Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.813843
Kategorie:Windows : Microsoft Bulletins
Titel:Microsoft Windows Multiple Vulnerabilities (KB4343909)
Zusammenfassung:This host is missing a critical security; update according to Microsoft KB4343909
Beschreibung:Summary:
This host is missing a critical security
update according to Microsoft KB4343909

Vulnerability Insight:
Multiple flaws exist due to:

- A new speculative execution side channel vulnerability known as L1 Terminal
Fault.

- Diagnostics Hub Standard Collector allows file creation in arbitrary locations.

- Multiple security bypass vulnerabilities exist in Device Guard.

- Chakra scripting engine improperly handles objects in memory in Microsoft Edge.

- Internet Explorer improperly validates hyperlinks before loading executable libraries.

- Windows Installer fails to properly sanitize input leading to an insecure library
loading behavior.

- Windows kernel and DirectX Graphics Kernel (DXGKRNL) driver improperly handles
objects in memory.

- NDIS fails to check the length of a buffer prior to copying memory to it.

- Windows font library improperly handles specially crafted embedded fonts.

- An improper processing for a .LNK file.

- 'Microsoft COM for Windows' fails to properly handle serialized objects.

- Microsoft browsers improperly allow cross-frame interaction.

- Microsoft browsers allowing sandbox escape.

- Microsoft Edge improperly handles redirect requests and specific HTML content.

- Microsoft .NET Framework improperly access information in multi-tenant environments.

- WebAudio Library improperly handles audio requests.

- Windows GDI component improperly discloses the contents of its memory.

- Windows PDF Library improperly handles objects in memory.

- Microsoft Edge does not properly parse HTTP content.

- Windows Shell does not properly validate file paths.

Vulnerability Impact:
Successful exploitation will allow an attacker
to execute arbitrary code, run processes in an elevated context, obtain
information to further compromise the user's system, trick a user into believing
that the user was on a legitimate website, read privileged data across trust
boundaries and also bypass certain security restrictions.

