Windows : Microsoft Bulletins : Microsoft Windows Multiple Vulnerabilities (KB4457144)

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.814015
Category:	Windows : Microsoft Bulletins
Title:	Microsoft Windows Multiple Vulnerabilities (KB4457144)
Summary:	This host is missing a critical security; update according to Microsoft KB4457144.
Description:	Summary: This host is missing a critical security update according to Microsoft KB4457144. Vulnerability Insight: Multiple flaws exist due to: - Denial of service vulnerability (named 'FragmentSmack'). - Hyper-V on a host server fails to properly validate guest operating system user input. - Windows bowser.sys kernel-mode driver fails to properly handle objects in memory. - Browser scripting engine improperly handle object types. - Windows font library improperly handles specially crafted embedded fonts. - Windows kernel improperly handles objects in memory. - Microsoft JET Database Engine improperly handles objects in memory. - Windows Kernel API improperly handles registry objects in memory. - Windows kernel fails to properly initialize a memory address. - MSXML parser improperly processes user input. - Windows GDI component improperly handles objects in memory. - Windows GDI component improperly discloses the contents of its memory. - Windows Graphics component improperly handles objects in memory. - Windows improperly handles calls to Advanced Local Procedure Call (ALPC). - Internet Explorer improperly accesses objects in memory. - Scripting engine improperly handles objects in memory. - Windows improperly parses files. Vulnerability Impact: Successful exploitation will allow an attacker to crash the affected system, execute arbitrary code on the host operating system, disclose contents of System memory and also read privileged data across trust boundaries. Affected Software/OS: - Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 - Microsoft Windows 7 for 32-bit/x64-based Systems Service Pack 1 Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2018-5391 BugTraq ID: 105108 http://www.securityfocus.com/bid/105108 CERT/CC vulnerability note: VU#641765 https://www.kb.cert.org/vuls/id/641765 Debian Security Information: DSA-4272 (Google Search) https://www.debian.org/security/2018/dsa-4272 https://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git/commit/?id=c30f1fc041b74ecdb072dd44f858750414b8b19f https://lists.debian.org/debian-lts-announce/2018/08/msg00014.html https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html http://www.openwall.com/lists/oss-security/2019/06/28/2 http://www.openwall.com/lists/oss-security/2019/07/06/3 http://www.openwall.com/lists/oss-security/2019/07/06/4 RedHat Security Advisories: RHSA-2018:2785 https://access.redhat.com/errata/RHSA-2018:2785 RedHat Security Advisories: RHSA-2018:2791 https://access.redhat.com/errata/RHSA-2018:2791 RedHat Security Advisories: RHSA-2018:2846 https://access.redhat.com/errata/RHSA-2018:2846 RedHat Security Advisories: RHSA-2018:2924 https://access.redhat.com/errata/RHSA-2018:2924 RedHat Security Advisories: RHSA-2018:2925 https://access.redhat.com/errata/RHSA-2018:2925 RedHat Security Advisories: RHSA-2018:2933 https://access.redhat.com/errata/RHSA-2018:2933 RedHat Security Advisories: RHSA-2018:2948 https://access.redhat.com/errata/RHSA-2018:2948 RedHat Security Advisories: RHSA-2018:3083 https://access.redhat.com/errata/RHSA-2018:3083 RedHat Security Advisories: RHSA-2018:3096 https://access.redhat.com/errata/RHSA-2018:3096 RedHat Security Advisories: RHSA-2018:3459 https://access.redhat.com/errata/RHSA-2018:3459 RedHat Security Advisories: RHSA-2018:3540 https://access.redhat.com/errata/RHSA-2018:3540 