitytracker.com/id/1040522 Common Vulnerability Exposure (CVE) ID: CVE-2018-0885 BugTraq ID: 103261 http://www.securityfocus.com/bid/103261
Copyright	Copyright (C) 2018 Greenbone AG