Affected Software/OS:
- Microsoft Windows 10 Version 1803 for 32-bit Systems

- Microsoft Windows 10 Version 1803 for x64-based Systems

Solution:
The vendor has released updates. Please see the references for more information.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2018-3615
BugTraq ID: 105080
http://www.securityfocus.com/bid/105080
CERT/CC vulnerability note: VU#982149
https://www.kb.cert.org/vuls/id/982149
Cisco Security Advisory: 20180814 CPU Side-Channel Information Disclosure Vulnerabilities: August 2018
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel
https://foreshadowattack.eu/
https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html
http://www.securitytracker.com/id/1041451
Common Vulnerability Exposure (CVE) ID: CVE-2018-3620
http://support.lenovo.com/us/en/solutions/LEN-24163
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en
http://www.vmware.com/security/advisories/VMSA-2018-0021.html
http://xenbits.xen.org/xsa/advisory-273.html
https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf
https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180018
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0009
https://security.netapp.com/advisory/ntap-20180815-0001/
https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault
https://support.f5.com/csp/article/K95275140
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03874en_us
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html
https://www.synology.com/support/security/Synology_SA_18_45
Debian Security Information: DSA-4274 (Google Search)
https://www.debian.org/security/2018/dsa-4274
Debian Security Information: DSA-4279 (Google Search)
https://www.debian.org/security/2018/dsa-4279
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XRFKQWYV2H4BV75CUNGCGE5TNVQCLBGZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V4UWGORQWCENCIF2BHWUEF2ODBV75QS2/
FreeBSD Security Advisory: FreeBSD-SA-18:09
https://security.FreeBSD.org/advisories/FreeBSD-SA-18:09.l1tf.asc
https://security.gentoo.org/glsa/201810-06
https://www.oracle.com/security-alerts/cpujul2020.html
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
https://lists.debian.org/debian-lts-announce/2018/08/msg00029.html
RedHat Security Advisories: RHSA-2018:2384
https://access.redhat.com/errata/RHSA-2018:2384
RedHat Security Advisories: RHSA-2018:2387
https://access.redhat.com/errata/RHSA-2018:2387
RedHat Security Advisories: RHSA-2018:2388
https://access.redhat.com/errata/RHSA-2018:2388
RedHat Security Advisories: RHSA-2018:2389
https://access.redhat.com/errata/RHSA-2018:2389
RedHat Security Advisories: RHSA-2018:2390
https://access.redhat.com/errata/RHSA-2018:2390
RedHat Security Advisories: RHSA-2018:2391
https://access.redhat.com/errata/RHSA-2018:2391
RedHat Security Advisories: RHSA-2018:2392
https://access.redhat.com/errata/RHSA-2018:2392
RedHat Security Advisories: RHSA-2018:2393
https://access.redhat.com/errata/RHSA-2018:2393
RedHat Security Advisories: RHSA-2018:2394
https://access.redhat.com/errata/RHSA-2018:2394
RedHat Security Advisories: RHSA-2018:2395
https://access.redhat.com/errata/RHSA-2018:2395
RedHat Security Advisories: RHSA-2018:2396
https://access.redhat.com/errata/RHSA-2018:2396
RedHat Security Advisories: RHSA-2018:2402
https://access.redhat.com/errata/RHSA-2018:2402
RedHat Security Advisories: RHSA-2018:2403
https://access.redhat.com/errata/RHSA-2018:2403
RedHat Security Advisories: RHSA-2018:2404
https://access.redhat.com/errata/RHSA-2018:2404
RedHat Security Advisories: RHSA-2018:2602
https://access.redhat.com/errata/RHSA-2018:2602
RedHat Security Advisories: RHSA-2018:2603
https://access.redhat.com/errata/RHSA-2018:2603
https://usn.ubuntu.com/3740-1/
https://usn.ubuntu.com/3740-2/
https://usn.ubuntu.com/3741-1/
https://usn.ubuntu.com/3741-2/
https://usn.ubuntu.com/3742-1/
https://usn.ubuntu.com/3742-2/
https://usn.ubuntu.com/3823-1/
Common Vulnerability Exposure (CVE) ID: CVE-2018-3646
http://www.vmware.com/security/advisories/VMSA-2018-0020.html
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0010
https://support.f5.com/csp/article/K31300402
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
http://www.securitytracker.com/id/1042004
https://usn.ubuntu.com/3756-1/
Common Vulnerability Exposure (CVE) ID: CVE-2018-0952
BugTraq ID: 105048
http://www.securityfocus.com/bid/105048
https://www.exploit-db.com/exploits/45244/
http://www.securitytracker.com/id/1041466
Common Vulnerability Exposure (CVE) ID: CVE-2018-8200
BugTraq ID: 105007
http://www.securityfocus.com/bid/105007
http://www.securitytracker.com/id/1041459
Common Vulnerability Exposure (CVE) ID: CVE-2018-8204
BugTraq ID: 105008
http://www.securityfocus.com/bid/105008
Common Vulnerability Exposure (CVE) ID: CVE-2018-8266
BugTraq ID: 104977
http://www.securityfocus.com/bid/104977
http://www.securitytracker.com/id/1041457
Common Vulnerability Exposure (CVE) ID: CVE-2018-8316
BugTraq ID: 105013
http://www.securityfocus.com/bid/105013
http://www.securitytracker.com/id/1041483
