VERT Threat Alert: December 2018 Patch Tuesday Analysis

Image

Today’s VERT Alert addresses Microsoft’s December 2018 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-809 on Wednesday, December 12th.

In-The-Wild & Disclosed CVEs

CVE-2018-8611

Microsoft is reporting that this Windows kernel privilege escalation vulnerability is seeing active exploitation on older versions of Windows. Successful exploitation can allow an attacker to run code in kernel mode. This issue was resolved by changing how the Windows kernel handles objects in memory. Microsoft has rated this as a 1 on the Exploitability Index (Exploitation More Likely) on their latest Windows release, while active exploitation has been detected on older releases.

CVE-2018-8517

This vulnerability is a publicly disclosed issue with the .NET Framework that could allow an unauthenticated attacker to DoS a .NET Framework based web application by sending malformed web requests. Microsoft has rated this as a 3 on the Exploitability Index (Exploitation Unlikely).

CVE Breakdown by Tag

While historical Microsoft Security Bulletin groupings are gone, Microsoft vulnerabilities are tagged with an identifier. This list provides a breakdown of the CVEs on a per tag basis.

Other Information

In addition to the Microsoft vulnerabilities included in the December Security Guidance, a pair of Adobe bulletins are available today.

December 2018 Adobe Flash Security Update [ADV180031]

Microsoft released updates for Adobe Flash. These correspond with Adobe Update APSB18-42. This includes fixes for CVE-2018-15982 and CVE-2018-15983.

Security Bulletin for Adobe Acrobat and Reader [APSB-41]

Adobe has released security updates for Adobe Acrobat and Reader. This includes fixes for 87 CVEs.