-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
                         AUSCERT Security Bulletin

                              ASB-2018.0075.2
           Security vulnerabilities patched in Microsoft Windows
                               12 April 2018

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:              Microsoft Windows
Operating System:     Windows
Impact/Access:        Execute Arbitrary Code/Commands -- Remote with User Interaction
                      Increased Privileges            -- Existing Account            
                      Denial of Service               -- Remote/Unauthenticated      
                      Read-only Data Access           -- Existing Account            
                      Unauthorised Access             -- Existing Account            
Resolution:           Patch/Upgrade
CVE Names:            CVE-2018-8116 CVE-2018-1016 CVE-2018-1015
                      CVE-2018-1013 CVE-2018-1012 CVE-2018-1010
                      CVE-2018-1009 CVE-2018-1008 CVE-2018-1004
                      CVE-2018-1003 CVE-2018-0976 CVE-2018-0975
                      CVE-2018-0974 CVE-2018-0973 CVE-2018-0972
                      CVE-2018-0971 CVE-2018-0970 CVE-2018-0969
                      CVE-2018-0968 CVE-2018-0967 CVE-2018-0966
                      CVE-2018-0964 CVE-2018-0963 CVE-2018-0960
                      CVE-2018-0957 CVE-2018-0956 CVE-2018-0890
                      CVE-2018-0887 CVE-2016-0143 
Member content until: Friday, May 11 2018
Ã¥
Revision History:     April 12 2018: Microsoft have advised that CVE-2016-0143
                                     affects Windows 10 and includes a fix
                                     in this patch cycle.
                      April 11 2018: Initial Release

OVERVIEW

        Microsoft has released its monthly security patch update for the month of
        April 2018. [1]  This update resolves 28 vulnerabilities across the following
        products:
         Windows 10 Version 1511 for 32-bit Systems
         Windows 10 Version 1511 for x64-based Systems
         Windows 10 Version 1607 for 32-bit Systems
         Windows 10 Version 1607 for x64-based Systems
         Windows 10 Version 1703 for 32-bit Systems
         Windows 10 Version 1703 for x64-based Systems
         Windows 10 Version 1709 for 32-bit Systems
         Windows 10 Version 1709 for 64-based Systems
         Windows 10 for 32-bit Systems
         Windows 10 for x64-based Systems
         Windows 7 for 32-bit Systems Service Pack 1
         Windows 7 for x64-based Systems Service Pack 1
         Windows 8.1 for 32-bit systems
         Windows 8.1 for x64-based systems
         Windows RT 8.1
         Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
         Windows Server 2008 R2 for x64-based Systems Service Pack 1
         Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
         Windows Server 2008 for 32-bit Systems Service Pack 2
         Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
         Windows Server 2008 for Itanium-Based Systems Service Pack 2
         Windows Server 2008 for x64-based Systems Service Pack 2
         Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
         Windows Server 2012
         Windows Server 2012 (Server Core installation)
         Windows Server 2012 R2
         Windows Server 2012 R2 (Server Core installation)
         Windows Server 2016
         Windows Server 2016  (Server Core installation)


IMPACT

        Microsoft has given the following details regarding these vulnerabilities.
        
         Details         Impact                   Severity
         CVE-2018-0887   Information Disclosure   Important
         CVE-2018-0890   Security Feature Bypass  Important
         CVE-2018-0956   Denial of Service        Important
         CVE-2018-0957   Information Disclosure   Important
         CVE-2018-0960   Information Disclosure   Important
         CVE-2018-0963   Elevation of Privilege   Important
         CVE-2018-0964   Information Disclosure   Important
         CVE-2018-0966   Security Feature Bypass  Important
         CVE-2018-0967   Denial of Service        Important
         CVE-2018-0968   Information Disclosure   Important
         CVE-2018-0969   Information Disclosure   Important
         CVE-2018-0970   Information Disclosure   Important
         CVE-2018-0971   Information Disclosure   Important
         CVE-2018-0972   Information Disclosure   Important
         CVE-2018-0973   Information Disclosure   Important
         CVE-2018-0974   Information Disclosure   Important
         CVE-2018-0975   Information Disclosure   Important
         CVE-2018-0976   Denial of Service        Important
         CVE-2018-1003   Remote Code Execution    Important
         CVE-2018-1004   Remote Code Execution    Critical
         CVE-2018-1008   Elevation of Privilege   Important
         CVE-2018-1009   Elevation of Privilege   Important
         CVE-2018-1010   Remote Code Execution    Critical
         CVE-2018-1012   Remote Code Execution    Critical
         CVE-2018-1013   Remote Code Execution    Critical
         CVE-2018-1015   Remote Code Execution    Critical
         CVE-2018-1016   Remote Code Execution    Critical
         CVE-2018-8116   Denial of Service        Moderate
         CVE-2016-0143   Elevation of Privilege   Important


MITIGATION

        Microsoft recommends updating the software with the version made available on
        the Microsoft Update Catalogue for the following Knowledge Base articles. [1]
        
        
         KB4093115, KB4093114, KB4093478, KB4093224, KB4093111
         KB4093107, KB4093112, KB4093227, KB4093223, KB4093108
         KB4093109, KB4093119, KB4093118, KB4093122, KB4093123
         KB4093257, KB4091756


REFERENCES

        [1] Security Update Guide
            https://portal.msrc.microsoft.com/en-us/security-guidance

AusCERT has made every effort to ensure that the information contained
in this document is accurate.  However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours 
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBWs6VMYx+lLeg9Ub1AQh5Ug/+Pz2WTcCPSSMEftp0tgP5ZCX1t2i6NyWT
8VM1WisItE+Ne757tF65jtOGAaIdHC3zPREtoPXNDlIo1Wleu2JI7VNrFe4WP1qA
FrmSULjtHAJ0cnJ8iWcthtonok/6X5KgCEf11ojExSPLDDJ/9zVar8FbxURVAxYu
C03mm7tCMINreXnUWITYpz+114LOxZk+NVWAGVZ0y51llyPr/s+LeaIGuia3TtW6
SJYPW3/jEx5kTZXM0P122pRFGV8lTeX1JmBeyHjyiobTIL0cgz7yWXzu7ewJJKWv
cACXBhCW4oETZnmIlRvypbKXAMZPfWl4qWM5/PtW5KWhYLv65L5FiYRidCJFtL7Z
31T87vH/86XS95yNZMyK4tioGYw0fhFR50Q+1ng7dHjPrN80tNtkNED8Krrmbom9
cF1YqRfK6OQJGfUJgPkL/xrnGQ5kMBbPTxknmfKZMQBUx+7jFD6ppAxpeVNzxoan
WSQ5+Z8IuqXUuE1DoL+Ks+QTAkOWP2Yx4DBkUdzt56LncA+cODXkDLJ/0CdvzPUI
rYep0g/rqgf+Dbgaitd5YzPiR8MEm3ry/IDcPa9hnA0M9pCzKpDeZFM0wZIBA1qN
utUJrE89d8X0VS+h6Ew0bTQcZHgCWAZWT96K9LRdewkgpZCm/IdmN3vpsS/bwH/3
3ix5TlI2pn4=
=CwV0
-----END PGP SIGNATURE-----