Common Vulnerability Exposure (CVE) ID: CVE-2018-8339
BugTraq ID: 105030
http://www.securityfocus.com/bid/105030
Common Vulnerability Exposure (CVE) ID: CVE-2018-8340
BugTraq ID: 105029
http://www.securityfocus.com/bid/105029
http://www.securitytracker.com/id/1041474
Common Vulnerability Exposure (CVE) ID: CVE-2018-8341
BugTraq ID: 104987
http://www.securityfocus.com/bid/104987
Common Vulnerability Exposure (CVE) ID: CVE-2018-8343
BugTraq ID: 104982
http://www.securityfocus.com/bid/104982
Common Vulnerability Exposure (CVE) ID: CVE-2018-8344
BugTraq ID: 104983
http://www.securityfocus.com/bid/104983
http://www.securitytracker.com/id/1041475
Common Vulnerability Exposure (CVE) ID: CVE-2018-8345
BugTraq ID: 105027
http://www.securityfocus.com/bid/105027
http://www.securitytracker.com/id/1041473
Common Vulnerability Exposure (CVE) ID: CVE-2018-8347
BugTraq ID: 104988
http://www.securityfocus.com/bid/104988
Common Vulnerability Exposure (CVE) ID: CVE-2018-8348
BugTraq ID: 104992
http://www.securityfocus.com/bid/104992
Common Vulnerability Exposure (CVE) ID: CVE-2018-8349
BugTraq ID: 104984
http://www.securityfocus.com/bid/104984
Common Vulnerability Exposure (CVE) ID: CVE-2018-8350
BugTraq ID: 104985
http://www.securityfocus.com/bid/104985
http://www.securitytracker.com/id/1041465
Common Vulnerability Exposure (CVE) ID: CVE-2018-8351
BugTraq ID: 105015
http://www.securityfocus.com/bid/105015
Common Vulnerability Exposure (CVE) ID: CVE-2018-8353
BugTraq ID: 105034
http://www.securityfocus.com/bid/105034
https://www.exploit-db.com/exploits/45279/
Common Vulnerability Exposure (CVE) ID: CVE-2018-8355
BugTraq ID: 104978
http://www.securityfocus.com/bid/104978
https://www.exploit-db.com/exploits/45432/
Common Vulnerability Exposure (CVE) ID: CVE-2018-8357
BugTraq ID: 105022
http://www.securityfocus.com/bid/105022
Common Vulnerability Exposure (CVE) ID: CVE-2018-8360
BugTraq ID: 104986
http://www.securityfocus.com/bid/104986
http://www.securitytracker.com/id/1041462
Common Vulnerability Exposure (CVE) ID: CVE-2018-8370
BugTraq ID: 105019
http://www.securityfocus.com/bid/105019
Common Vulnerability Exposure (CVE) ID: CVE-2018-8371
BugTraq ID: 105035
http://www.securityfocus.com/bid/105035
Common Vulnerability Exposure (CVE) ID: CVE-2018-8372
BugTraq ID: 105038
http://www.securityfocus.com/bid/105038
Common Vulnerability Exposure (CVE) ID: CVE-2018-8373
BugTraq ID: 105037
http://www.securityfocus.com/bid/105037
Common Vulnerability Exposure (CVE) ID: CVE-2018-8377
BugTraq ID: 105020
http://www.securityfocus.com/bid/105020
Common Vulnerability Exposure (CVE) ID: CVE-2018-8380
BugTraq ID: 104979
http://www.securityfocus.com/bid/104979
Common Vulnerability Exposure (CVE) ID: CVE-2018-8381
BugTraq ID: 104980
http://www.securityfocus.com/bid/104980
Common Vulnerability Exposure (CVE) ID: CVE-2018-8383
BugTraq ID: 105024
http://www.securityfocus.com/bid/105024
Bugtraq: 20190411 WebKitGTK and WPE WebKit Security Advisory WSA-2019-0002 (Google Search)
https://seclists.org/bugtraq/2019/Apr/21
http://www.openwall.com/lists/oss-security/2019/04/11/1
Common Vulnerability Exposure (CVE) ID: CVE-2018-8385
BugTraq ID: 105039
http://www.securityfocus.com/bid/105039
Common Vulnerability Exposure (CVE) ID: CVE-2018-8387
BugTraq ID: 105021
http://www.securityfocus.com/bid/105021
Common Vulnerability Exposure (CVE) ID: CVE-2018-8388
BugTraq ID: 105025
http://www.securityfocus.com/bid/105025
Common Vulnerability Exposure (CVE) ID: CVE-2018-8389
BugTraq ID: 105036
http://www.securityfocus.com/bid/105036
Common Vulnerability Exposure (CVE) ID: CVE-2018-8390
BugTraq ID: 105041
http://www.securityfocus.com/bid/105041
Common Vulnerability Exposure (CVE) ID: CVE-2018-8394
BugTraq ID: 105001
http://www.securityfocus.com/bid/105001
http://www.securitytracker.com/id/1041460
Common Vulnerability Exposure (CVE) ID: CVE-2018-8398
BugTraq ID: 104995
http://www.securityfocus.com/bid/104995
Common Vulnerability Exposure (CVE) ID: CVE-2018-8399
BugTraq ID: 104998
http://www.securityfocus.com/bid/104998
Common Vulnerability Exposure (CVE) ID: CVE-2018-8400
BugTraq ID: 105005
http://www.securityfocus.com/bid/105005
http://www.securitytracker.com/id/1041461
Common Vulnerability Exposure (CVE) ID: CVE-2018-8401
BugTraq ID: 105006
http://www.securityfocus.com/bid/105006
Common Vulnerability Exposure (CVE) ID: CVE-2018-8403
BugTraq ID: 105033
http://www.securityfocus.com/bid/105033
Common Vulnerability Exposure (CVE) ID: CVE-2018-8404
BugTraq ID: 104999
http://www.securityfocus.com/bid/104999
Common Vulnerability Exposure (CVE) ID: CVE-2018-8405
BugTraq ID: 105011
http://www.securityfocus.com/bid/105011
Common Vulnerability Exposure (CVE) ID: CVE-2018-8406
BugTraq ID: 105012
http://www.securityfocus.com/bid/105012
Common Vulnerability Exposure (CVE) ID: CVE-2018-8414
BugTraq ID: 105016
http://www.securityfocus.com/bid/105016
http://www.securitytracker.com/id/1041458
CopyrightCopyright (C) 2018 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.