RedHat Security Advisories: RHSA-2018:3586 https://access.redhat.com/errata/RHSA-2018:3586 RedHat Security Advisories: RHSA-2018:3590 https://access.redhat.com/errata/RHSA-2018:3590 http://www.securitytracker.com/id/1041476 http://www.securitytracker.com/id/1041637 https://usn.ubuntu.com/3740-1/ https://usn.ubuntu.com/3740-2/ https://usn.ubuntu.com/3741-1/ https://usn.ubuntu.com/3741-2/ https://usn.ubuntu.com/3742-1/ https://usn.ubuntu.com/3742-2/ Common Vulnerability Exposure (CVE) ID: CVE-2018-8271 BugTraq ID: 105247 http://www.securityfocus.com/bid/105247 http://www.securitytracker.com/id/1041635 Common Vulnerability Exposure (CVE) ID: CVE-2018-8315 BugTraq ID: 105251 http://www.securityfocus.com/bid/105251 http://www.securitytracker.com/id/1041623 Common Vulnerability Exposure (CVE) ID: CVE-2018-8332 BugTraq ID: 105248 http://www.securityfocus.com/bid/105248 http://www.securitytracker.com/id/1041628 Common Vulnerability Exposure (CVE) ID: CVE-2018-8336 BugTraq ID: 105246 http://www.securityfocus.com/bid/105246 Common Vulnerability Exposure (CVE) ID: CVE-2018-8392 BugTraq ID: 105213 http://www.securityfocus.com/bid/105213 http://www.securitytracker.com/id/1041625 Common Vulnerability Exposure (CVE) ID: CVE-2018-8393 BugTraq ID: 105214 http://www.securityfocus.com/bid/105214 Common Vulnerability Exposure (CVE) ID: CVE-2018-8410 BugTraq ID: 105256 http://www.securityfocus.com/bid/105256 https://www.exploit-db.com/exploits/45436/ Common Vulnerability Exposure (CVE) ID: CVE-2018-8419 BugTraq ID: 105238 http://www.securityfocus.com/bid/105238 Common Vulnerability Exposure (CVE) ID: CVE-2018-8420 BugTraq ID: 105259 http://www.securityfocus.com/bid/105259 http://www.securitytracker.com/id/1041627 Common Vulnerability Exposure (CVE) ID: CVE-2018-8422 BugTraq ID: 105357 http://www.securityfocus.com/bid/105357 Common Vulnerability Exposure (CVE) ID: CVE-2018-8424 BugTraq ID: 105261 http://www.securityfocus.com/bid/105261 Common Vulnerability Exposure (CVE) ID: CVE-2018-8433 BugTraq ID: 105264 http://www.securityfocus.com/bid/105264 Common Vulnerability Exposure (CVE) ID: CVE-2018-8434 BugTraq ID: 105239 http://www.securityfocus.com/bid/105239 http://www.securitytracker.com/id/1041624 Common Vulnerability Exposure (CVE) ID: CVE-2018-8440 BugTraq ID: 105153 http://www.securityfocus.com/bid/105153 https://blog.0patch.com/2018/08/how-we-micropatched-publicly-dropped.html https://blog.0patch.com/2018/09/comparing-our-micropatch-with.html http://www.securitytracker.com/id/1041578 Common Vulnerability Exposure (CVE) ID: CVE-2018-8442 BugTraq ID: 105234 http://www.securityfocus.com/bid/105234 Common Vulnerability Exposure (CVE) ID: CVE-2018-8443 BugTraq ID: 105228 http://www.securityfocus.com/bid/105228 Common Vulnerability Exposure (CVE) ID: CVE-2018-8446 BugTraq ID: 105217 http://www.securityfocus.com/bid/105217 Common Vulnerability Exposure (CVE) ID: CVE-2018-8447 BugTraq ID: 105257 http://www.securityfocus.com/bid/105257 http://www.securitytracker.com/id/1041632 Common Vulnerability Exposure (CVE) ID: CVE-2018-8452 BugTraq ID: 105252 http://www.securityfocus.com/bid/105252 Common Vulnerability Exposure (CVE) ID: CVE-2018-8457 BugTraq ID: 105207 http://www.securityfocus.com/bid/105207 Common Vulnerability Exposure (CVE) ID: CVE-2018-8468 BugTraq ID: 105275 http://www.securityfocus.com/bid/105275 https://www.exploit-db.com/exploits/45502/ Common Vulnerability Exposure (CVE) ID: CVE-2018-8470 BugTraq ID: 105267 http://www.securityfocus.com/bid/105267 Common Vulnerability Exposure (CVE) ID: CVE-2018-8475 BugTraq ID: 105277 http://www.securityfocus.com/bid/105277 http://www.securitytracker.com/id/1041626
Copyright	Copyright (C) 2018 Greenbone AG