【漏洞详情】 严重漏洞(11个):
CVE-2018-8541 - Chakra scripting engine memory corruption vulnerability
CVE-2018-8542 - Chakra scripting engine memory corruption vulnerability
CVE-2018-8543 - Chakra scripting engine memory corruption vulnerability
CVE-2018-8551 - Chakra scripting engine memory corruption vulnerability
CVE-2018-8555 - Chakra scripting engine memory corruption vulnerability
CVE-2018-8556 - Chakra scripting engine memory corruption vulnerability
CVE-2018-8557 - Chakra scripting engine memory corruption vulnerability
CVE-2018-8588 - Chakra scripting engine memory corruption vulnerability
CVE-2018-8476 - Windows Deployment Services TFTP server remote code execution vulnerability
CVE-2018-8553 - Microsoft Graphics Components remote code execution vulnerability
CVE-2018-8544 - VBScript engine remote code execution vulnerability
重要漏洞(40个):
CVE-2018-8256 - PowerShell remote code execution vulnerability
CVE-2018-8574 - Microsoft Excel remote code execution vulnerability
CVE-2018-8577 - Microsoft Excel remote code execution vulnerability
CVE-2018-8582 - Microsoft Outlook remote code execution vulnerability
CVE-2018-8450 - Windows Search remote code execution vulnerability
CVE-2018-8550 - Windows COM Aggregate Marshaler elevation of privilege vulnerability
CVE-2018-8570 - Internet Explorer remote code execution vulnerability
CVE-2018-8408 - Windows kernel information disclosure vulnerability
CVE-2018-8415 - PowerShell tampering vulnerability
CVE-2018-8417 - Microsoft JScript security feature bypass vulnerability
CVE-2018-8471 - Microsoft RemoteFX Virtual GPU miniport driver elevation of privilege vulnerability
CVE-2018-8485 - DirectX elevation of privilege vulnerability
CVE-2018-8522 - Microsoft Outlook remote code execution vulnerability
CVE-2018-8524 - Microsoft Outlook remote code execution vulnerability
CVE-2018-8539 - Microsoft Word remote code execution vulnerability
CVE-2018-8545 - An information disclosure vulnerability exists in the way that Microsoft Edge handles cross-origin requests
CVE-2018-8547 - Microsoft Edge cross-site-scripting (XSS) vulnerability
CVE-2018-8549 - Windows security feature bypass vulnerability
CVE-2018-8552 - Internet Explorer remote code execution vulnerability
CVE-2018-8554 - DirectX elevation of privilege vulnerability
CVE-2018-8558 - Microsoft Outlook information disclosure vulnerability
CVE-2018-8561 - DirectX elevation of privilege vulnerability
CVE-2018-8562 - Windows elevation of privilege vulnerability
CVE-2018-8563 - DirectX information disclosure vulnerability
CVE-2018-8564 - Microsoft Edge spoofing vulnerability
CVE-2018-8565 - win32k information disclosure vulnerability
CVE-2018-8566 - Windows security feature bypass vulnerability
CVE-2018-8567 - Microsoft Edge elevation of privilege vulnerability
CVE-2018-8568 - Microsoft SharePoint elevation of privilege vulnerability
CVE-2018-8572 - Microsoft SharePoint elevation of privilege vulnerability
CVE-2018-8573 - Microsoft Word remote code execution vulnerability
CVE-2018-8575 - Microsoft Project software remote code execution vulnerability
CVE-2018-8576 - Microsoft Outlook remote code execution vulnerability
CVE-2018-8578 - Microsoft SharePoint Server elevation of privilege vulnerability
CVE-2018-8579 - Microsoft Outlook information disclosure vulnerability
CVE-2018-8581 - Microsoft Exchange Server elevation of privilege vulnerability
CVE-2018-8584 - Windows elevation of privilege vulnerability
CVE-2018-8589 - Windows elevation of privilege vulnerability
CVE-2018-8592 - Windows 10 version 1809 elevation of privilege vulnerability
CVE-2018-8407 - "Kernel Remote Procedure Call Provider" driver information disclosure vulnerability
【风险等级】 高风险
【漏洞风险】
代码执行、权限提升、安全绕过以及信息泄露;
【影响版本】
目前已知受影响产品如下:
Microsoft Edge
Internet Explorer
Chakra Scripting Engine
Microsoft Office
Windows Kernel
收藏